Managing Cisco Network Security. Edition No. 2

  • ID: 1767628
  • Book
  • 752 Pages
  • Elsevier Science and Technology
1 of 4

An in-depth knowledge of how to configure Cisco IP network security is a MUST for anyone working in today's internetworked world
"There's no question that attacks on enterprise networks are increasing in frequency and sophistication..."-Mike Fuhrman, Cisco Systems Manager, Security Consulting
Managing Cisco Network Security, Second Edition offers updated and revised information covering many of Cisco's security products that provide protection from threats, detection of network security incidents, measurement of vulnerability and policy compliance and management of security policy across an extended organization. These are the tools that network administrators have to mount defenses against threats. Chapters also cover the improved functionality and ease of the Cisco Secure Policy Manger software used by thousands of small-to-midsized businesses and a special section on the Cisco Aironet Wireless Security Solutions.

Security from a real-world perspective
Key coverage of the new technologies offered by the Cisco including: 500 series of Cisco PIX Firewall, Cisco Intrusion Detection System, and the Cisco Secure Scanner
Revised edition of a text popular with CCIP (Cisco Certified Internetwork Professional) students
Expanded to include separate chapters on each of the security products offered by Cisco Systems

Please Note: This is an On Demand product, delivery may take up to 11 working days after payment has been received.

Note: Product cover images may vary from those shown
2 of 4
Foreword

Chapter 1 Introduction to IP Network Security


Introduction


What Role Does Security Play in a Network?


Goals


Philosophy


What if I Don't Deploy Security?


The Fundamentals of Networking


Where Does Security Fit in?


Network Access Layer Security


Internetwork Layer Security


Host-to-Host Layer Security?


Process Application Layer Security


Authentication


OSI Model


How the OSI Model Works


Composition of a Data Packet


Security in TCP/IP


Cisco IP Security Hardware and Software


The Cisco Secure PIX Firewall


Cisco Secure Integrated Software


Cisco Secure Integrated VPN Software


The Cisco Secure VPN Client


Cisco Secure Access Control Server


Cisco Secure Scanner


Cisco Secure Intrusion Detection System


Cisco Secure Policy Manager


Cisco Secure Consulting Services


Summary


Solutions Fast Track


Frequently Asked Questions


Chapter 2 What are We Trying to Prevent?


Introduction


What Threats Face Your Network?


Loss of Confidentiality


Loss of Integrity


Loss of Availability


Sources of Threats


Malicious Mobile Code


Trojan Horses


Viruses


Worms


Current Malicious Code Threats


Current Malicious Code Impacts


Denial of Service


The Smurf Attack


The SYN Flood Attack


Distributed Denial of Service (DDoS) Attacks


Detecting Breaches


Initial Detection


are Forensics Important?


What are the Key Steps after a Breach


is Detected?


Preventing Attacks


Reducing Vulnerabilities


Providing a Simple Security Network Architecture


Developing a Culture of Security


Developing a Security Policy


Summary


Solutions Fast Track


Frequently Asked Questions


Chapter 3 Cisco PIX Firewall


Introduction


Overview of the Security Features


Differences between PIX OS Version 4.x and Version 5.x


Differences between PIX OS Version 6.0 and Version 5.x


Initial Configuration


Installing the PIX Software


The Command-Line Interface


IP Configuration


Configuring NAT and PAT


Permit Traffic Through


Security Policy Configuration


Security Strategies


Identify the Security Services to Implement


Implementing the Network Security Policy


Confidentiality Configuration in PIX


PIX Configuration Examples


Protecting a Private Network


Protecting a Network Connected to the Internet


Protecting Server Access Using Authentication


Protecting Public Servers Connected to the Internet


Securing and Maintaining the PIX


System Journaling


Securing the PIX


Summary


Solutions Fast Track


Frequently Asked Questions


Chapter 4 Traffic Filtering in the Cisco Internetwork Operating System


Introduction


Access Lists


Access List Operation


Types of Access Lists


Standard IP Access Lists


Extended IP Access Lists


Named Access Lists


Editing Access Lists


Problems with Access Lists


Lock-and-key Access Lists


Reflexive Access Lists


Building Reflexive Access Lists


Applying Reflexive Access Lists


Context-based Access Control


The Context-based Access Control Process


Configuring Context-based Access Control


Inspection Rules


Applying the Inspection Rule


Configuring Port to Application Mapping


Configuring PAM


Protecting a Private Network


Protecting a Network Connected to the Internet


Protecting Server Access Using Lock-and-key


Protecting Public Servers Connected to the Internet


Summary


Solutions Fast Track


Frequently Asked Questions


Chapter 5 Network Address Translation/Port Address Translation


Introduction


NAT Overview


Address Realm


RFC 1918 Private Addressing


NAT


Transparent Address Assignment


Transparent Routing


Public, Global, and External Networks


Private and Local Networks


Application Level Gateways


NAT Architectures


Traditional NAT or Outbound NAT


Port Address Translation


Static NAT


Twice NAT


Guidelines for Deploying NAT and PAT


IOS NAT Support for IP Telephony


H.323 v2 Support


CallManager Support


Session Initiation Protocol


Configuring NAT on Cisco IOS


Configuration Commands


Verification Commands


Configuring NAT between a Private Network and the Internet


Configuring NAT in a Network with DMZ


Considerations on NAT and PAT


IP Address Information in Data


Bundled Session Applications


Summary


Solutions Fast Track


Frequently Asked Questions


Chapter 6 Cryptography


Introduction


Understanding Cryptography Concepts


History


Encryption Key Types


Learning about Standard Cryptographic Algorithms


Understanding Symmetric Algorithms


Understanding Asymmetric Algorithms


Understanding Brute Force


Brute Force Basics


Using Brute Force to Obtain Passwords


Knowing When Real Algorithms are Being Used Improperly


Bad Key Exchanges


Hashing Pieces Separately


Using a Short Password to Generate a Long Key


Improperly Stored Private or Secret Keys


Understanding Amateur Cryptography Attempts


Classifying the Ciphertext


Monoalphabetic Ciphers


Other Ways to Hide Information


Summary


Solutions Fast Track


Frequently Asked Questions


Chapter 7 Cisco LocalDirector and DistributedDirector


Introduction


Improving Security Using Cisco LocalDirector


LocalDirector Technology Overview


LocalDirector Product Overview


LocalDirector Security Features


Filtering of Access Traffic


Using synguard to Protect against SYN Flood Attacks


Using NAT to Hide Real Addresses


Restricting Who is Authorized to Have Telnet Access to LocalDirector


Password Protection


Syslog Logging


Securing Geographically Dispersed Server Farms Using Cisco DistributedDirector


DistributedDirector Technology Overview


DistributedDirector Product Overview


DistributedDirector Security Features


Limiting the Source of DRP Queries


Authentication between DistributedDirector and DRP Agents


Password Protection


Syslog Logging


Summary


Solutions Fast Track


Frequently Asked Questions


Chapter 8 Virtual Private Networks and Remote Access


Introduction


Overview of the Different VPN Technologies


The Peer Model


The Overlay Model


Link Layer VPNs


Network Layer VPNs


Transport and Application Layer VPNs


Intranet VPNs


Extranet VPNs


Access VPNs


Layer 2 Transport Protocol


Configuring Cisco L2TP


IPSec


IPSec Architecture


IPSec and Cisco Encryption Technology


Configuring Cisco IPSec


Connecting IPSec Clients to Cisco IPSec


Summary


Solutions Fast Track


Frequently Asked Questions


Chapter 9 Cisco Authentication, Authorization, and Accounting Mechanisms


Introduction


Cisco AAA Overview


AAA Authentication


AAA Authorization


AAA Accounting


AAA Benefits


Cisco AAA Mechanisms


Supported AAA Security Protocols


Configuring AAA Authentication


Authorization


Accounting


Typical RAS Configuration Using AAA


Typical Firewall Configuration Using AAA


Authentication Proxy


How the Authentication Proxy Works


Comparison with the Lock-and-key Feature


Benefits of Authentication Proxy


Restrictions of Authentication Proxy


Configuring Authentication Proxy


Summary


Solutions Fast Track


Frequently Asked Questions


Chapter 10 Cisco Content Services Switch


Introduction


Overview of Cisco Content Services Switch


Cisco Content Services Switch Technology Overview


Cisco Content Services Switch Product Information


Security Features of Cisco Content Services Switch


FlowWall Security?


Using Network Address Translation to Hide Real Addresses


Firewall Load Balancing


Password Protection


Disabling Telnet Access


Syslog Logging


Known Security Vulnerabilities


Summary


Solutions Fast Track


Frequently Asked Questions


Chapter 11 Cisco Secure Scanner


Introduction


Minimum System Specifications for Secure Scanner


Searching the Network for Vulnerabilities


Identifying Network Addresses


Identifying Vulnerabilities


Scheduling the Session


Viewing the Results


Changing Axis Views


Drilling into Data


Pivoting Data


Zooming In and Out


Creating Charts


Saving Grid Views and Charts


Reports and Wizards


Keeping the System Up-to-Date


Summary


Solutions Fast Track


Frequently Asked Questions


Chapter 12 Cisco Secure Policy Manager


Introduction


Overview of the Cisco Secure Policy Manager


The Benefits of Using Cisco Secure Policy Manager


Installation Requirements for the Cisco Secure Policy Manager


Features of the Cisco Secure Policy Manager


Cisco Firewall Management


VPN and IPSec Security Management


Security Policy Management


Network Security Deployment Options


Cisco Secure Policy Manager Device and Software Support


Using the Cisco Secure Policy Manager


Configuration


Summary


Solutions Fast Track


Frequently Asked Questions


Chapter 13 Intrusion Detection


Introduction


What is Intrusion Detection?


Types of IDSs


IDS Architecture


Why Should You Have an IDS?


Benefits of an IDS in a Network


Deploying an IDS in a Network


Difficulties in Deploying an IDS


IDS Tuning


Tuning


Network Attacks and Intrusions


Poor Network Perimeter/Device Security


Poor Physical Security


Application and Operating Software Weaknesses


Human Failure


Weaknesses in the IP Suite of Protocols


The Cisco Secure Network Intrusion Detection System


What is the Cisco Secure Network Intrusion Detection System?


Before You Install


Director and Probe Setup


General Operation


nrConfigure


The Data Management Package


Cisco IOS Intrusion Detection Systems


Summary


Solutions Fast Track


Frequently Asked Questions


Chapter 14 Network Security Management


Introduction


PIX Device Manager


PIX Device Manager Overview


Supported PIX Firewall Versions


Using PIX Device Manager


Configuration Examples


CiscoWorks2000 Access Control List Manager


ACL Manager Overview


Installation Requirements for ACL Manager


ACL Manager Features


The Basic Operation of ACL Manager


Using ACL Manager


Configuration Example: Creating ACLs with ACLM


Cisco Secure Policy Manager


Cisco Secure Access Control Server


Overview of the Cisco Secure Access Control Server


Benefits of the Cisco Secure Access Control Server


Features of Cisco Secure ACS


Cisco Secure ACS Device and Software Support


Using Cisco Secure ACS


Configuration Example: Adding and Configuring a AAA Client


Summary


Solutions Fast Track


Frequently Asked Questions


Chapter 15 Looking Ahead: Cisco Wireless Security


Introduction


Understanding Security Fundamentals and Principles of Protection


Ensuring Confidentiality


Ensuring Integrity


Ensuring Availability


Ensuring Privacy


Ensuring Authentication


Benefits of the Cisco Secure Access


Features of Cisco Secure ACS


Cisco Secure ACS Device and Software Support


Using Cisco Secure ACS


Configuration Example: Adding and Configuring a AAA Client


Summary


Solutions Fast Track


Frequently Asked Questions


Chapter 15 Looking Ahead: Cisco Wireless Security


Introduction


Understanding Security Fundamentals and Principles of Protection


Ensuring Confidentiality


Ensuring Integrity


Ensuring Availability


Ensuring Privacy


Ensuring Authentication


Ensuring Authorization


MAC Filtering


What is a MAC Address?


Where in the Authentication/Association Process Does MAC Filtering Occur?


Determining MAC Filtering is Enabled


MAC Spoofing


Ensuring Non-Repudiation


Accounting and Audit Trails


Using Encryption


Reviewing the Role of Policy


Identifying Resources


Understanding Classification Criteria


Implementing Policy


Addressing the Issues with Policy


Implementing WEP


Defining WEP


Creating Privacy with WEP


The WEP Authentication Process


WEP Benefits and Advantages


WEP Disadvantages


Implementing WEP on the Cisco


Aironet AP 340


Exploiting WEP


Security of 64-Bit versus 128-Bit Keys


Acquiring a WEP Key


Addressing Common Risks and Threats


Finding a Target


Finding Weaknesses in a Target


Exploiting Those Weaknesses


Sniffing, Interception, and Eavesdropping


Defining Sniffing


Sample Sniffing Tool


Sniffing Case Scenario


Protecting against Sniffing and Eavesdropping


Spoofing and Unauthorized Access


Defining Spoofing


Sample Spoofing Tools


Protecting against Spoofing and Unauthorized Attacks


Network Hijacking and Modification


Defining Hijacking


Sample Hijacking Tools


Hijacking Case Scenario


Protection against Network Hijacking and Modification


Denial of Service and Flooding Attacks


Defining DoS and Flooding


Sample DoS Tools


DoS and Flooding Case Scenario


Protecting against DoS and Flooding Attacks


Summary


Solutions Fast Track


Frequently Asked Questions


Index


Note: Product cover images may vary from those shown
3 of 4

Loading
LOADING...

4 of 4
Syngress
Note: Product cover images may vary from those shown
5 of 4
Note: Product cover images may vary from those shown
Adroll
adroll