Cisco network security

This is a hands-on guide to the basics of maintaining security on a network using Cisco products and technology. Four areas of security are covered: Firewall Security - Cisco PIX Firewall; Intrusion Detection using Cisco Secure IDS/Net Ranger; Vulnerability Scanners used to discover security holes in your network - Cisco Secure Scanner; Access Control Systems - Cisco Secure Access Control System.

1. Understanding Security Risk and Threats. Technology Weaknesses. Protocol. Operating Systems. Networking Equipment. Firewall "Holes". Configuration Weaknesses. Policy Weaknesses. Sources of Security Threats. Thrill Seekers and Adventurers. Competitors. Thieves. Enemies or Spies. Hostile Employees. Hostile Former Employer. Other Employee Sources. Threats to Network Security. Electronic Eavesdropping. Denial of Service. Unauthorized Access. Session Replay. Session Hijacking. Impersonation. Malicious Destruction. Repudiation. Viruses, Trojan Horses, and Worms. Rerouting. What Are We To Do? What Needs Protection? What Is the Nature of the Risk? What Kind of Protection Is Necessary? How Much Can You Afford to Spend? 2. Security Architecture. Goals of the Security Policy. Confidentiality and Privacy of Data. Availability of the Data. Integrity of the Data. Identity Authentication and Authorization. Nonrepudiation. Physical Security. Cabling. Switches. Routers. Basic Network Security. Passwords. Network Security Solutions. Perimeter Routers-First Layer of Defense. Firewalls-Perimeter Reinforcement. Virtual Private Networks. Data Privacy and Integrity. Vulnerability Assessment. Intrusion Detection. Access Controls and Identity. Security Policy Management and Enforcement. 3. First Line of Defense-The Perimeter Router. Passwords. Privileged Users. Basic Users. Disable EXEC-Mode. Establish a Line-Specific Password. Establish User-Specific Passwords. Limit Access Using Access Lists as Filters. Other Issues. Router Services and Protocols. Simple Network Management Protocol. HTTP. TCP/IP Services. Disable IP Source Route. Disable Non-Essential TCP and UDP Services. Disable the Finger Service. Disable Proxy ARP. Disable Directed Broadcasts. Disable the Cisco Discovery Protocol. Disable ICMP Redirects. Disable the Network Time Protocol. Disable ICMP Unreachables Messages. Traffic Management. Access Control Lists (ACL). Router-Based Attack Protection. Routing Protocols. Audit Trails and Logging. 4. Firewalls. The Protocols of the Internet. IP-The Internet Protocol. TCP-The Transmission Control Protocol. UDP-The User Datagram Protocol. TCP and UDP Ports. What Is a Network Firewall? What Kind of Protection Does a Firewall Provide? Protection and Features a Firewall Can Provide. What a Firewall Doesn't Protect Against. Firewall Design Approaches. Network Level Firewalls. Application Layer Firewalls. Network Design with Firewalls. The Classic Firewall Design. The Contemporary Design. Router-Based Firewalls. 5. The Cisco Secure PIX Firewall. Security Levels. The Adaptive Security Algorithm. Network Address Translation. PIX Firewall Features. Defense Against Network Attacks. Special Applications and Protocols. Controlling Traffic through the PIX Firewall. Controlling Inbound Traffic with Conduits. Cut-Through-Proxy. AAA Support via RADIUS and TACACS+. 6. Configuring the PIX Firewall. Getting Started. Provision for Routing. Configuring the PIX Firewall. Identifying the Interfaces. Permitting Access from the Inside. Establish PIX Firewall Routes. Permitting Access from the Outside. Testing and Remote Administration. Controlling Outbound Access. Java Applet Filtering. Authentication and Authorization. Inbound Connections. Outbound Connections. Logging Events. Syslog. Standby PIX Firewalls with Failover. 7. Router-Based Firewalls. Access Lists. Standard Access Lists. Extended Access Lists. Guidelines for Access Lists. Cisco Secure Integrated Software. Cisco Secure Integrated Software Architecture. CBAC and Stateful Packet Filtering. CBAC Supported Applications. Other Restrictions of CBAC. CSIS-Other Features. Configuring CBAC. Other Considerations. 8. Introduction to Encryption Techniques. Symmetric Key Encryption. Data Encryption Standard. Advanced Encryption Standard and Others. Key Management. Asymmetric Key Encryption. How Public-Key Encryption Works. Comparing Symmetric versus Asymmetric Methods. The Diffie-Hellman Algorithm. Perfect Forward Secrecy. RSA Public-Key Encryption. Message Authentication Codes. 9. Introduction to IPSec. Where to Apply Encryption. Data Link Layer. Network Layer. Transport Layer. Application Layer. Goals. Overview of IPSec. IPSec Details. AH-The Authentication Header. ESP-The Encapsulating Security Payload. Modes. SA, SPI, and SPD Defined. Key Management. Internet Key Exchange. IKE, ISAKMP, OAKLEY, and the DOI. Basic Key Exchange. IKE Phase 1. IKE Phase 2. IPSec Documentation. 10. Configuring IPSec. Step 1-Planning for IPSec. Step 2-Configuring Internet Key Exchange (IKE). Configuring Manual Keys. Dynamic Key Management. PFS and SA Lifetimes. Other IKE Configuration Options. Command Syntax for IKE. Step 3-Defining Transform Sets. Configuring Transform Sets. Step 4-Create Crypto Access lists. Step 5-Creating Crypto Maps. Step 6-Applying Crypto Maps to an Interface. Step 7-Test and Verify. Sample Configurations. Sample Configuration #1-IPSec Manual Keys. Sample Configuration #2-IKE with PreShared Key. 11. Virtual Private Networks-VPNs. Motivation for VPNs. Why VPNs. VPN Applications. VPN Technologies. PPTP. L2TP. IPSec. Authentication Limitations. 12. Cisco's Other Security Products. Access Control. Vulnerability Assessment. Phase One-Network Mapping. Phase Two-Data Collection. Phase Three-Data Analysis. Phase Four-Vulnerability Confirmation. Phase Five-Data Presentation and Navigation. Phase Six-Reporting. Intrusion Detection. Reacting to Alerts. Index.