Firewall Policies and VPN Configurations
Elsevier, Sep 28, 2006 - Computers - 550 pages
A firewall is as good as its policies and the security of its VPN connections. The latest generation of firewalls offers a dizzying array of powerful options; they key to success is to write concise policies that provide the appropriate level of access while maximizing security.
This book covers the leading firewall products: Cisco PIX, Check Point NGX, Microsoft ISA Server, Juniper’s NetScreen Firewall, and SonicWall. It describes in plain English what features can be controlled by a policy, and walks the reader through the steps for writing the policy to fit the objective. Because of their vulnerability and their complexity, VPN policies are covered in more depth with numerous tips for troubleshooting remote connections.
· The only book that focuses on creating policies that apply to multiple products.
· Included is a bonus chapter on using Ethereal, the most popular protocol analyzer, to monitor and analyze network traffic.
· Shows what features can be controlled by a policy, and walks you through the steps for writing the policy to fit the objective at hand
Other editions - View all
access control access-list administrators allows antivirus appliances application proxy attacks audit authentication bastion host Cisco Cisco PIX command connection create database default define deployed e-mail enable encryption ensure external failover Figure gateway hackers hardened hardware header Hot Cash Corporation ICMP implement inspection installed Intentionally Left Blank interface internal network Internet IP address IPSec IPtables ISA Server Juniper Networks L2TP layer Linux logical security configurations machine Microsoft NetScreen NetScreen firewall network infrastructure network security policy Nokia operating system option organization packet filter password patches PIX firewall port PPTP protocol provides public key remote access requirements risk router routing security areas SonicOS SonicWALL specific SSH tunnel SSL VPN standard switches Telnet throughput tion topology traffic updates VLANs VPN solutions VPN tunnels vulnerabilities Windows wireless