"This book is invaluable to anyone facing the challenges of security in a business environment." --Paul D. Robertson, Moderator of Firewall-Wizards and Director of Risk Assessment, TruSecure CorporationA Note From Series Editor: "I first got to know Wesley Noonan through a common newsgroup. His insightful and technical comments stuck with me, and I finally met him at a conference several years later. Wes has the gift to present network security in a concise, well-reasoned way--easy for everyone to understand regardless of their security or networking knowledge. His writing style reflects his congenial presentation manner and his knowledge, and his eagerness to share his expertise is exceptional. Wes's guide to hardening your network infrastructure provides the step-by-step how-to approach that you need to build, deploy, and maintain a security defense. I've read every word; you will not be disappointed." --Roberta BraggFeatures a four-part hardening methodology:Do This Now!--Checklist of immediate steps to take to lockdown your system from further attackTake It From The Top--Systematic approach to hardening your perimeter and internal network infrastructure, focusing on firewalls, IDS/IPS, network content filtering, wireless LAN connections, routers, and switchesOnce Is Never Enough!--Ongoing monitoring and assessment plan to keep your network secure, including patch management and auditingHow to Succeed at Hardening Your Network Infrastructure--Strategies for getting budget approval, management buy-in, and employee cooperation for your security programAbout the author: Wesley J. Noonan, MCSE, CCNA, CCDA, NNCSS, Security+, is a Senior Network Consultant for Collective Technologies, LLC, a company specializing in storage, server and network design, architecture, implementation, and security.Series Editor: Roberta Bragg, CISSP, MCSE: Security, Security+, is the Security Advisor columnist for MCP magazine and a Security Expert for searchWin2000.com. She also writes for the Security Watch newsletter and is the author of several computer books.
Table of Contents
Part I: Do This Now!
Ch. 1. Do these 6 things before you do anything else!
Ch. 2. Hardening Your Perimeter Network
Ch. 3. Firewalls, IDS, IDP
Ch. 4. Hardening Your External Access Connections Including VPN, Dial-in and Remote Access
Ch. 5. Hardening Your Perimeter Routers and Switches
h. 6. Positioning and Deploying Content Filters/Application Proxies
Ch. 7. Utilizing Your Perimeter Devices to Implement a Secure Perimeter <
Ch. 8. Using Firewalls, IDS and IDP to Harden Your Internal Network
Ch. 9. Hardening Internal Routers, Switches
Ch. 10. Hardening Wireless LAN Connections
Ch. 11. Hardening Intersite Locations and WAN Connections
Ch. 12. Implement Access Authorization
Ch. 13. Implement an Enterprise Monitoring Solution
Ch. 14. How to Implement a Secure Internal Network
Part III: Once is Never Enough!
Ch. 15. Review Your Security Policy, Posture and Auditing
Ch. 16. Patches and Upgrades
Ch. 17. Managing Changes to Your Policy
Part IV: How to Succeed at Hardening Your Network Infrastructure
Ch. 18. Where Does the Money Come From and Setting Perceptions
Ch. 19. Staffing and Training Issues
Ch. 20. Handling Security Failures
Appendix A: Additional Infrastructure Security Resources