Computer security policies and SunScreen firewalls

9601E-3 Protect your network with SunScreenaA A firewalls! Plan and implement a network security policy that works. SunScreenaA A EFS, SPF-200, and SKIP products. Sample policies and resource lists. This is a concise guide to building tough network security policies that work. It starts with detailed coverage of evaluation and planning, appropriate delegation of responsibilities, implementation, and the role of firewalls. Next, it introduces Sun Microsystem's flagship security products, the SunScreenaA A EFS firewall, designed for high-security enterprise networks, and the SunScreenaA A SPF-200 firewall, designed as a high-security "stealth" firewall. It also covers the powerful SKIP encryption and key management capabilities, which enable any user to achieve secure, authenticated communication. *Developing a security policy from the ground up. *Key security concepts and underlying technologies, including authentication, key management and access control. *Using SunScreenaA A firewalls as part of a coordinated security solution. *Administering SunScreenaA A EFS and SPF-200 firewalls. *Includes a complete sample security policy.Learn how to translate your security policies into rules-based protection on your SunScreenaA A firewall. Understand what rules are; how to create, review and test them; and how SunScreenaA A firewalls process them. Next, discover specific techniques for maximizing firewall performance and protecting against denial-of-service attacks. Whether you're a security professional, network planner, administrator or sysadmin, SunScreenaA A firewalls and this book give you practical tools and information for protecting your entire organization.

Acknowledgments. Preface. 1. What Is a Security Policy? The Need for Security. What Is a Threat? Examples of Computer Threats. The Importance of a Security Policy. Why a Security Policy? Who Writes a Security Policy? Starting Out. Building a Foundation for the Policy. Identify the OrganizationOs Assets. Develop a Mission Statement. Develop a Draft Budget. Enlist Management Support. Allot Sufficient Time. Analyzing Risks. Developing the Security Policy. Structure: Policies, Standards, Procedures. Some Suggested Topics for Standards. Considering Tools and Technology. Security Policy Components. Statement of Purpose. Scope. Policy Statement. Enforcement. Exceptions. Additional Considerations. Writing Style. Review and Approval Process. Communicating the Policy to Users. Implementing the Policy. Implement and Test Rules. Define Emergency Procedures/Response. Monitor for Compliance. Reviewing and Updating the Policy. 2. Firewalls as Part of Your Security Strategy. What Is a Firewall? What Security Problems Does a Firewall Try to Solve? Packet Filtering. Packet Filtering with State. Packet Filters and Proxies. Cryptography. Tunnel Addresses and Network Address Translation. SunScreen Firewalls as Part of Your Security. 3. Security Concepts and the Technology Behind Them. Discussion of Some Security Concepts. Authentication Access Control. Privacy. Integrity. Putting the Concepts Together. Cryptography. Key Technology. Shared-Key Technology. Public-Key Technology. Diffie-Hellman Key Technology. Public-Key Certificates. Signed Certificates. Self-Signed Certificates. Simple Key-Management for Internet Protocols (SKIP). 4. How the SunScreen Firewalls Work. Overview and Diagrams. How the Screen Checks Packet Traffic. The SunScreen EFS Firewall. The SunScreen SPF-200 Firewall. Explanation of Some Differences. Operating Environment and Networks. Rules. 5. Managing SunScreen Firewalls. What Does Administration Include? Interacting with the Screen. Using the SunScreen EFS and SPF-200 Firewalls Together. An Example Use. Backward Compatibility. EFS Administration. SPF-200 Administration. Some Administration Scenarios. Adding Another Remote Administration Station. Using Another Machine as an Administration Station. Copying a Configuration. Creating Address Lists. Understanding Packet Traffic on the Network. Protocol Stack. Communicating Securely with SKIP. How SKIP Works. SKIP in SunScreen Firewalls and SKIP on an End System. Monitoring. Using Logs. Why Logs Are Useful. How To Use SunScreen Logs. The SunScreen Log Browser. Storing SunScreen Logs. Receiving SNMP Alerts. Checking the Status of Your Firewalls. Troubleshooting. Routing. Services. SKIP Connections. Logs. Programs to Generate Information. 6. Translating Your Security Policy to Your SunScreen. Firewalls. Getting Organized. Security Policy. Network Topology Map. IP Addresses. Understanding Rules. Basic Rule Elements. Source and Destination Addresses. Rule Type. Service. Optional Rule Elements. Proxies. Encryption. Putting All the Rule Elements Together. Other Elements That Affect Your Configuration. Tunneling. SNMP Alerts. Turning Your Security Policy into SunScreen Rules. Creating Address Names. Entering Certificates. Creating a Service Group. Creating the Rules. Entering a Rule in SunScreen. EFS. How Rules Are Processed. Rule Ordering for EFS 2.0. Rule Ordering in SPF-200 1.0. Reviewing Your Current Rules. Increasing the Effectiveness of Your Rules. Rules to Help Protect Against Denial-of-Service. Attacks. IP Spoofing. Tips to Increase Performance. Summary. A. Scenarios with the SunScreen EFS Firewall. Scenario: Perimeter Defense. Diagram. Discussion. Rules. Scenario: Two Lines of Defense. Diagram. Discussion. Rules. Scenario: Site- to-Site Tunneling Firewall. Diagram. Discussion. Rules. Scenario: Remote Access Firewall. Diagram. Discussion. Rules. Scenario: Compartmentalization Firewall. Diagram. Discussion. Rules. B. Resources. Resources on the Internet. Request for Comments (RFCs). Web URLs. Internet Newsgroups. Books. SunScreen Product Documentation. Index.