End-to-end Network Security: Defense-in-depth

End-to-End Network Security
	Contents
	Foreword
	Introduction
	Part I: Introduction to Network Security Solutions
		Chapter 1 Overview of Network Security Technologies
			Firewalls
			Virtual Private Networks (VPN)
			Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS)
			Anomaly Detection Systems
			Authentication, Authorization, and Accounting (AAA) and Identity Management
			Network Admission Control
			Routing Mechanisms as Security Tools
			Summary
	Part II: Security Lifestyle: Frameworks and Methodologies
		Chapter 2 Preparation Phase
			Risk Analysis
			Social Engineering
			Security Intelligence
			Creating a Computer Security Incident Response Team (CSIRT)
			Building Strong Security Policies
			Infrastructure Protection
			Endpoint Security
			Network Admission Control
			Summary
		Chapter 3 Identifying and Classifying Security Threats
			Network Visibility
			Telemetry and Anomaly Detection
			Intrusion Detection and Intrusion Prevention Systems (IDS/IPS)
			Summary
		Chapter 4 Traceback
			Traceback in the Service Provider Environment
			Traceback in the Enterprise
			Summary
		Chapter 5 Reacting to Security Incidents
			Adequate Incident-Handling Policies and Procedures
			Laws and Computer Crimes
			Security Incident Mitigation Tools
			Forensics
			Summary
		Chapter 6 Postmortem and Improvement
			Collected Incident Data
			Root-Cause Analysis and Lessons Learned
			Building an Action Plan
			Summary
		Chapter 7 Proactive Security Framework
			SAVE Versus ITU-T X.805
			Identity and Trust
			Visibility
			Correlation
			Instrumentation and Management
			Isolation and Virtualization
			Policy Enforcement
			Visualization Techniques
			Summary
	Part III: Defense-In-Depth Applied
		Chapter 8 Wireless Security
			Overview of Cisco Unified Wireless Network Architecture
			Authentication and Authorization of Wireless Users
			Lightweight Access Point Protocol (LWAPP)
			Wireless Intrusion Prevention System Integration
			Management Frame Protection (MFP)
			Precise Location Tracking
			Network Admission Control (NAC) in Wireless Networks
			Summary
		Chapter 9 IP Telephony Security
			Protecting the IP Telephony Infrastructure
			Securing the IP Telephony Applications
			Protecting Against Eavesdropping Attacks
			Summary
		Chapter 10 Data Center Security
			Protecting the Data Center Against Denial of Service (DoS) Attacks and Worms
			Data Center Segmentation and Tiered Access Control
			Deploying Network Intrusion Detection and Prevention Systems
			Deploying the Cisco Security Agent (CSA) in the Data Center
			Summary
		Chapter 11 IPv6 Security
			Reconnaissance
			Filtering in IPv6
			Spoofing
			Header Manipulation and Fragmentation
			Broadcast Amplification or Smurf Attacks
			IPv6 Routing Security
			IPsec and IPv6
			Summary
	Part IV Case Studies
		Chapter 12 Case Studies
			Case Study of a Small Business
			Case Study of a Medium-Sized Enterprise
			Case Study of a Large Enterprise
			Summary
	Index
		A
		B
		C
		D
		E
		F
		G
		H
		I
		L
		M
		N
		O
		P
		Q
		R
		S
		T
		U
		V
		W
		Z