Designing and Building Enterprise DMZs
- Hal Flynn, Vulnerability Analyst for Symantec Corporation
This is the only book available on building network DMZs, which are the cornerstone of any good enterprise security configuration. It covers market-leading products from Microsoft, Cisco, and Check Point.One of the most complicated areas of network technology is designing, planning, implementing, and constantly maintaining a demilitarized zone (DMZ) segment. This book is divided into four logical parts. First the reader will learn the concepts and major design principles of all DMZs. Next the reader will learn how to configure the actual hardware that makes up DMZs for both newly constructed and existing networks. Next, the reader will learn how to securely populate the DMZs with systems and services. The last part of the book deals with troubleshooting, maintaining, testing, and implementing security on the DMZ.
Designing and Building Enterprise DMZs: This audience is comprised of engineers and administrators, who: 1. Protect their network and storage data from theft and/or corruption. 2. Ensure both Web-based and internal application and data availability to customers, business partners, and employees. 3. Optimize network hardware, software, storage, and bandwidth resources. They accomplish these tasks by installing, configuring, troubleshooting, and maintaining a combination of commercial and open source firewalls/VPNs, security appliances, Intrusion Detection Systems (IDSs), packet analyzers (Sniffers), and AntiVirus applications. This audience is task oriented and focused on executing IT objectives mandated by their ever-changing business needs.