Designing Network Security (paperback), 2nd Edition

  • Published: Oct 30, 2003
  • Copyright 2004
  • Dimensions: 7-3/8 X 9-1/8
  • Pages: 768
  • Edition: 2nd
  • Book
  • ISBN-10: 1-58714-249-X
  • ISBN-13: 978-1-58714-249-9

Register your product to gain access to bonus material or receive a coupon.

More Information

DescriptionReviewsSample Content

Product Description

A practical guide to creating a secure network infrastructure

  • Understand basic cryptography and security technologies
  • Identify the threats and common attacks to a network infrastructure
  • Learn how to create a security policy
  • Find out how to recover from a security breach
  • Study specific implementation scenarios for securing your network environment
  • Learn about advances in security technologies

Designing Network Security, Second Edition, is a practical guide designed to help you understand the fundamentals of securing your corporate network infrastructure. This book takes a comprehensive look at underlying security technologies, the process of creating a security policy, and the practical requirements necessary to implement a corporate security policy.

You will gain a thorough understanding of basic cryptography, the most widely deployed security technologies, and key emerging security technologies. You will be able to guide the architecture and implementation of a security policy for a corporate environment by knowing possible threats and vulnerabilities and understanding the steps required to perform a risk management assessment. Through the use of specific configuration examples, you will learn about the features required in network infrastructure equipment to implement the given security policy, including securing the internal corporate infrastructure, Internet access, and the remote access environment.

This new edition includes coverage of new security features including SSH on routers, switches, and the PIX(r) Firewall; enhancements to L2TP and IPSec; Cisco(r) LEAP for wireless networks; digital certificates; advanced AAA functionality; and Cisco Intrusion Detection System features and products. Additional practical examples include current security trends using VPN, wireless, and VoIP networking examples.

This book is part of the Networking Technology Series from Cisco Press(r), which offers networking professionals valuable information for constructing efficient networks, understanding new technologies, and building successful careers.

Customer Reviews

14 of 14 people found the following review helpful
4.0 out of 5 stars Strong on Security - Weak on Cisco, January 8, 2000
This review is from: Designing Network Security (Hardcover)
Excellent overview of network security issues. Covers almost all threats, protocols and safeguards in a concise manner. One of the books that should be read for CISSP preparation.

Bogs down when it gets to Cisco specific configurations. As a CCIE, even I find that books of this type provide only the tip of the iceberg when it comes to the complexity of Cisco configurations.

Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


14 of 14 people found the following review helpful
5.0 out of 5 stars Good Book to prepare for the MCNS examination, September 12, 1999
By A Customer
This review is from: Designing Network Security (Hardcover)
Exam 640-442 is the Security Specialistization for people who have attained their CCNP certification. Excellent coverage of AAA, TACACS+, RADIUS, PIX, 3DES, DMZ as well as IPSEC and CBAC. This is alot of material to be discussed in one book. Cisco provides a CD ROM with this same material for $250.00, this is a much better deal. If you want to enhance your knowledge of access-lists, reflexive access-lists etc. this is the book for you. Merike did her homework on this material, I completed many of the configurations presented in the book, they were accurate.
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


10 of 10 people found the following review helpful
2.0 out of 5 stars Mixed Bag, October 30, 2000
Amazon Verified Purchase(What's this?)
This review is from: Designing Network Security (Hardcover)
Up through Chapter 7, this book presents a fairly good overview of information security in general, network security basics, cryptography, and a good measure of "security philosophy" as well. It reads pretty well and there are relatively few inconsistencies, until...

From Chapter 8 onwards, there are lots of mistakes (my personal favorite is a botched explanation of TCP proxies on page 248) and many cases of examples not matching the explanatory text. And when it comes to enabling TACACS+ on routers, some sections of this book directly contradict Cisco's "IOS 12 Network Security" book.

All in all, a decent reference for Cisco routers & firewalls, but you might want to supplement it with something more substantial. The O'Reilly books and Cheswick/Bellovin come to mind...

Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


Share your thoughts with other customers:
 See all 17 customer reviews...

Table of Contents

Introduction.

I. SECURITY FUNDAMENTALS.

1. Basic Cryptography.

Cryptography. Authentication and Authorization. Namespace. Key Management. Key Escrow. Summary. Review Questions.

2. Security Technologies.

Identity Technologies. Application Layer Security Protocols. Transport Layer Security Protocols. Network Layer Security. Link-Layer Security Technologies. Public Key Infrastructure and Distribution Models. Summary. Review Questions.

3. Applying Security Technologies to Real Networks.

Virtual Private Networks (VPNs). Wireless Networks. Voice over IP (VoIP) Networks. Summary. Review Questions.

4. Routing Protocol Security.

Routing Basics. Routing Protocol Security Details. Summary. Review Questions.

II. THE CORPORATE SECURITY POLICY.

5. Threats in an Enterprise Network.

Types of Threats. Motivation of Threat. Common Protocol Vulnerabilities. Common Network Scenario Threats and Vulnerabilities. Routing Protocols. Social Engineering. Summary. Review Questions.

6. Considerations for a Site Security Policy.

Where to Begin. Risk Management. A Security Policy Framework. Summary. Review Questions.

7. Design and Implementation of the Corporate Security Policy.

Physical Security Controls. Logical Security Controls. Infrastructure and Data Integrity. Data Confidentiality. Security Policy Verification and Monitoring. Policies and Procedures for Staff. Security Awareness Training. Summary. Review Questions.

8. Incident Handling.

Building an Incident Response Team. Detecting an Incident. Handling an Incident. Incident Vulnerability Mitigation. Responding to the Incident. Recovering from an Incident. Summary. Review Questions.

III. PRACTICAL IMPLEMENTATION.

9. Securing the Corporate Network Infrastructure.

Identity - Controlling Network Device Access. Integrity. Data Confidentiality. Network Availability. Audit. Implementation Examples. Summary. Review Questions.

10. Securing Internet Access.

Internet Access Architecture. External Screening Router Architecture. Advanced Firewall Architecture. Implementation Examples. Summary. Review Questions.

11. Securing Remote Dial-In Access.

Dial-In Security Concerns. Authenticating Dial-In Users and Devices. Authorization. Accounting and Billing. Using AAA with Specific Features. Encryption for Virtual Dial-In Environments. Summary. Review Questions.

12. Securing VPN, Wireless, and VoIP Networks.

Virtual Private Networks. Wireless Networks. Voice over IP Networks. Summary. Review Questions.

IV. APPENDIXES.

Appendix A: Sources of Technical Information.

Appendix B: Reporting and Prevention Guidelines: Industrial Espionage and Network Intrusions.

Appendix C: Port Numbers.

Appendix D: Mitigating Distributed Denial-of-Service Attacks.

Appendix E: Answers to Review Questions.

Glossary.

Index.

๎”€Buy

Bookย  $67.00ย  $53.60

Usually ships in 24 hours.

This book includes free shipping!

Purchase Reward: One Month Free Subscription
By completing any purchase on Cisco Press, you become eligible for an unlimited access one-month subscription to Safari Books Online.

Get access to thousands of books and training videos about technology, professional development and digital media from more than 40 leading publishers, including Addison-Wesley, Prentice Hall, Cisco Press, IBM Press, O'Reilly Media, Wrox, Apress, and many more. If you continue your subscription after your 30-day trial, you can receive 30% off a monthly subscription to the Safari Library for up to 12 months. That's a total savings of $199.

Related Articles

Creating Your Own VPN
By Eric Geier.
Oct 23, 2012
Eight Cool Things You Probably Donโ€™t Know About Data Centers
By Douglas Alger.
Sep 27, 2012
Protecting Your Network from the Wi-Fi Protected Setup Security Hole
By Eric Geier.
Mar 12, 2012

You May Also Like

CCNA Security 640-554 LiveLessons (Video Training)
By Keith Barker.
ISBN-13: 978-0-7897-4858-4
Dec 3, 2012
$119.99 (Save 20%)
Build the Best Data Center Facility for Your Business (paperback)
By Douglas Alger.
ISBN-13: 978-1-58714-371-7
Jul 26, 2012
$57.60 (Save 20%)
Network Security First-Step, 2nd Edition
By Thomas M. Thomas, Donald Stoddard.
ISBN-13: 978-1-58720-410-4
Dec 30, 2011
$27.99 (Save 20%)

Safari Bookshelf Titles

Email Security with Cisco IronPort
By Chris Porter.
Apr 23, 2012
Network Security First-Step, 2nd Edition
By Thomas M. Thomas, Donald Stoddard.
Dec 30, 2011
Computer Incident Response and Product Security
By Damir Rajnovic.
Dec 6, 2010