Network Security, Firewalls, and VPNs, 3rd Edition

Table of contents

1. Cover
2. Title Page
3. Copyright Page
4. Dedication
5. Brief Contents
6. Contents
7. Preface
8. Acknowledgments
9. About the Authors
10. CHAPTER 1 Fundamentals of Network Security
    1. What Is Network Security?
       1. What Is Trust?
       2. Who—or What—Is Trustworthy?
       3. What Are Security Objectives?
    2. What Are You Trying to Protect?
       1. Seven Domains of a Typical IT Infrastructure
    3. Goals of Network Security
    4. How Can You Measure the Success of Network Security?
    5. Why Are Written Network Security Policies Important?
       1. Planning for the Worst
    6. Who Is Responsible for Network Security?
    7. Enhancing the Security of Wired Versus Wireless LAN Infrastructures
    8. Internal and External Network Issues
    9. Common Network Security Components Used to Mitigate Threats
       1. Hosts and Nodes
       2. Firewalls
       3. Virtual Private Networks
       4. Proxy Servers
       5. Network Address Translation
       6. The Domain Name System
       7. Directory Services
       8. Intrusion Detection Systems and Intrusion Prevention Systems
       9. Network Access Control
    10. TCP/IP Basics
        1. OSI Reference Model
        2. Sub-Protocols
        3. Headers and Payloads
        4. Filtering on Addresses
    11. CHAPTER SUMMARY
    12. KEY CONCEPTS AND TERMS
    13. CHAPTER 1 ASSESSMENT
11. CHAPTER 2 Network Security Threats
    1. Hackers and Their Motivation
    2. Favorite Targets of Hackers
    3. Threats from Internal Personnel and External Entities
    4. The Hacking Process
       1. Reconnaissance
       2. Scanning
       3. Enumeration
       4. Attacking
       5. Post-Attack Activities
    5. Common IT Infrastructure Threats
       1. Hardware Failures and Other Physical Threats
       2. Natural Disasters
       3. Accidents
    6. Malicious Code (Malware)
       1. Advanced Persistent Threat
    7. Fast Growth and Overuse
    8. Wireless Versus Wired
    9. Eavesdropping
    10. Hijack and Replay Attacks
    11. Insertion Attacks
    12. Fragmentation Attacks
    13. Buffer Overflows
    14. Session Hijacking, Spoofing, and Man-in-the-Middle Attacks
        1. Session Hijacking
        2. Spoofing Attacks
        3. Man-in-the-Middle Attacks
    15. Covert Channels
    16. Network and Resource Availability Threats
        1. Denial of Service (DoS)
        2. Distributed Denial of Service (DDoS)
    17. Hacker Tools
    18. Social Engineering
    19. CHAPTER SUMMARY
    20. KEY CONCEPTS AND TERMS
    21. CHAPTER 2 ASSESSMENT
12. CHAPTER 3 Common Network Topologies and Infrastructures
    1. What Is a Network Topology?
    2. Types of Network Devices
    3. What Differentiates Logical and Physical Topologies?
       1. Types of Physical Topologies
       2. Logical Topology
       3. Creating Logical Topologies
    4. Differences Between Internet Protocol Version 4 (IPv4) and Internet Protocol Version 6 (IPv6)
       1. IPSec and IPv6
    5. Examples of Network Infrastructures and Related Security Concerns
       1. Workgroups
       2. SOHO Networks
       3. Client/Server Networks
       4. LAN Versus WAN
       5. Thin Clients and Terminal Services
       6. Remote Control, Remote Access, and VPN
       7. Boundary Networks
    6. CHAPTER SUMMARY
    7. KEY CONCEPTS AND TERMS
    8. CHAPTER 3 ASSESSMENT
13. CHAPTER 4 Network Design Considerations
    1. Network Design and Defense in Depth
       1. Achieving Defense in Depth through Layering
       2. Planning for Scalability
       3. Working with Senior Management
    2. Protocols
    3. Common Types of Addressing
       1. IPv6
    4. Controlling Communication Pathways
       1. Router Configuration
       2. Encrypted Protocols
       3. Physical Access Management
       4. Filtering
    5. Intrusion Detection Systems and Intrusion Prevention Systems
    6. Hardening Systems
    7. Equipment Selection
    8. Authentication, Authorization, and Accounting
    9. Communication Encryption
    10. Hosts: Local-Only or Remote and Mobile
    11. Redundancy
    12. Endpoint Security
        1. Clients
        2. Servers
        3. Routers
        4. Switches
        5. Firewalls and Proxies
    13. Risk Assessment and Management
    14. What Are Zones of Risk?
    15. CHAPTER SUMMARY
    16. KEY CONCEPTS AND TERMS
    17. CHAPTER 4 ASSESSMENT
14. CHAPTER 5 Firewall Fundamentals
    1. What Is a Firewall?
       1. What Firewalls Cannot Do
    2. Why Do You Need a Firewall?
    3. How Firewalls Work and What Firewalls Do
    4. Types of Firewalls
    5. Individual and SOHO Firewall Options
       1. Managing the Firewall on an ISP Connection Device
       2. Converting a Home Router into a Firewall
    6. Uses for Host Software Firewalls
       1. Examples of Software Firewall Products
       2. Using Windows 10’s Host Software Firewall
       3. Using a Linux Host Software Firewall
    7. Uses for Commercial Software Network Firewalls
    8. Uses for Hardware/Appliance Firewalls
    9. Next-Generation Firewalls
    10. What Are Virtual Firewalls?
    11. Dual-Homed and Triple-Homed Firewalls
    12. Ingress and Egress Filtering
    13. Types of Filtering
        1. Static Packet Filtering
        2. Stateful Inspection and Dynamic Packet Filtering
        3. Network Address Translation
        4. Application Proxy
        5. Circuit Proxy
        6. Content Filtering
    14. Selecting the Right Firewall for Your Needs
    15. The Difference Between Buying and Building a Firewall
    16. CHAPTER SUMMARY
    17. KEY CONCEPTS AND TERMS
    18. CHAPTER 5 ASSESSMENT
15. CHAPTER 6 Firewall Implementation
    1. Examining Your Network and Its Security Needs
       1. What to Protect and Why
       2. Preserving Privacy
    2. Proper Firewall Implementation Procedure
    3. Constructing, Configuring, and Managing a Firewall
    4. pfSense
    5. pfSense Requirements
    6. Planning a Firewall Implementation with pfSense
       1. Firewalling a Small Organization: Packet Filtering or Application-Level Firewall, a Proxy Implementation
       2. Firewalling Medium and Large Organizations: Application-Level Firewall and Packet Filtering, a Hybrid System
       3. Firewalling in a Subnet Architecture
    7. Installing the pfSense Firewall
    8. Configuring a Firewall with pfSense
    9. Elements of Firewall Deployment
    10. Testing and Troubleshooting
    11. CHAPTER SUMMARY
    12. KEY CONCEPTS AND TERMS
    13. CHAPTER 6 ASSESSMENT
16. CHAPTER 7 Firewall Deployment Considerations
    1. Common Security Strategies for Firewall Deployments
       1. Security Through Obscurity
       2. Least Privilege
       3. Simplicity
       4. Defense in Depth
       5. Diversity of Defense
       6. Chokepoint
       7. Weakest Link
       8. Fail-Safe
       9. Forced Universal Participation
    2. Authentication, Authorization, and Accounting
    3. Placement of Network Hardware Firewalls
    4. Benefit and Purpose of Reverse Proxy
    5. Use and Benefit of Port Forwarding
    6. Considerations for Selecting a Bastion Host OS
    7. Monitoring and Logging
    8. Understanding and Interpreting Firewall Logs and Alerts
    9. Intrusion Detection Systems and Intrusion Prevention Systems
    10. Security Event and Information Management
    11. Evaluating Needs and Solutions in Designing Security
    12. What Happens When Security Gets in the Way of Doing Business?
    13. CHAPTER SUMMARY
    14. KEY CONCEPTS AND TERMS
    15. CHAPTER 7 ASSESSMENT
17. CHAPTER 8 Configuring Firewalls
    1. Firewall Rules
       1. Inbound and Outbound Communications
       2. Access Control Lists
    2. Composing Firewall Rules
    3. Ordering Firewall Rules
    4. What Should You Allow and What Should You Block?
    5. Essential Elements of a Firewall Policy
    6. Limitations of Firewalls
    7. Improving Performance
    8. The Downside of Encryption with Firewalls
    9. Firewall Enhancements
    10. Management Interfaces
    11. CHAPTER SUMMARY
    12. KEY CONCEPTS AND TERMS
    13. CHAPTER 8 ASSESSMENT
18. CHAPTER 9 VPN Fundamentals
    1. What Is a Virtual Private Network?
    2. What Are the Benefits of Deploying a VPN?
    3. What Are the Limitations of a VPN?
    4. What Are Effective VPN Policies?
    5. VPN Deployment Models and Architecture
       1. VPN Deployment Models
       2. VPN Architectures
    6. Tunnel Versus Transport Mode
    7. The Relationship Between Encryption and VPNs
       1. Symmetric Cryptography
       2. Asymmetric Cryptography
       3. Hashing
       4. Establishing VPN Connections with Cryptography
       5. Digital Certificates
    8. What Is VPN Authentication?
    9. What Is VPN Authorization?
    10. CHAPTER SUMMARY
    11. KEY CONCEPTS AND TERMS
    12. CHAPTER 9 ASSESSMENT
19. CHAPTER 10 VPN Management
    1. VPN Management Best Practices
       1. Build in Redundancy
       2. Choose the Right VPN Product for Your Environment
       3. Develop a VPN Policy
       4. Prohibit Split Tunneling
       5. Ensure Client Security
       6. Practice Vulnerability Management
       7. Use Multifactor Authentication
       8. Document Your Implementation Plan
       9. Monitor VPN Availability
       10. Perform Regular Reviews, Backups, and Updates
    2. Developing a VPN Policy
    3. Developing a VPN Deployment Plan
       1. Bypass Deployment
       2. Internally Connected Deployment
       3. DMZ-Based Implementation
    4. VPN Threats and Exploits
    5. Commercial Versus Open-Source VPNs
    6. Differences Between Personal and Enterprise VPNs
    7. Balancing Anonymity and Privacy
    8. Protecting VPN Security to Support Availability
    9. The Importance of User Training
    10. VPN Troubleshooting
    11. CHAPTER SUMMARY
    12. KEY CONCEPTS AND TERMS
    13. CHAPTER 10 ASSESSMENT
20. CHAPTER 11 VPN Technologies
    1. Differences Between Software and Hardware Solutions
       1. Software VPNs
       2. Hardware VPNs
    2. Differences Between Layer 2 and Layer 3 VPNs
    3. Internet Protocol Security (IPSec)
    4. Layer 2 Tunneling Protocol (L2TP)
    5. Secure Sockets Layer (SSL)/Transport Layer Security (TLS)
       1. SSL/TLS and VPNs
    6. Secure Shell (SSH) Protocol
    7. Establishing Performance and Stability for VPNs
       1. Performance
       2. Stability
    8. Using VPNs with Network Address Translation (NAT)
    9. Types of Virtualization
       1. Desktop Virtualization
       2. SSL VPN Virtualization
    10. CHAPTER SUMMARY
    11. KEY CONCEPTS AND TERMS
    12. CHAPTER 11 ASSESSMENT
21. CHAPTER 12 VPN Implementation
    1. Operating System–Based VPNs
    2. VPN Appliances
       1. Configuring a Typical VPN Appliance
       2. Client-Side Configuration
    3. Remote Desktop Protocol
    4. Using Remote Control Tools
    5. Using Remote Access
       1. The Technology for Remote Use
       2. Choosing Between IPSec and SSL/TLS Remote Access VPNs
    6. Remote Desktop Services
       1. RD RemoteApp
       2. RD Web Access
       3. RDS and Hosted Services
    7. Microsoft DirectAccess
    8. DMZ, Intranet, and Extranet VPN Solutions
       1. Intranet VPNs
       2. Extranet VPNs
    9. Internet Café VPNs
    10. Online Remote VPN Options
        1. Security
        2. Wake-on-LAN Support
        3. File Sharing
        4. Remote Printing
        5. Mac and Mobile Device Support
    11. The Tor Application
    12. Planning a VPN Implementation
        1. Download and Verify Installation Files
        2. Installation Tips
        3. Configuring OpenVPN
        4. Running OpenVPN
        5. Testing and Troubleshooting
        6. OpenVPN Private Tunnel
    13. VPN Implementation Best Practices
    14. CHAPTER SUMMARY
    15. KEY CONCEPTS AND TERMS
    16. CHAPTER 12 ASSESSMENT
22. CHAPTER 13 Firewall Security Management
    1. Best Practices for Firewall Management
    2. Security Measures in Addition to a Firewall
    3. Mitigating Firewall Threats and Exploits
    4. Concerns Related to Tunneling Through or Across a Firewall
    5. Testing Firewall Security
    6. Important Tools for Managing and Monitoring a Firewall
    7. Troubleshooting Firewalls
    8. Detecting Firewall Threats and Responding to Incidents
    9. CHAPTER SUMMARY
    10. KEY CONCEPTS AND TERMS
    11. CHAPTER 13 ASSESSMENT
23. CHAPTER 14 Best Practices for Network Security Management
    1. Essentials of Network Security Management
    2. Network Security Management Tools
       1. Security Plan and Security Policy
       2. Security Checklist
    3. Limiting Network Access and Implementing Encryption
    4. Physical Security
    5. Techniques for Preventing and Deterring Incidents
       1. Imposing Compartmentalization
       2. Using Honeypots, Honeynets, and Padded Cells
       3. Antivirus, Monitoring, and Other Host Security Controls
       4. Backup and Recovery
       5. User Training, Security Awareness, and Ongoing Education
    6. Incident Response
       1. Preparation
       2. Detection and Analysis
       3. Containment
       4. Eradication
       5. Recovery
       6. Post-Incident Follow-Up
    7. Fail-Secure, Fail-Open, and Fail-Close Options
    8. Network Security Assessments and Testing
       1. Security Assessment
       2. Configuration Scans
       3. Vulnerability Scanning
       4. Penetration Testing
       5. Post-Mortem Assessment Review
    9. Change Management
    10. Compliance Auditing
    11. Network Security Troubleshooting
    12. CHAPTER SUMMARY
    13. KEY CONCEPTS AND TERMS
    14. CHAPTER 14 ASSESSMENT
24. CHAPTER 15 Emerging Technology and Regulatory Considerations
    1. What the Future Holds for Network Security, Firewalls, and VPNs
       1. Threats
       2. Firewall Capabilities
       3. Encryption
       4. Authentication
       5. Metrics
       6. Focus
       7. Securing the Cloud
       8. Securing Mobile Devices
       9. Internet of Things
       10. Mobile IP
       11. Bring Your Own Device (BYOD)
    2. Resource Sites for Network Security, Firewalls, and VPNs
       1. Firewall Vendors
       2. Virtual Private Network Vendors
       3. Network Security Websites
       4. Network Security Magazine Websites
    3. Tools for Network Security, Firewalls, and VPNs
       1. Commercial Off-the-Shelf (COTS) Software
       2. Open-Source Applications and Tools
    4. The Vanishing Network Perimeter
       1. The Impact of Ubiquitous Wireless and Mobile Connectivity
       2. Making Wireless and Mobile Connectivity More Secure
    5. Potential Uses of Security Technologies
    6. Regulations and Compliance
    7. Specialized Firewalls
    8. Emerging Network Security Technologies
       1. Data Leakage Prevention
       2. Biometrics
       3. Virtualization Security
       4. IP Version 6
       5. VPNs, Firewalls, and Virtualization
    9. CHAPTER SUMMARY
    10. KEY CONCEPTS AND TERMS
    11. CHAPTER 15 ASSESSMENT
25. APPENDIX A Answer Key
26. APPENDIX B Standard Acronyms
27. Glossary of Key Terms
28. References
29. Index