Network Security Auditing (Networking Technology: Security) [Paperback]

Chris Jackson (Author)

Book Description

Publication Date: June 12, 2010 | ISBN-10: 1587053527 | ISBN-13: 978-1587053528 | Edition: 1

This complete new guide to auditing network security is an indispensable resource for security, network, and IT professionals, and for the consultants and technology partners who serve them.

 

Cisco network security expert Chris Jackson begins with a thorough overview of the auditing process, including coverage of the latest regulations, compliance issues, and industry best practices. The author then demonstrates how to segment security architectures into domains and measure security effectiveness through a comprehensive systems approach.

 

Network Security Auditing thoroughly covers the use of both commercial and open source tools to assist in auditing and validating security policy assumptions. The book also introduces leading IT governance frameworks such as COBIT, ITIL, and ISO 17799/27001, explaining their values, usages, and effective integrations with Cisco security products.

 

This book arms you with detailed auditing checklists for each domain, realistic design insights for meeting auditing requirements, and practical guidance for using complementary solutions to improve any company’s security posture.

• Master the five pillars of security auditing: assessment, prevention, detection, reaction, and recovery.
• Recognize the foundational roles of security policies, procedures, and standards.
• Understand current laws related to hacking, cracking, fraud, intellectual property, spam, and reporting.
• Analyze security governance, including the roles of CXOs, security directors, administrators, users, and auditors.
• Evaluate people, processes, and technical security controls through a system-based approach.
• Audit security services enabled through Cisco products.
• Analyze security policy and compliance requirements for Cisco networks.
• Assess infrastructure security and intrusion prevention systems.
• Audit network access control and secure remote access systems.
• Review security in clients, hosts, and IP communications.
• Evaluate the performance of security monitoring and management systems.

This security book is part of the Cisco Press Networking Technology Series. Security titles from Cisco Press help networking professionals secure critical data and resources, prevent and mitigate network attacks, and build end-to-end, self-defending networks.

 

Editorial Reviews

About the Author

Christopher L. Jackson, CCIE No. 6256, is a security technical solutions architect in the U.S. Channels organization with Cisco and is focused on developing security consulting practices in the Cisco partner community. Throughout his career in internetworking, Chris has built secure networks that map to a strong security policy for a large number of organizations including UPS, GE, and Sprint. Chris is an active speaker on security for Cisco through TechwiseTV, conferences, and web casts. He has authored numerous whitepapers and is responsible for a number of Cisco initiatives to build stronger security partners through security practice building.

 

Chris is a highly certified individual with dual CCIEs (Routing and Switching & Security), CISSP, ISA, seven SANS GIAC certifications (GSNA, GCIH, GCFW, GCIA, GCUX, GCWN, and GSEC), and ITIL V3. Chris also holds a bachelors degree in business administration from McKendree College. Residing in Bradenton, Florida, Chris enjoys tinkering with his home automation system and playing with his ever-growing collection of electronic gadgets. His

wife Barbara and two children Caleb and Sydney are the joy of his life and proof that not everything has to plug into a wall outlet to be fun.

 

Product Details

• Paperback: 528 pages
• Publisher: Cisco Press; 1 edition (June 12, 2010)
• Language: English
• ISBN-10: 1587053527
• ISBN-13: 978-1587053528
• Product Dimensions: 7.4 x 1.1 x 9.1 inches
• Shipping Weight: 1.9 pounds (View shipping rates and policies)
• Average Customer Review: 5.0 out of 5 stars  See all reviews (2 customer reviews)
• Amazon Best Sellers Rank: #234,617 in Books (See Top 100 in Books)

More About the Author

Chris Jackson, CCIE (Security, Routing, Switching), CISA, CISSP, ITIL, SANS, Technical Solutions Architect in the Cisco Architectures and Verticals Partner Organization, has focused for the past six years on developing security practices with the Cisco partner community. During a 15-year career in internetworking, he has built secure networks that map to strong security policies for organizations, including UPS, GE, and Sprint. Chris is an active speaker on security for Cisco through TechwiseTV, conferences, and webcasts. He has authored a number of whitepapers and is responsible for numerous Cisco initiatives to help build stronger security partners. He holds dual CCIEs in security and routing and switching, CISA, CISSP, ITIL, seven SANS certifications, and a bachelor's degree in business administration.

Residing in Bradenton, Florida, Chris enjoys tinkering with his home automation system and playing with his ever-growing collection of electronic gadgets. His wife Barbara and two children Caleb and Sydney are the joy of his life and proof that not everything has to plug into a wall outlet to be fun.

Most Helpful Customer Reviews

8 of 9 people found the following review helpful

5.0 out of 5 stars Good Intro Material for Network Security Auditing August 29, 2011

By Ron

Format:Paperback|Amazon Verified Purchase

I am almost done reading this book and its all worth it. As an Information Security Practitioner, my goal why I bought this book is to learn how to think like an Auditor to help me prepare systems for a PCI-DSS, ISO27001, HIPAA and SOC (the new SAS70 Type II Report) audits. Chris Jackson's style of writing makes the topic interesting, specifically the chapter that covers Information Security and the Law. The gem in this book is definitely the focus on how to review Cisco IOS and ASA configuration, rules and policies. As an ITIL fellow, I love how Chris focused on the benefits of implementing best practices and other service-oriented frameworks on your IT infrastructure. I consider the topics about penetration testing such as NMAP and BackTrack a bonus, specifically to IT Generalists or Junior IT Auditors who wants to be aware of the current threat landscape out there. I will definitely wait and purchase Chris Jackson's next Security Book.

2 of 2 people found the following review helpful

5.0 out of 5 stars Excellent highly technical and detailed reference April 27, 2011

By Ben Rothke

Format:Paperback

The subtitle of Network Security Auditing is the complete guide to auditing security, measuring risk, and promoting compliance. The book does in fact live up to that and is a comprehensive reference to all things network security audit related.
In 12 chapters at almost 450 pages, the book covers all of the key areas around network security that is of relevance to those working in information security.
As a Cisco Press title, written by a Cisco technical solutions architect, the book naturally has a heavy Cisco slant to it. Nonetheless, it is still an excellence reference even for those not working in a Cisco environment.

While the first 3 chapters of the book provide an overview that is great even for a security newbie, the overall style of the book is highly technical and comprehensive.

Chapters 1-3 provide an introduction to the principles of auditing, information security and the law, and governance, frameworks and standards. Each chapter is backed with a significant amount of information and the reader is presented with a thorough overview of the concepts.

Chapter 3 does a good job of providing the reader with the details of current frameworks and standards, including PCI DSS, ITIL, ISO 17799/27001 and others. Author Chris Jackson does a good job of explaining the differences between them and where they are best used. Given this is a Cisco-centric book, he also shows how the various Cisco security products can be integrated for such regulatory and standards support.

Throughout the book, the author makes excellent use of many auditing checklists for each area that can be used to quickly ascertain the level of security audit compliance.

Chapter 6 is perhaps the best chapter in the book on the topic of Policy, Compliance and Management, and the author provides an exceptionally good overview of the need for auditing security policies. This is a critical area as far too many organizations create an initial set of information security policies, but subsequently never take the time to go back and see if they are indeed effective and providing the necessary levels of data protection.

Jackson notes that accessing the effectiveness of a policy requires the auditor to look at the policy from the viewpoint of those who will interpreting its meaning. A well intentioned policy might recommend a particular course of action, but unless specific actions are required, there is little an organization can expect the policy to actually accomplish to help the organization protect its data assets if it is misinterpreted.

The chapter suggests that the auditor ask questions such as: is the policy implementable, enforceable, easy to understand, based on risk, in line with business objectives, cost effective, effectively communicated and more. If these criteria are not well-defined and delineated, then the policies will exist in text only, offering little information security protection to the organization.

Jackson also writes of the need to measure how well policies are implemented as part of a security assessment. He suggested using a maturity model as a way to gauge if the organization is in its evolution towards fully integrating security into its business process or if it already has a formal integration process in place.

In chapter 8 on Perimeter Intrusion Prevention, Jackson writes that protecting a network perimeter used to be a relatively easy task. All an organization would have to do is stick a firewall on its Internet connection, lock down the unused ports and monitor activity. But in most corporate networks today, the perimeter has been significantly collapsed. If you compound that with increased connectivity, third-party access, and more; and then bring in advanced persistent threats into the equation, it is no longer a simple endeavor to protect a network.

Chapter 8 provides detailed framework on how to perform a perimeter design review and assessment. As part of the overall review, the chapter details other aspects of the assessment including the need for reviews of the logical and physical architectures, in addition to a review of the firewall. Jackson also lists a large number of security tools that can be used to during an audit.

Chapter 11 covers endpoint protection with a focus on the end-user. Jackson notes that users never cease to amaze with their abilities to disappoint by opening suspicious file attachments, running untrusted Facebook applications, and much more. The book notes that organizations today face significantly higher levels of risk from endpoint security breaches than ever before due to our highly mobile and connected workforce.

The chapter details an endpoint protection operational control review that can be used to assess the organizations processes for identifying threats and performing proactive management of endpoint devices. While the chapter is quite Cisco-centric, with references to the Cisco SIO (Security Intelligence Operations) and a number of other Cisco products, the chapter does provide a good overview of the fundamentals of endpoint protection and how to do it the right way.

Overall, Network Security Auditing is highly technical and detailed reference that makes for an excellent primary reference on the fundamental of information security. With ample amounts of checklist, coding refences, detailed diagrams and just the right amount of screen shots, Network Security Auditing makes an excellent guide that any technical member of an IT or security group should find quite informative.