The Best Damn Firewall Book Period book cover

The Best Damn Firewall Book Period

This book is essential reading for anyone wanting to protect Internet-connected computers from unauthorized access. Coverage includes TCP/IP, setting up firewalls, testing and maintaining firewalls, and much more. All of the major important firewall products are covered including Microsoft Internet Security and Acceleration Server (ISA), ISS BlackICE, Symantec Firewall, Check Point NG, and PIX Firewall. Firewall configuration strategies and techniques are covered in depth.The book answers questions about firewalls, from How do I make Web/HTTP work through my firewall? To What is a DMZ, and why do I want one? And What are some common attacks, and how can I protect my system against them?The Internet's explosive growth over the last decade has forced IT professionals to work even harder to secure the private networks connected to it—from erecting firewalls that keep out malicious intruders to building virtual private networks (VPNs) that permit protected, fully encrypted communications over the Internet's vulnerable public infrastructure.The Best Damn Firewalls Book Period covers the most popular Firewall products, from Cisco's PIX Firewall to Microsoft's ISA Server to CheckPoint NG, and all the components of an effective firewall set up. Anything needed to protect the perimeter of a network can be found in this book.

Audience
Engineers and administrators, who: 1) Protect their network and storage data from theft and/or corruption. 2.) Ensure both Web-based and internal application and data availability to customers, business partners, and employees. 3.) Optimize network hardware, software, storage, and bandwidth resources

,

Published: October 2003

Imprint: Syngress

ISBN: 978-1-931836-90-6

Contents


  • Foreword

    Part I Introduction to Network Security & Firewalls

    Chapter 1 Introduction to Information Security

    Introduction

    Insecurity and the Internet

    Threats and Attacks

    Security Policies

    Creating a Security Policy

    Protecting Information Technology

    Using SSL and Secure Shell

    Other Hardware Security Devices

    Summary

    Chapter 2 Firewall Concepts

    Introduction

    Defining a Firewall

    Networking and Firewalls

    Popular Firewalls

    Summary

    Chapter 3 DMZ Concepts, Layout, and Conceptual Design

    Introduction

    DMZ Basics

    DMZ Design Fundamentals

    Advanced Risks

    Advanced Design Strategies

    Summary

    Chapter 4 Introduction to Intrusion Detection Systems

    Introduction

    What is Intrusion Detection?

    What is an Intrusion?

    Why Are Intrusion Detection Systems Important?

    Summary

    Part II Solaris & Linux Firewalls

    Chapter 5 Implementing a Firewall with Ipchains and Iptables

    Introduction

    Understanding the Need for a Firewall

    Deploying IP Forwarding and Masquerading

    Configuring Your Firewall to Filter Network Packets

    Understanding Tables and Chains in a Linux Firewall

    Logging Packets at the Firewall

    Configuring a Firewall

    Counting Bandwidth Usage

    Using and Obtaining Automated Firewall Scripts and Graphical Firewall Utilities

    Summary

    Chapter 6 Maintaining Open Source Firewalls

    Introduction

    Testing Firewalls

    Using Telnet, Ipchains, Netcat, and SendIP to Probe Your Firewall

    Understanding Firewall Logging, Blocking, and Alert Options

    Obtaining Additional Firewall Logging Tools

    Summary

    Chapter 7 Configuring Solaris as a Secure Router and Firewall

    Introduction

    Configuring Solaris as a Secure Router

    Routing IP Version 6

    IP Version 6 Hosts

    Configuring Solaris as a Secure Gateway

    Configuring Solaris as a Firewall

    Summary

    Part III PIX Firewalls

    Chapter 8 Introduction to PIX Firewalls

    Introduction

    PIX Firewall Features

    PIX Hardware

    Software Licensing and Upgrades

    The Command-Line Interface

    Summary

    Chapter 9 Passing Traffic

    Introduction

    Allowing Outbound Traffic

    Allowing Inbound Traffic

    TurboACLs

    Object Grouping

    Case Study

    Summary

    Chapter 10 Advanced PIX Configurations

    Introduction

    Handling Advanced Protocols

    Filtering Web Traffic

    DHCP Functionality

    Other Advanced Features

    Summary

    Chapter 11 Troubleshooting and Performance Monitoring

    Introduction

    Troubleshooting Hardware and Cabling

    Troubleshooting Connectivity

    Troubleshooting IPsec

    Capturing Traffic

    Monitoring and Troubleshooting Performance

    Summary

    Part IV Check Point NG and Nokia IP Series Appliances

    Chapter 12 Installing and Configuring VPN-1/FireWall-1 Next Generation

    Introduction

    Before You Begin

    Installing Check Point VPN-1/FireWall-1 NG on Windows

    Uninstalling Check Point VPN-1/FireWall-1 NG on Windows

    Installing Check Point VPN-1/FireWall-1 NG on Solaris

    Uninstalling Check Point VPN-1/FireWall-1 NG on Solaris

    Installing Check Point VPN-1/FireWall-1 NG on Nokia

    Summary

    Chapter 13 Using the Graphical Interface

    Introduction

    Managing Objects

    Adding Rules

    Global Properties

    SecureUpdate

    Log Viewer

    System Status

    Summary

    Chapter 14 Creating a Security Policy

    Introduction

    Reasons for a Security Policy

    How to Write a Security Policy

    Implementing a Security Policy

    Installing a Security Policy

    Policy Files

    Summary

    Chapter 15 Advanced Configurations

    Introduction

    Check Point High Availability (CPHA)

    Single Entry Point VPN Configurations (SEP)

    Multiple Entry Point VPN Configurations (MEP)

    Other High Availability Methods

    Summary

    Chapter 16 Configuring Virtual Private Networks

    Introduction

    Encryption Schemes

    Configuring an FWZ VPN

    Configuring an IKE VPN

    Configuring a SecuRemote VPN

    Installing SecuRemote Client Software

    Using SecuRemote Client Software

    Summary

    Chapter 17 Overview of the Nokia Security Platform

    Introduction

    Introducing the Nokia IP Series Appliances

    Administration Made Easy

    Summary

    Chapter 18 Configuring the Check Point Firewall

    Introduction

    Preparing for the Configuration

    Configuring the Firewall

    Testing the Configuration

    Upgrading the Firewall

    Summary

    Chapter 19 Introducing the Voyager Web Interface

    Introduction

    Basic System Configuration, Out of the Box

    Summary

    Chapter 20 Basic System Administration

    Introduction

    Rebooting the System

    Managing Packages

    Managing IPSO Images

    Managing Users and Groups

    Configuring Static Routes

    System Backup and Restore

    System Logging

    Scheduling Tasks Using cron

    Summary

    Chapter 21 High Availability and Clustering

    Introduction

    Designing Your Cluster

    Installing FireWall-1 NG FP3

    Check Point ClusterXL

    Nokia IPSO Clustering

    Nokia Configuration

    Nokia IPSO VRRP Clusters

    Clustering and HA Performance Tuning

    Summary

    Part V ISA Server

    Chapter 22 ISA Server Deployment Planning and Design

    Introduction

    ISA Deployment: Planning and Designing Issues

    Active Directory Implementation

    Mission-Critical Considerations

    Planning the Appropriate Installation Mode

    Summary

    Chapter 23 ISA Server Installation

    Introduction

    Putting Together Your Flight Plan

    Performing the Installation

    Migrating from Microsoft Proxy Server 2.0

    Summary

    Chapter 24 Managing ISA Server

    Introduction

    Understanding Integrated Administration

    Performing Common Management Tasks

    Using Monitoring, Alerting, Logging, and Reporting Functions

    Understanding Remote Administration

    Summary

    Chapter 25 Optimizing, Customizing, Integrating, and Backing up ISA Server

    Introduction

    Optimizing ISA Server Performance

    Customizing ISA Server

    Integrating ISA Server with Other Services

    Backing Up and Restoring the ISA Configuration

    Summary

    Chapter 26 Troubleshooting ISA Server

    Introduction

    Troubleshooting Guidelines

    Troubleshooting ISA Server Installation and Configuration Problems

    Troubleshooting Authentication and Access Problems

    Troubleshooting ISA Client Problems

    Troubleshooting Caching and Publishing Problems

    Summary

    Chapter 27 Advanced Server Publishing with ISA Server

    Introduction

    Disabling Socket Pooling

    Server Publishing

    Web Publishing

    Summary

    Chapter 28 Protecting Mail Services with ISA Server

    Introduction

    Configuring Mail Services on the ISA Server

    Configuring Mail Services on the Internal Network

    GFI's Mail Security and Mail Essentials for SMTP Servers

    Summary

    Part VI Intrusion Detection

    Chapter 29 Introducing Snort

    Introduction

    What is Snort?

    Snort System Requirements

    Exploring Snort's Features

    Using Snort on Your Network

    Security Considerations with Snort

    Summary

    Chapter 30 Installing Snort

    Introduction

    A Brief Word about Linux Distributions

    Installing PCAP

    Installing Snort

    Summary

    Chapter 31 Combining Firewalls and IDS

    Introduction

    Policy-Based IDS

    Inline IDS

    IDS Functionality on the PIX Firewall

    Summary

    Index




Advertisement

advert image