Cisco Network Security [Anglais] [Relié]

This is a hands-on guide to the basics of maintaining security on a network using Cisco products and technology. Four areas of security are covered: Firewall Security - Cisco PIX Firewall; Intrusion Detection using Cisco Secure IDS/Net Ranger; Vulnerability Scanners used to discover security holes in your network - Cisco Secure Scanner; Access Control Systems - Cisco Secure Access Control System.

The practical, authoritative Cisco network security implementation guide!

Finally, there's a single source for practical, hands-on guidance on implementing and configuring the most important elements of Cisco network security!

Leading network security consultant James Pike offers step-by-step guidance for implementing and configuring key Cisco security products-including in-depth guidance on using PIX firewalls. Coverage includes:

• Essential Cisco security terminology, technologies, and design criteria
• Comprehensive, start-to-finish techniques for deploying IPSec security in VPN environments
• Easy to understand introductions to Cisco Secure IDS/Net Ranger intrusion detection, Cisco Secure Scanner/NetSonar scanning, and Cisco Secure Access Control System access control

No other book brings together this much Cisco security information: step-by-step tutorials, in-depth reference material, critical data for configuration, and expert guidance for decision making. Whatever your role in securing Cisco networks, Cisco Network Security will instantly become your #1 resource.

JAMES PIKE is president of Atlantis Communications, a consulting firm specializing in network security. He has more than 25 years experience in computing and networking and has been an independent consultant and instructor for over a decade. A Cisco Certified System Instructor, he has more than six years experience in teaching advanced routing and network security for several Cisco Authorized Training Partners.

The phenomenal acceptance and growth of the Internet and internetworking technologies, in general, has brought with it the requirement to look at information security in a new light. While network security has been an issue since the advent of computer networking and remote communications, today's environment calls for a fresh approach.

In prior years, the "network" was a relative closed, controllable environment. Access was limited, and access points were readily identifiable. The Internet defies both of these premises, in that it is essentially an "open" environment. Access is virtually and, intentionally, unlimited, and the access points are vast and unpredictable. Organizations seeking to take advantage of the benefits of this open, interconnected system also inherit the risks and liabilities that come with this complex environment. To defend against hostile or malicious action, an organization must understand the nature of the threats and the range of tools available for defense.

While many knowledgeable information systems professionals are aware that there are risks and threats, the nature of these, and the available defensive tools and technologies, are often a great mystery. Like many maturing technologies, the information may be available, but scattered in many places, and requires familiarity with an entirely new vocabulary. Likewise, the information is not always in a readily useable form, often too abstract and theoretical for those who need to apply the defensive remedies, or too oversimplified to ensure confidence in the thoroughness and completeness in the application of the tools.

This leads to a situation where the technical professional has too much or too little information, yet is still expected to exercise professional judgment in the selection and application of "appropriate" solutions.

This book attempts to bridge the gap between the theory and practice of network security. We have tried to provide enough detail on the theories and protocols for reasonable comprehension, so that the networking professional can make informed choices, and coupled that with the "how-to." Although the focus is on the Cisco product offerings, the principles apply to many other environments, as well. Although the user interface and configuration details may vary, the functionality is often similar across comparable products.

The most difficult task is often choosing among many options and choices. Hopefully, the discussion of some of the design theory and protocol details will make these choices a little more clearly understood.

Although this work might be directed toward the technical professional, we believe that students, educators, auditors, management personnel, and others interested in network security will probably find much of the material helpful, as well.