- Paperback: 608 pages
- Publisher: Syngress; 1st edition (March 1, 2004)
- Language: English
- ISBN-10: 1931836019
- ISBN-13: 978-1931836012
- Product Dimensions: 7 x 1 x 9.2 inches
- Shipping Weight: 1.7 pounds (View shipping rates and policies)
- Average Customer Review: 4.4 out of 5 stars See all reviews (10 customer reviews)
Amazon Best Sellers Rank:
#3,198,458 in Books (See Top 100 in Books)
- #34 in Books > Computers & Technology > Networking & Cloud Computing > Networks, Protocols & APIs > WAN
- #543 in Books > Computers & Technology > Networking & Cloud Computing > Intranets & Extranets
- #626 in Books > Computers & Technology > Networking & Cloud Computing > Networks, Protocols & APIs > LAN
Enter your mobile number or email address below and we'll send you a link to download the free Kindle App. Then you can start reading Kindle books on your smartphone, tablet, or computer - no Kindle device required.
To get the free app, enter your mobile phone number.
Security Sage's Guide to Hardening the Network Infrastructure 1st Edition
Use the Amazon App to scan ISBNs and compare prices.
Customers who viewed this item also viewed
From the Publisher
Iron Clad Protection for the Nuts and Bolts of Your Enterprise Network Security Sage's Guide to Hardening the Network Infrastructure provides detailed, hands-on coverage on how use network devices, protocols and design techniques to optimize the security of your Enterprise Network. Unlike most network security books (which tend to focus on the vulnerabilities of operating systems, RDBMS, groupware, and other applications), this book concentrates strictly on the nuts and bolts of networks; including routers, firewalls, Intrusion Detection Systems (IDS) and networking protocols. The book deals with perimeter and internal network segments, as well as the vulnerable infrastructure that connects the two. Short on recycled security theory and long on real examples and solutions, this book is a must have for any serious security or network professional.
Find the IP Addresses Assigned to Your Company
Your perimeter network's Internet Access Points are the only gateway for Internet attackers to enter your network. Do you know where they are?
Make Sense of Network Device Counters
Translate the raw information logged by routers, switches, and firewalls into meaningful trends.
Choose the Right Firewall
Which type, proxy or stateful inspection-is right for your organization? And which vendor's products do the job?
Learn Firewall Hacks from the Inside Out
Understand the differences between protecting against the three primary methods for attacking firewalls: information gathering, denial of service, and remote system compromise.
Configure and Maintain Routers for Optimal Security
Maintain accurate records and archives as your router's configuration and the vendor's operating system evolve.
Understand the Need for Layer 3 Switching
ISO Layer 3, the network layer, creates protocol-based connections between network devices, and switches with Layer 3 functionality now allow the multiple VLANs to communicate. Are you protected?
Protect Against Cisco HTTP and UDP vulnerabilities
Understand why an existing UDP memory leak vulnerability in the Cisco IOS, combined with an HTTP buffer overflow vulnerability, result in an extremely high success rate of exploitation.
Find and Implement the Right Intrusion Detection System for Your Network
How do attackers fool IDS systems and navigate around them? Do you know a Honeypot from a Tarpit? Your Solutions Membership Gives You Access to:
Comprehensive FAQ page that consolidates all of the key points of this book into an easy to search web page
"From the Author" Forum where the authors post timely updates and links to related sites
These Downloadable e-booklets:
Ethereal Packet Sniffing: Writing Capture and Display Filters
Cisco Security Specialist's Guide to Secure Intrusion Detection Systems: Cisco IDS Alarms and Signatures
Check Point Next Generation with Application Intelligence Security Administration: Configuring Virtual Private Networks
Security Assessment: System Information Criticality
About the Author
Steven Andrés (CISSP, CCNP, CNE, MCSE, CCSP, CCSE, INFOSEC), is the Director of Technical Operations at Foundstone, Inc., a leading information security software and services firm based in Southern California. He principally manages the infrastructure and ensures the confidentiality of sensitive client data within the Foundstone Managed Service. Steven is the co-inventor of the award-winning FS1000 Appliance, and in his role as Chief Architect, he continues to lead the development and innovation of the entire Foundstone Appliance product line. Additionally, as Manager of Product Fulfillment, Steven oversees all aspects of product licensing and electronic distribution of software and periodic threat intelligence updates to customers and worldwide partners. His other works include the best-selling Hacking Exposed: Network Security Secrets & Solutions, Fourth Edition (ISBN 0-072227-42-7) as well as a contributing author for Special Ops: Network and Host Security for!
Microsoft, Oracle and UNIX (Syngress Publishing, ISBN 1-931836-69-8). Brian Kenyon (CCNA, MCSE) is the Director of Product Services for Foundstone, Inc., a leading information security software and services firm based in Southern California. Foundstone offers a unique combination of software, hardware, professional services, and education to continuously and measurably protect an organization's most important assets from the most critical threats.
Since joining Foundstone in 2001, the company has leveraged Brian's deep domain expertise across a variety of functional areas including professional services, hardware innovation and software development. Brian is the Chief Architect of Foundstone's Security Operations Center, which monitors vulnerabilities at client sites, and has been integral in designing and developing Foundstone's cutting-edge hardware solutions, including the award-winning and highly acclaimed FS1000. Brian is also responsible for the development and expansion of the company's entire Product Service line-a key strategic growth area for the company. Brian is considered to be an industry expert on vulnerability management best practices and is frequently invited to speak and train.He is the author of the best-selling book, Special Ops: Host and Network Security for Microsoft, UNIX and Oracle (Syngress, ISBN: 1-931836-69-8). He is also a contributing author of SQL Server Security and on four of the six books in the international best-selling Hacking Exposed series.
Browse award-winning titles. See more
If you are a seller for this product, would you like to suggest updates through seller support?
Top customer reviews
I found the best strength of the book was its analysis of the various vendors offering products in this field. It's an up to date study of many key vendors. Cisco, Symantec and Novell, of course. But also much smaller entities like Tero and Net Continuum. The authors furnish an independent assessment of each company's main products.
Other chapters talk about things like routing protocols and network switching. Important certainly. But you can find this material in other networking books. If you are considering this book, go for its comparative advantage of the vendor studies
The authors also examine routing devices and protocols, network management and security, IPSec, VPNs, and security software. In addition to the internal network considerations the authors look at the items on the edge of the local network. These items include network switches and routers, including attacks and defenses by brand. They complete the book with a good discussion of internal network design including the importance of firewall selection and placement, Intrusion Detection Systems, and segmentation. Security Sage's Guide to Hardening the Network Infrastructure is highly recommended for people interested more in how to secure a network than how to hack one as well as how to test that security.
If you are a network manager who wants to learn how to secure your network, this book is for you. If you are a security engineer specialized on application security and if you want to learn more about the core networking protocols of the Internet, this book is for you too.
I especially appreciated the "Notes from the underground", "Tools and tips" and "Checklist" section available in each chapter. These alone are well worth the price of the book.
Highly recommended !
I have been searching for this book for quite some time. There are so many books (too many) telling me how to secure my web-site, my OS, my databases, etc. but this is the first book that instructs, explains and coaches us to secure the very infrastructure that allows all of these networked components to function.
This book covers a lot of ground; providing valuable information in easily-digestible chunks like 'tools & traps', and 'Notes from the Underground' that provide perspective to the pitfalls of failing to take adequate care in implementing our network infrastructures.
The writing is witty, intelligent and doesn't condescend. I would feel quite comfortable giving this to my non-technical Executive to read.
This book is money well spent! Bravo!
While directed towards the large enterprise, this book can also help the small and mid size businesses to maintain a secure network.
My only reason for 4 stars is Chapter 4 on Firewall Attacks and Defenses. The conclusions at the end of the chapter are great, but I would have placed the chapter at the end or as an appendix.
Most recent customer reviews
Every network admin should read this.
Microsoft should read this :)
Seriously, great book, w/ great info!