© Digital_Art/Shutterstock
Contents
PART 1 Foundations of Network Security
CHAPTER 1 Fundamentals of Network Security
What Are You Trying to Protect?
Seven Domains of a Typical IT Infrastructure
How Can You Measure the Success of Network Security?
Why Are Written Network Security Policies Important?
Who Is Responsible for Network Security?
Enhancing the Security of Wired Versus Wireless LAN Infrastructures
Internal and External Network Issues
Common Network Security Components Used to Mitigate Threats
Intrusion Detection Systems and Intrusion Prevention Systems
CHAPTER 2 Network Security Threats
Threats from Internal Personnel and External Entities
Common IT Infrastructure Threats
Hardware Failures and Other Physical Threats
Session Hijacking, Spoofing, and Man-in-the-Middle Attacks
Network and Resource Availability Threats
Distributed Denial of Service (DDoS)
CHAPTER 3 Common Network Topologies and Infrastructures
What Differentiates Logical and Physical Topologies?
Differences Between Internet Protocol Version 4 (IPv4) and Internet Protocol Version 6 (IPv6)
Examples of Network Infrastructures and Related Security Concerns
Thin Clients and Terminal Services
Remote Control, Remote Access, and VPN
CHAPTER 4 Network Design Considerations
Network Design and Defense in Depth
Achieving Defense in Depth through Layering
Working with Senior Management
Controlling Communication Pathways
Intrusion Detection Systems and Intrusion Prevention Systems
Authentication, Authorization, and Accounting
Hosts: Local-Only or Remote and Mobile
Risk Assessment and Management
PART 2 Securing the Perimeter with Firewalls
CHAPTER 5 Firewall Fundamentals
How Firewalls Work and What Firewalls Do
Individual and SOHO Firewall Options
Managing the Firewall on an ISP Connection Device
Converting a Home Router into a Firewall
Uses for Host Software Firewalls
Examples of Software Firewall Products
Using Windows 10’s Host Software Firewall
Using a Linux Host Software Firewall
Uses for Commercial Software Network Firewalls
Uses for Hardware/Appliance Firewalls
Dual-Homed and Triple-Homed Firewalls
Stateful Inspection and Dynamic Packet Filtering
Selecting the Right Firewall for Your Needs
The Difference Between Buying and Building a Firewall
CHAPTER 6 Firewall Implementation
Examining Your Network and Its Security Needs
Proper Firewall Implementation Procedure
Constructing, Configuring, and Managing a Firewall
Planning a Firewall Implementation with pfSense
Firewalling in a Subnet Architecture
Installing the pfSense Firewall
Configuring a Firewall with pfSense
Elements of Firewall Deployment
CHAPTER 7 Firewall Deployment Considerations
Common Security Strategies for Firewall Deployments
Forced Universal Participation
Authentication, Authorization, and Accounting
Placement of Network Hardware Firewalls
Benefit and Purpose of Reverse Proxy
Use and Benefit of Port Forwarding
Considerations for Selecting a Bastion Host OS
Understanding and Interpreting Firewall Logs and Alerts
Intrusion Detection Systems and Intrusion Prevention Systems
Security Event and Information Management
Evaluating Needs and Solutions in Designing Security
What Happens When Security Gets in the Way of Doing Business?
CHAPTER 8 Configuring Firewalls
Inbound and Outbound Communications
What Should You Allow and What Should You Block?
Essential Elements of a Firewall Policy
The Downside of Encryption with Firewalls
PART 3 Establishing Remote Access with VPNs
What Is a Virtual Private Network?
What Are the Benefits of Deploying a VPN?
What Are the Limitations of a VPN?
What Are Effective VPN Policies?
VPN Deployment Models and Architecture
The Relationship Between Encryption and VPNs
Establishing VPN Connections with Cryptography
Choose the Right VPN Product for Your Environment
Practice Vulnerability Management
Use Multifactor Authentication
Document Your Implementation Plan
Perform Regular Reviews, Backups, and Updates
Developing a VPN Deployment Plan
Internally Connected Deployment
Commercial Versus Open-Source VPNs
Differences Between Personal and Enterprise VPNs
Balancing Anonymity and Privacy
Protecting VPN Security to Support Availability
The Importance of User Training
Differences Between Software and Hardware Solutions
Differences Between Layer 2 and Layer 3 VPNs
Internet Protocol Security (IPSec)
Layer 2 Tunneling Protocol (L2TP)
Secure Sockets Layer (SSL)/Transport Layer Security (TLS)
Establishing Performance and Stability for VPNs
Using VPNs with Network Address Translation (NAT)
Configuring a Typical VPN Appliance
Choosing Between IPSec and SSL/TLS Remote Access VPNs
DMZ, Extranet, and Intranet VPN Solutions
Download and Verify Installation Files
VPN Implementation Best Practices
PART 4 Implementing Network Security
CHAPTER 13 Firewall Security Management
Best Practices for Firewall Management
Security Measures in Addition to a Firewall
Mitigating Firewall Threats and Exploits
Concerns Related to Tunneling Through or Across a Firewall
Important Tools for Managing and Monitoring a Firewall
Detecting Firewall Threats and Responding to Incidents
CHAPTER 14 Best Practices for Network Security Management
Essentials of Network Security Management
Network Security Management Tools
Security Plan and Security Policy
Limiting Network Access and Implementing Encryption
Techniques for Preventing and Deterring Incidents
Using Honeypots, Honeynets, and Padded Cells
Antivirus, Monitoring, and Other Host Security Controls
User Training, Security Awareness, and Ongoing Education
Fail-Secure, Fail-Open, and Fail-Close Options
Network Security Assessments and Testing
Network Security Troubleshooting
CHAPTER 15 Emerging Technology and Regulatory Considerations
What the Future Holds for Network Security, Firewalls, and VPNs
Resource Sites for Network Security, Firewalls, and VPNs
Virtual Private Network Vendors
Network Security Magazine Websites
Tools for Network Security, Firewalls, and VPNs
Commercial Off-the-Shelf (COTS) Software
Open-Source Applications and Tools
The Vanishing Network Perimeter
The Impact of Ubiquitous Wireless and Mobile Connectivity
Making Wireless and Mobile Connectivity More Secure
Potential Uses of Security Technologies
Specialized Firewalls Available
Emerging Network Security Technologies