Managing Cisco Network Security

Managing Cisco Network Security

2nd Edition - May 29, 2002

Write a review

  • Author: Syngress
  • eBook ISBN: 9780080479057

Purchase options

Purchase options
DRM-free (PDF, EPub, Mobi)
Sales tax will be calculated at check-out

Institutional Subscription

Free Global Shipping
No minimum order

Description

An in-depth knowledge of how to configure Cisco IP network security is a MUST for anyone working in today's internetworked world "There's no question that attacks on enterprise networks are increasing in frequency and sophistication..." -Mike Fuhrman, Cisco Systems Manager, Security Consulting Managing Cisco Network Security, Second Edition offers updated and revised information covering many of Cisco's security products that provide protection from threats, detection of network security incidents, measurement of vulnerability and policy compliance and management of security policy across an extended organization. These are the tools that network administrators have to mount defenses against threats. Chapters also cover the improved functionality and ease of the Cisco Secure Policy Manger software used by thousands of small-to-midsized businesses and a special section on the Cisco Aironet Wireless Security Solutions.

Key Features

  • Security from a real-world perspective
  • Key coverage of the new technologies offered by the Cisco including: 500 series of Cisco PIX Firewall, Cisco
  • Intrusion Detection System, and the Cisco Secure Scanner
  • Revised edition of a text popular with CCIP (Cisco Certified Internetwork Professional) students
  • Expanded to include separate chapters on each of the security products offered by Cisco Systems

Table of Contents

  • Chapter 1 Introduction to IP Network Security

    Introduction

    What Role Does Security Play in a Network?

    Goals

    Philosophy

    What if I Don’t Deploy Security?

    The Fundamentals of Networking

    Where Does Security Fit in?

    Network Access Layer Security

    Internetwork Layer Security

    Host-to-Host Layer Security?

    Process Application Layer Security

    Authentication

    OSI Model

    How the OSI Model Works

    Composition of a Data Packet

    Security in TCP/IP

    Cisco IP Security Hardware and Software

    The Cisco Secure PIX Firewall

    Cisco Secure Integrated Software

    Cisco Secure Integrated VPN Software

    The Cisco Secure VPN Client

    Cisco Secure Access Control Server

    Cisco Secure Scanner

    Cisco Secure Intrusion Detection System

    Cisco Secure Policy Manager

    Cisco Secure Consulting Services

    Summary

    Solutions Fast Track

    Frequently Asked Questions

    Chapter 2 What are We Trying to Prevent?

    Introduction

    What Threats Face Your Network?

    Loss of Confidentiality

    Loss of Integrity

    Loss of Availability

    Sources of Threats

    Malicious Mobile Code

    Trojan Horses

    Viruses

    Worms

    Current Malicious Code Threats

    Current Malicious Code Impacts

    Denial of Service

    The Smurf Attack

    The SYN Flood Attack

    Distributed Denial of Service (DDoS) Attacks

    Detecting Breaches

    Initial Detection

    are Forensics Important?

    What are the Key Steps after a Breach

    is Detected?

    Preventing Attacks

    Reducing Vulnerabilities

    Providing a Simple Security Network Architecture

    Developing a Culture of Security

    Developing a Security Policy

    Summary

    Solutions Fast Track

    Frequently Asked Questions

    Chapter 3 Cisco PIX Firewall

    Introduction

    Overview of the Security Features

    Differences between PIX OS Version 4.x and Version 5.x

    Differences between PIX OS Version 6.0 and Version 5.x

    Initial Configuration

    Installing the PIX Software

    The Command-Line Interface

    IP Configuration

    Configuring NAT and PAT

    Permit Traffic Through

    Security Policy Configuration

    Security Strategies

    Identify the Security Services to Implement

    Implementing the Network Security Policy

    Confidentiality Configuration in PIX

    PIX Configuration Examples

    Protecting a Private Network

    Protecting a Network Connected to the Internet

    Protecting Server Access Using Authentication

    Protecting Public Servers Connected to the Internet

    Securing and Maintaining the PIX

    System Journaling

    Securing the PIX

    Summary

    Solutions Fast Track

    Frequently Asked Questions

    Chapter 4 Traffic Filtering in the Cisco Internetwork Operating System

    Introduction

    Access Lists

    Access List Operation

    Types of Access Lists

    Standard IP Access Lists

    Extended IP Access Lists

    Named Access Lists

    Editing Access Lists

    Problems with Access Lists

    Lock-and-key Access Lists

    Reflexive Access Lists

    Building Reflexive Access Lists

    Applying Reflexive Access Lists

    Context-based Access Control

    The Context-based Access Control Process

    Configuring Context-based Access Control

    Inspection Rules

    Applying the Inspection Rule

    Configuring Port to Application Mapping

    Configuring PAM

    Protecting a Private Network

    Protecting a Network Connected to the Internet

    Protecting Server Access Using Lock-and-key

    Protecting Public Servers Connected to the Internet

    Summary

    Solutions Fast Track

    Frequently Asked Questions

    Chapter 5 Network Address Translation/Port Address Translation

    Introduction

    NAT Overview

    Address Realm

    RFC 1918 Private Addressing

    NAT

    Transparent Address Assignment

    Transparent Routing

    Public, Global, and External Networks

    Private and Local Networks

    Application Level Gateways

    NAT Architectures

    Traditional NAT or Outbound NAT

    Port Address Translation

    Static NAT

    Twice NAT

    Guidelines for Deploying NAT and PAT

    IOS NAT Support for IP Telephony

    H.323 v2 Support

    CallManager Support

    Session Initiation Protocol

    Configuring NAT on Cisco IOS

    Configuration Commands

    Verification Commands

    Configuring NAT between a Private Network and the Internet

    Configuring NAT in a Network with DMZ

    Considerations on NAT and PAT

    IP Address Information in Data

    Bundled Session Applications

    Summary

    Solutions Fast Track

    Frequently Asked Questions

    Chapter 6 Cryptography

    Introduction

    Understanding Cryptography Concepts

    History

    Encryption Key Types

    Learning about Standard Cryptographic Algorithms

    Understanding Symmetric Algorithms

    Understanding Asymmetric Algorithms

    Understanding Brute Force

    Brute Force Basics

    Using Brute Force to Obtain Passwords

    Knowing When Real Algorithms are Being Used Improperly

    Bad Key Exchanges

    Hashing Pieces Separately

    Using a Short Password to Generate a Long Key

    Improperly Stored Private or Secret Keys

    Understanding Amateur Cryptography Attempts

    Classifying the Ciphertext

    Monoalphabetic Ciphers

    Other Ways to Hide Information

    Summary

    Solutions Fast Track

    Frequently Asked Questions

    Chapter 7 Cisco LocalDirector and DistributedDirector

    Introduction

    Improving Security Using Cisco LocalDirector

    LocalDirector Technology Overview

    LocalDirector Product Overview

    LocalDirector Security Features

    Filtering of Access Traffic

    Using synguard to Protect against SYN Flood Attacks

    Using NAT to Hide Real Addresses

    Restricting Who is Authorized to Have Telnet Access to LocalDirector

    Password Protection

    Syslog Logging

    Securing Geographically Dispersed Server Farms Using Cisco DistributedDirector

    DistributedDirector Technology Overview

    DistributedDirector Product Overview

    DistributedDirector Security Features

    Limiting the Source of DRP Queries

    Authentication between DistributedDirector and DRP Agents

    Password Protection

    Syslog Logging

    Summary

    Solutions Fast Track

    Frequently Asked Questions

    Chapter 8 Virtual Private Networks and Remote Access

    Introduction

    Overview of the Different VPN Technologies

    The Peer Model

    The Overlay Model

    Link Layer VPNs

    Network Layer VPNs

    Transport and Application Layer VPNs

    Intranet VPNs

    Extranet VPNs

    Access VPNs

    Layer 2 Transport Protocol

    Configuring Cisco L2TP

    IPSec

    IPSec Architecture

    IPSec and Cisco Encryption Technology

    Configuring Cisco IPSec

    Connecting IPSec Clients to Cisco IPSec

    Summary

    Solutions Fast Track

    Frequently Asked Questions

    Chapter 9 Cisco Authentication, Authorization, and Accounting Mechanisms

    Introduction

    Cisco AAA Overview

    AAA Authentication

    AAA Authorization

    AAA Accounting

    AAA Benefits

    Cisco AAA Mechanisms

    Supported AAA Security Protocols

    Configuring AAA Authentication

    Authorization

    Accounting

    Typical RAS Configuration Using AAA

    Typical Firewall Configuration Using AAA

    Authentication Proxy

    How the Authentication Proxy Works

    Comparison with the Lock-and-key Feature

    Benefits of Authentication Proxy

    Restrictions of Authentication Proxy

    Configuring Authentication Proxy

    Summary

    Solutions Fast Track

    Frequently Asked Questions

    Chapter 10 Cisco Content Services Switch

    Introduction

    Overview of Cisco Content Services Switch

    Cisco Content Services Switch Technology Overview

    Cisco Content Services Switch Product Information

    Security Features of Cisco Content Services Switch

    FlowWall Security?

    Using Network Address Translation to Hide Real Addresses

    Firewall Load Balancing

    Password Protection

    Disabling Telnet Access

    Syslog Logging

    Known Security Vulnerabilities

    Summary

    Solutions Fast Track

    Frequently Asked Questions

    Chapter 11 Cisco Secure Scanner

    Introduction

    Minimum System Specifications for Secure Scanner

    Searching the Network for Vulnerabilities

    Identifying Network Addresses

    Identifying Vulnerabilities

    Scheduling the Session

    Viewing the Results

    Changing Axis Views

    Drilling into Data

    Pivoting Data

    Zooming In and Out

    Creating Charts

    Saving Grid Views and Charts

    Reports and Wizards

    Keeping the System Up-to-Date

    Summary

    Solutions Fast Track

    Frequently Asked Questions

    Chapter 12 Cisco Secure Policy Manager

    Introduction

    Overview of the Cisco Secure Policy Manager

    The Benefits of Using Cisco Secure Policy Manager

    Installation Requirements for the Cisco Secure Policy Manager

    Features of the Cisco Secure Policy Manager

    Cisco Firewall Management

    VPN and IPSec Security Management

    Security Policy Management

    Network Security Deployment Options

    Cisco Secure Policy Manager Device and Software Support

    Using the Cisco Secure Policy Manager

    Configuration

    Summary

    Solutions Fast Track

    Frequently Asked Questions

    Chapter 13 Intrusion Detection

    Introduction

    What is Intrusion Detection?

    Types of IDSs

    IDS Architecture

    Why Should You Have an IDS?

    Benefits of an IDS in a Network

    Deploying an IDS in a Network

    Difficulties in Deploying an IDS

    IDS Tuning

    Tuning

    Network Attacks and Intrusions

    Poor Network Perimeter/Device Security

    Poor Physical Security

    Application and Operating Software Weaknesses

    Human Failure

    Weaknesses in the IP Suite of Protocols

    The Cisco Secure Network Intrusion Detection System

    What is the Cisco Secure Network Intrusion Detection System?

    Before You Install

    Director and Probe Setup

    General Operation

    nrConfigure

    The Data Management Package

    Cisco IOS Intrusion Detection Systems

    Summary

    Solutions Fast Track

    Frequently Asked Questions

    Chapter 14 Network Security Management

    Introduction

    PIX Device Manager

    PIX Device Manager Overview

    Supported PIX Firewall Versions

    Using PIX Device Manager

    Configuration Examples

    CiscoWorks2000 Access Control List Manager

    ACL Manager Overview

    Installation Requirements for ACL Manager

    ACL Manager Features

    The Basic Operation of ACL Manager

    Using ACL Manager

    Configuration Example: Creating ACLs with ACLM

    Cisco Secure Policy Manager

    Cisco Secure Access Control Server

    Overview of the Cisco Secure Access Control Server

    Benefits of the Cisco Secure Access Control Server

    Features of Cisco Secure ACS

    Cisco Secure ACS Device and Software Support

    Using Cisco Secure ACS

    Configuration Example: Adding and Configuring a AAA Client

    Summary

    Solutions Fast Track

    Frequently Asked Questions

    Chapter 15 Looking Ahead: Cisco Wireless Security

    Introduction

    Understanding Security Fundamentals and Principles of Protection

    Ensuring Confidentiality

    Ensuring Integrity

    Ensuring Availability

    Ensuring Privacy

    Ensuring Authentication

    Benefits of the Cisco Secure Access

    Features of Cisco Secure ACS

    Cisco Secure ACS Device and Software Support

    Using Cisco Secure ACS

    Configuration Example: Adding and Configuring a AAA Client

    Summary

    Solutions Fast Track

    Frequently Asked Questions

    Chapter 15 Looking Ahead: Cisco Wireless Security

    Introduction

    Understanding Security Fundamentals and Principles of Protection

    Ensuring Confidentiality

    Ensuring Integrity

    Ensuring Availability

    Ensuring Privacy

    Ensuring Authentication

    Ensuring Authorization

    MAC Filtering

    What is a MAC Address?

    Where in the Authentication/Association Process Does MAC Filtering Occur?

    Determining MAC Filtering is Enabled

    MAC Spoofing

    Ensuring Non-Repudiation

    Accounting and Audit Trails

    Using Encryption

    Reviewing the Role of Policy

    Identifying Resources

    Understanding Classification Criteria

    Implementing Policy

    Addressing the Issues with Policy

    Implementing WEP

    Defining WEP

    Creating Privacy with WEP

    The WEP Authentication Process

    WEP Benefits and Advantages

    WEP Disadvantages

    Implementing WEP on the Cisco

    Aironet AP 340

    Exploiting WEP

    Security of 64-Bit versus 128-Bit Keys

    Acquiring a WEP Key

    Addressing Common Risks and Threats

    Finding a Target

    Finding Weaknesses in a Target

    Exploiting Those Weaknesses

    Sniffing, Interception, and Eavesdropping

    Defining Sniffing

    Sample Sniffing Tool

    Sniffing Case Scenario

    Protecting against Sniffing and Eavesdropping

    Spoofing and Unauthorized Access

    Defining Spoofing

    Sample Spoofing Tools

    Protecting against Spoofing and Unauthorized Attacks

    Network Hijacking and Modification

    Defining Hijacking

    Sample Hijacking Tools

    Hijacking Case Scenario

    Protection against Network Hijacking and Modification

    Denial of Service and Flooding Attacks

    Defining DoS and Flooding

    Sample DoS Tools

    DoS and Flooding Case Scenario

    Protecting against DoS and Flooding Attacks

    Summary

    Solutions Fast Track

    Frequently Asked Questions

    Index






Product details

  • No. of pages: 752
  • Language: English
  • Copyright: © Syngress 2002
  • Published: May 29, 2002
  • Imprint: Syngress
  • eBook ISBN: 9780080479057

About the Author

Syngress

Ratings and Reviews

Write a review

There are currently no reviews for "Managing Cisco Network Security"