Author: Eric Vyncke Publisher: Cisco Press ISBN: 0134433602 Category : Computers Languages : en Pages : 615
Book Description
Contrary to popular belief, Ethernet switches are not inherently secure. Security vulnerabilities in Ethernet switches are multiple: from the switch implementation, to control plane protocols (Spanning Tree Protocol [STP], Cisco® Discovery Protocol [CDP], and so on) and data plane protocols, such as Address Routing Protocol (ARP) or Dynamic Host Configuration Protocol (DHCP). LAN Switch Security explains all the vulnerabilities in a network infrastructure related to Ethernet switches. Further, this book shows you how to configure a switch to prevent or to mitigate attacks based on those vulnerabilities. This book also includes a section on how to use an Ethernet switch to increase the security of a network and prevent future attacks. Divided into four parts, LAN Switch Security provides you with steps you can take to ensure the integrity of both voice and data traffic traveling over Layer 2 devices. Part I covers vulnerabilities in Layer 2 protocols and how to configure switches to prevent attacks against those vulnerabilities. Part II addresses denial-of-service (DoS) attacks on an Ethernet switch and shows how those attacks can be mitigated. Part III shows how a switch can actually augment the security of a network through the utilization of wirespeed access control list (ACL) processing and IEEE 802.1x for user authentication and authorization. Part IV examines future developments from the LinkSec working group at the IEEE. For all parts, most of the content is vendor independent and is useful for all network architects deploying Ethernet switches. After reading this book, you will have an in-depth understanding of LAN security and be prepared to plug the security holes that exist in a great number of campus networks. Use port security to protect against CAM attacks Prevent spanning-tree attacks Isolate VLANs with proper configuration techniques Protect against rogue DHCP servers Block ARP snooping Prevent IPv6 neighbor discovery and router solicitation exploitation Identify Power over Ethernet vulnerabilities Mitigate risks from HSRP and VRPP Stop information leaks with CDP, PaGP, VTP, CGMP and other Cisco ancillary protocols Understand and prevent DoS attacks against switches Enforce simple wirespeed security policies with ACLs Implement user authentication on a port base with IEEE 802.1x Use new IEEE protocols to encrypt all Ethernet frames at wirespeed. This security book is part of the Cisco Press® Networking Technology Series. Security titles from Cisco Press help networking professionals secure critical data and resources, prevent and mitigate network attacks, and build end-to-end self-defending networks.
Author: Narbik Kocharians Publisher: Pearson Education ISBN: 1587144913 Category : Computers Languages : en Pages : 846
Book Description
The second of two volumes, this is Cisco's official, complete self-study resource for the BGP, QoS, IP multicast, security, WANs, and MPLS areas of the new CCIE Routing and Switching 5.0 exam. Designed for experienced networking professionals, it covers every objective in these areas concisely and logically, with extensive teaching features designed to help retention and develop deeper insight.
Author: Narbik Kocharians Publisher: Cisco Press ISBN: 0133591069 Category : Computers Languages : en Pages : 1347
Book Description
Trust the best selling Official Cert Guide series from Cisco Press to help you learn, prepare, and practice for exam success. They are built with the objective of providing assessment, review, and practice to help ensure you are fully prepared for your certification exam. --Master Cisco CCIE R&S v5.0 exam topics, including BGP, QoS, WANs, IP multicast, security, and MPLS --Assess your knowledge with chapter-opening quizzes --Review key concepts with exam preparation tasks This is the eBook edition of the CCIE Routing and Switching v5.0 Official Cert Guide, Volume 2, Fifth Edition. This eBook does not include the companion CD-ROM with practice exam that comes with the print edition. CCIE Routing and Switching v5.0 Official Cert Guide, Volume 2, Fifth Edition from Cisco Press enables you to succeed on the exam the first time and is the only self-study resource approved by Cisco. Expert instructors Narbik Kocharians and Terry Vinson share preparation hints and test-taking tips, helping you identify areas of weakness and improve both your conceptual knowledge and hands-on skills. This second of two volumes covers IP BGP routing, quality of service (QoS), wide area networks, IP multicast, network security, and Multiprotocol Label Switching (MPLS) topics. This complete study package includes --A test-preparation routine proven to help you pass the exams --"Do I Know This Already?" quizzes, which enable you to decide how much time you need to spend on each section --Chapter-ending exercises, which help you drill on key concepts you must know thoroughly --The powerful Pearson IT Certification Practice Test software, complete with hundreds of well-reviewed, exam-realistic questions, customization options, and detailed performance reports --A final preparation chapter, which guides you through tools and resources to help you craft your review and test-taking strategies --Study plan suggestions and templates to help you organize and optimize your study time Well regarded for its level of detail, study plans, assessment features, challenging review questions and exercises, this official study guide helps you master the concepts and techniques that ensure your exam success. CCIE Routing and Switching v5.0 Official Cert Guide, Volume 2, Fifth Edition is part of a recommended learning path from Cisco that includes simulation and hands-on training from authorized Cisco Learning Partners and self-study products from Cisco Press. To find out more about instructor-led training, e-learning, and hands-on instruction offered by authorized Cisco Learning Partners worldwide, please visit www.cisco.com/go/authorizedtraining. The official study guide helps you master topics on the CCIE Routing and Switching v5.0 exams, including: --BGP operations and routing policies --QoS --WANs --IP Multicast --Device and network security and tunneling technologies --MPLS
Author: Wendell Odom Publisher: Pearson Education ISBN: 1587059800 Category : Computers Languages : en Pages : 1346
Book Description
Master CCIE Routing and Switching 4.0 blueprint exam topics Assess your knowledge with chapter-opening quizzes Review key concepts with Exam Preparation Tasks Practice with realistic exam questions on the CD-ROM CCIE Routing and Switching Certification Guide, Fourth Edition, is a best-of-breed Cisco® exam study guide that focuses specifically on the objectives for the CCIE® Routing and Switching written exam. Well-respected networking professionals Wendell Odom, Rus Healy, and Denise Donohue share preparation hints and test-taking tips, helping you identify areas of weakness and improve both your conceptual knowledge and hands-on skills. Material is presented in a concise manner, focusing on increasing your understanding and retention of exam topics. CCIE Routing and Switching Certification Guide, Fourth Edition, presents you with an organized test preparation routine through the use of proven series elements and techniques. "Do I Know This Already?" quizzes open each chapter and allow you to decide how much time you need to spend on each section. Exam topic lists make referencing easy. Chapter-ending Exam Preparation Tasks sections help drill you on key concepts you must know thoroughly. The companion CD-ROM contains a powerful testing engine that allows you to focus on individual topic areas or take complete, timed exams. The assessment engine also tracks your performance and provides feedback on a module-by-module basis, presenting question-by-question remediation to the text and laying out a complete study plan for review. Well regarded for its level of detail, assessment features, and challenging review questions and exercises, this official study guide helps you master the concepts and techniques that will enable you to succeed on the exam the first time. CCIE Routing and Switching Certification Guide, Fourth Edition, is part of a recommended learning path from Cisco that includes simulation and hands-on training from authorized Cisco Learning Partners and self-study products from Cisco Press. To find out more about instructor-led training, e-learning, and hands-on instruction offered by authorized Cisco Learning Partners worldwide, please visit www.cisco.com/go/authorizedtraining. The official study guide helps you master all the topics on the CCIE Routing and Switching written exam, including: Bridging and LAN switching IP addressing, IP services, TCP, UDP, and application protocol details Layer 3 forwarding concepts EIGRP, OSPF, and BGP routing protocols Quality of service Frame Relay MPLS IP multicast IPv6 Router and switch security Troubleshooting Companion CD-ROM The CD-ROM contains 200 practice questions for the exam. This volume is part of the Certification Guide Series from Cisco Press®. Books in this series provide officially developed exam preparation materials that offer assessment, review, and practice to help Cisco Career Certification candidates identify weaknesses, concentrate their study efforts, and enhance their confidence as exam day nears. Category: Cisco Press-Cisco Certification Covers: CCIE Routing and Switching written exam 350-001 v4.0
Author: Angus Wong Publisher: Springer Science & Business Media ISBN: 1441901663 Category : Computers Languages : en Pages : 274
Book Description
Research on Internet security over the past few decades has focused mainly on information assurance, issues of data confidentiality and integrity as explored through cryptograph algorithms, digital signature, authentication code, etc. Unlike other books on network information security, Network Infrastructure Security addresses the emerging concern with better detecting and preventing routers and other network devices from being attacked or compromised. Network Infrastructure Security bridges the gap between the study of the traffic flow of networks and the study of the actual network configuration. This book makes effective use of examples and figures to illustrate network infrastructure attacks from a theoretical point of view. The book includes conceptual examples that show how network attacks can be run, along with appropriate countermeasures and solutions.
Author: Chris Jackson Publisher: Cisco Press ISBN: 1587059428 Category : Computers Languages : en Pages : 700
Book Description
This complete new guide to auditing network security is an indispensable resource for security, network, and IT professionals, and for the consultants and technology partners who serve them. Cisco network security expert Chris Jackson begins with a thorough overview of the auditing process, including coverage of the latest regulations, compliance issues, and industry best practices. The author then demonstrates how to segment security architectures into domains and measure security effectiveness through a comprehensive systems approach. Network Security Auditing thoroughly covers the use of both commercial and open source tools to assist in auditing and validating security policy assumptions. The book also introduces leading IT governance frameworks such as COBIT, ITIL, and ISO 17799/27001, explaining their values, usages, and effective integrations with Cisco security products.
Author: J. Michael Stewart Publisher: Jones & Bartlett Publishers ISBN: 1284031683 Category : Computers Languages : en Pages : 503
Book Description
This fully revised and updated second edition provides a unique, in-depth look at the major business challenges and threats that are introduced when an organization's network is connected to the public Internet. It provides a comprehensive explanation of network security basics, including how hackers access online networks and the use of Firewalls and VPNs to provide security countermeasures. Using examples and exercises, this book incorporates hands-on activities to prepare the reader to disarm threats and prepare for emerging technologies and future attacks. Topics covered include: the basics of network security--exploring the details of firewall security and how VPNs operate; how to plan proper network security to combat hackers and outside threats; firewall configuration and deployment and managing firewall security; and how to secure local and internet communications with a VP. --
Author: Scott Hogg Publisher: Pearson Education ISBN: 1587058367 Category : Computers Languages : en Pages : 705
Book Description
IPv6 Security Protection measures for the next Internet Protocol As the world’s networks migrate to the IPv6 protocol, networking professionals need a clearer understanding of the security risks, threats, and challenges this transition presents. In IPv6 Security, two of the world’s leading Internet security practitioners review each potential security issue introduced by IPv6 networking and present today’s best solutions. IPv6 Security offers guidance for avoiding security problems prior to widespread IPv6 deployment. The book covers every component of today’s networks, identifying specific security deficiencies that occur within IPv6 environments and demonstrating how to combat them. The authors describe best practices for identifying and resolving weaknesses as you maintain a dual stack network. Then they describe the security mechanisms you need to implement as you migrate to an IPv6-only network. The authors survey the techniques hackers might use to try to breach your network, such as IPv6 network reconnaissance, address spoofing, traffic interception, denial of service, and tunnel injection. The authors also turn to Cisco® products and protection mechanisms. You learn how to use Cisco IOS® and ASA firewalls and ACLs to selectively filter IPv6 traffic. You also learn about securing hosts with Cisco Security Agent 6.0 and about securing a network with IOS routers and switches. Multiple examples are explained for Windows, Linux, FreeBSD, and Solaris hosts. The authors offer detailed examples that are consistent with today’s best practices and easy to adapt to virtually any IPv6 environment. Scott Hogg, CCIE® No. 5133, is Director of Advanced Technology Services at Global Technology Resources, Inc. (GTRI). He is responsible for setting the company’s technical direction and helping it create service offerings for emerging technologies such as IPv6. He is the Chair of the Rocky Mountain IPv6 Task Force. Eric Vyncke, Cisco Distinguished System Engineer, consults on security issues throughout Europe. He has 20 years’ experience in security and teaches security seminars as a guest professor at universities throughout Belgium. He also participates in the Internet Engineering Task Force (IETF) and has helped several organizations deploy IPv6 securely. Understand why IPv6 is already a latent threat in your IPv4-only network Plan ahead to avoid IPv6 security problems before widespread deployment Identify known areas of weakness in IPv6 security and the current state of attack tools and hacker skills Understand each high-level approach to securing IPv6 and learn when to use each Protect service provider networks, perimeters, LANs, and host/server connections Harden IPv6 network devices against attack Utilize IPsec in IPv6 environments Secure mobile IPv6 networks Secure transition mechanisms in use during the migration from IPv4 to IPv6 Monitor IPv6 security Understand the security implications of the IPv6 protocol, including issues related to ICMPv6 and the IPv6 header structure Protect your network against large-scale threats by using perimeter filtering techniques and service provider—focused security practices Understand the vulnerabilities that exist on IPv6 access networks and learn solutions for mitigating each This security book is part of the Cisco Press® Networking Technology Series. Security titles from Cisco Press help networking professionals secure critical data and resources, prevent and mitigate network attacks, and build end-to-end self-defending networks. Category: Networking: Security Covers: IPv6 Security
Author: Juha T. T. Salmelin Publisher: John Wiley & Sons ISBN: 1119943558 Category : Technology & Engineering Languages : en Pages : 409
Book Description
Comprehensive coverage of IP/MPLS/Ethernet backhaul technologies and solutions for 3GPP mobile network systems such as LTE, HSPA and GPRS Focusing on backhaul from a radio network viewpoint, Mobile Backhaul combines perspectives on mobile networks and transport network technologies, focusing on mobile backhaul specific functionalities, which are essential in building modern cost efficient packet networks for mobile systems, IP, MPLS and Carrier Ethernet. The key functions required for this process, Synchronization, Resiliency, Quality of Service and Security, are also explained. The reader benefits from a view of networking technology from a radio network viewpoint, which is specific to this application, as well from a data centre and more IT-oriented perspective. The book bridges the gap between radio and backhaul viewpoints to provide a holistic understanding. Organized into two parts, the book gives an advanced introduction to the principles of the topic before moving on to more specialized areas. Part 1 gives a network level overview, with the purpose of presenting the mobile network application, its protocols, interfaces and characteristics for the backhaul. This section also presents the key packet networking technologies that are most relevant for the radio network. Part 2 offers selected case studies in Synchronization, Resiliency, QoS and Security and gives example solutions for mobile operator owned and leased mobile backhaul cases building on the network view given in Part 1. Both radio network experts and IP networking experts will benefit from the treatment of essential material at the borderline between the radio and backhaul technologies. Key features: Unique view and coverage of both the radio network and the packet mobile backhaul Includes a view into the economic motivation for a packet based mobile backhaul and discusses scenarios of a migration to the new technology Covers 2G, 3G, HSPA, HSPA+ and LTE in radio technologies as well as MWR, Sonet/SDH, Ethernet, Carrier Ethernet, MPLS and IP in networking technologies
Author: Eric Vyncke
Author: Eric Vyncke
Author: Narbik Kocharians
Author: Narbik Kocharians
Author: Wendell Odom
Author: Angus Wong
Author: Chris Jackson
Author: J. Michael Stewart
Author: Scott Hogg
Author: Juha T. T. Salmelin