In my opinion, network security is a tricky topic to write about. The reason is not a technical one, but rather one with setting up the right scope. The boundaries of network security are so wide that they touch all seven layers of the OSI model. From layer 1 of wire tapping, to layer 4 of transport protocol vulnerability, to layer 7 of man-in-the-middle spoofing, network security is everywhere. The issue is exacerbated by all the newly discovered vulnerabilities, which are sometimes at a daily rate. This does not even include the human social engineering aspect of network security.

As such, in this chapter, I would like to set the scope for what we will discuss. As we have been doing up to this point, we will be primarily focused on using Python for network device security at OSI layers 3 and 4. We will look at Python tools that we can use to manage individual components as well as using Python as a glue to connect different components, so we can treat network security in a holistic view. In this chapter, we will take a look at the following:

• The lab setup
• Python Scapy for security testing
• Access lists
• Forensic analysis with syslog and UFW using Python
• Other tools such as Mac address filter list, private VLAN, and Python IP table binding