This manual covers "End-to-End Network Security: Defense-in-Depth," a comprehensive guide authored by Omar Santos and published by Cisco Press. Released on August 24, 2007, this resource delves into advanced network security practices, moving beyond perimeter defense to an in-depth, layered approach. It is designed for professionals seeking to understand and implement robust security strategies against sophisticated and rapidly evolving threats. The book emphasizes building intelligent, self-defending networks capable of identifying, alerting, and responding to attacks automatically.
The scope of this manual is extensive, detailing mechanisms to counter threats across various network segments. It begins with an overview of network security technologies, progresses through a six-step incident response methodology, and explores best practices from proactive security frameworks. Specific topics include wireless network security, IP telephony security, data center security, and IPv6 security. Case studies are provided to illustrate practical configurations and implementation strategies for small, medium, and large enterprises, enabling readers to improve risk mitigation, enhance security posture, and deploy effective defense-in-depth principles.
		        	 End-to-End Network Security 
  Defense-in-Depth 
  
 Best practices for assessing and improving network defenses and responding to security incidents
  
 Omar Santos
  
 Information security practices have evolved from Internet perimeter protection to an in-depth defense model in which multiple countermeasures are layered throughout the infrastructure to address vulnerabilities and attacks. This is necessary due to increased attack frequency, diverse attack sophistication, and the rapid nature of attack velocity—all blurring the boundaries between the network and perimeter.
  
  End-to-End Network Security is designed to counter the new generation of complex threats. Adopting this robust security strategy defends against highly sophisticated attacks that can occur at multiple locations in your network. The ultimate goal is to deploy a set of security capabilities that together create an intelligent, self-defending network that identifies attacks as they occur, generates alerts as appropriate, and then automatically responds.
  
  End-to-End Network Security provides you with a comprehensive look at the mechanisms to counter threats to each part of your network. The book starts with a review of network security technologies then covers the six-step methodology for incident response and best practices from proactive security frameworks. Later chapters cover wireless network security, IP telephony security, data center security, and IPv6 security. Finally, several case studies representing small, medium, and large enterprises provide detailed example configurations and implementation strategies of best practices learned in earlier chapters.
  
 Adopting the techniques and strategies outlined in this book enables you to prevent day-zero attacks, improve your overall security posture, build strong policies, and deploy intelligent, self-defending networks.
  
 “Within these pages, you will find many practical tools, both process related and technology related, that you can draw on to improve your risk mitigation strategies.”
  
 —Bruce Murphy, Vice President, World Wide Security Practices, Cisco 
  
 Omar Santos is a senior network security engineer at Cisco®. Omar has designed, implemented, and supported numerous secure networks for Fortune 500 companies and the U.S. government. Prior to his current role, he was a technical leader within the World Wide Security Practice and the Cisco Technical Assistance Center (TAC), where he taught, led, and mentored many engineers within both organizations.
  
  - Guard your network with firewalls, VPNs, and intrusion prevention systems 
- Control network access with AAA 
- Enforce security policies with Cisco Network Admission Control (NAC) 
- Learn how to perform risk and threat analysis 
- Harden your network infrastructure, security policies, and procedures against security threats 
- Identify and classify security threats 
- Trace back attacks to their source 
- Learn how to best react to security incidents 
- Maintain visibility and control over your network with the SAVE framework 
- Apply Defense-in-Depth principles to wireless networks, IP telephony networks, data centers, and IPv6 networks 
 
 This security book is part of th
Author: Santos, Omar
Publisher: Cisco Press
Illustration: N
Language: ENG
Title: End-to-End Network Security: Defense-in-Depth
Pages: 00466 (Encrypted EPUB) / 00000 (Encrypted PDF)
On Sale: 2007-08-24
SKU-13/ISBN: 9781587053320
Category: Computers : Networking - Vendor Specific
		 End-to-End Network Security 
  Defense-in-Depth 
  
 Best practices for assessing and improving network defenses and responding to security incidents
  
 Omar Santos
  
 Information security practices have evolved from Internet perimeter protection to an in-depth defense model in which multiple countermeasures are layered throughout the infrastructure to address vulnerabilities and attacks. This is necessary due to increased attack frequency, diverse attack sophistication, and the rapid nature of attack velocity—all blurring the boundaries between the network and perimeter.
  
  End-to-End Network Security is designed to counter the new generation of complex threats. Adopting this robust security strategy defends against highly sophisticated attacks that can occur at multiple locations in your network. The ultimate goal is to deploy a set of security capabilities that together create an intelligent, self-defending network that identifies attacks as they occur, generates alerts as appropriate, and then automatically responds.
  
  End-to-End Network Security provides you with a comprehensive look at the mechanisms to counter threats to each part of your network. The book starts with a review of network security technologies then covers the six-step methodology for incident response and best practices from proactive security frameworks. Later chapters cover wireless network security, IP telephony security, data center security, and IPv6 security. Finally, several case studies representing small, medium, and large enterprises provide detailed example configurations and implementation strategies of best practices learned in earlier chapters.
  
 Adopting the techniques and strategies outlined in this book enables you to prevent day-zero attacks, improve your overall security posture, build strong policies, and deploy intelligent, self-defending networks.
  
 “Within these pages, you will find many practical tools, both process related and technology related, that you can draw on to improve your risk mitigation strategies.”
  
 —Bruce Murphy, Vice President, World Wide Security Practices, Cisco 
  
 Omar Santos is a senior network security engineer at Cisco®. Omar has designed, implemented, and supported numerous secure networks for Fortune 500 companies and the U.S. government. Prior to his current role, he was a technical leader within the World Wide Security Practice and the Cisco Technical Assistance Center (TAC), where he taught, led, and mentored many engineers within both organizations.
  
  - Guard your network with firewalls, VPNs, and intrusion prevention systems 
- Control network access with AAA 
- Enforce security policies with Cisco Network Admission Control (NAC) 
- Learn how to perform risk and threat analysis 
- Harden your network infrastructure, security policies, and procedures against security threats 
- Identify and classify security threats 
- Trace back attacks to their source 
- Learn how to best react to security incidents 
- Maintain visibility and control over your network with the SAVE framework 
- Apply Defense-in-Depth principles to wireless networks, IP telephony networks, data centers, and IPv6 networks 
 
 This security book is part of th
Author: Santos, Omar
Publisher: Cisco Press
Illustration: N
Language: ENG
Title: End-to-End Network Security: Defense-in-Depth
Pages: 00466 (Encrypted EPUB) / 00000 (Encrypted PDF)
On Sale: 2007-08-24
SKU-13/ISBN: 9781587053320
Category: Computers : Networking - Vendor Specific