Firewalls (eBook)
448 Seiten
Elsevier Science (Verlag)
978-0-08-049132-5 (ISBN)
?Install and configure proxy-based and stateful-filtering firewalls
?Protect internal IP addresses with NAT and deploy a secure DNS architecture
?Develop an Internet/intranet security policy to protect your organization's systems and data
?Reduce your susceptibility to an attack by deploying firewalls, data encryption and decryption and other countermeasures"
In this book, you will gain extensive hands-on experience installing and configuring a firewall. You will also learn how to allow access to key Web services while maintaining your organization's security, as well as how to implement firewall-to-firewall virtual private networks (VPNs). You will learn how to build a firewall to protect your network; provide access to HTTP and FTP services on the Internet, and implement publicly accessible servers without compromising security. Furthermore, throughout the book, extensive hands-on examples provide you with practical experience in establishing security with firewalls. Examples include, but are not limited to: Installing and configuring Check Point FireWall-1; scanning to validate configuration using ISS Internet Scanner; configuring the firewall to support simple and complex Web services; setting up a packet filtering router; enhancing firewall configurations to support split-DNS; authenticating remote users; and protecting browsers and servers with a proxy-based firewall.*Install and configure proxy-based and stateful-filtering firewalls*Protect internal IP addresses with NAT and deploy a secure DNS architecture*Develop an Internet/intranet security policy to protect your organization's systems and data*Reduce your susceptibility to an attack by deploying firewalls, data encryption and decryption and other countermeasures
Front Cover 1
Firewalls Jumpstart for Network and Systems Administrators 4
Copyright Page 5
Contents 8
Foreword 18
Introduction 20
Acknowledgments 30
Section I: Overview of Firewall Technology 32
Chapter 1. Firewalls: What Are They? 34
1.1 Chapter objectives 34
1.2 Firewall defined 38
1.3 Why firewalls? 39
1.4 Benefits of firewalls 43
1.5 Enhanced privacy 46
1.6 Limitations of firewalls 47
1.7 Summary 50
1.8 References 52
Chapter 2. Type of Firewall Security Policy 54
2.1 Chapter objectives 54
2.2 Firewall protection 55
2.3 Firewall architectures 56
2.4 Types of firewalls 57
2.5 Issues 60
2.6 Intranet 63
2.7 Network trust relationships 64
2.8 Virtual private networks 65
2.9 Firewall administration 65
2.10 Revision/update of firewall policy 72
2.11 Examples of service-specific policies 74
2.12 Summary 79
2.13 References 79
Chapter 3. Firewall Types 80
3.1 Chapter objectives 80
3.2 Types of firewalls 81
3.3 Understanding firewall types 86
3.4 Firewall types drawbacks 86
3.5 Summary 87
3.6 References 88
Section II: Firewall Topologies 90
Chapter 4. Choosing the Right Firewall 92
4.1 Chapter objectives 92
4.2 Convergence 94
4.3 About packet inspection 103
4.4 Summary 121
Chapter 5. Defense in Depth: Firewall Topologies 124
5.1 Chapter objectives 124
5.2 Virtual private network 125
5.3 Firewall policies 128
5.4 Setting up a demilitarized zone:A VPN alternative? 131
5.5 Summary 141
Section III: Firewall Installation and Configuration 142
Chapter 6. Installation Preparation 144
6.1 Chapter objectives 144
6.2 Unbreakable walls 145
6.3 Selecting an operating system 146
6.4 Scanning for vulnerabilities 155
6.5 Summary 160
Chapter 7. Firewall Configuration 162
7.1 Chapter objectives 162
7.2 Defining firewall security objects 162
7.3 Scanning the firewall and fixing vulnerabilities 166
7.4 Identifying trusted and untrusted networks 173
7.5 Summary 176
Section IV: Supporting Outgoing Services Through Firewall Configuration 178
Chapter 8. Simple Policy Implementation 180
8.1 Chapter objectives 180
8.2 Policy configuration 181
8.3 Supporting HTTP 184
8.4 Dynamic content 187
8.5 Summary 188
Chapter 9. Complex Web Services Management 190
9.1 Chapter objectives 190
9.2 Telnet 192
9.3 FTP 192
9.4 Handling port numbers 196
9.5 Deploying Real Audio 201
9.6 Summary 203
Chapter 10. Content Filtering 206
10.1 Chapter objectives 206
10.2 Filtering out dangerous content 206
10.3 Summary 215
Section V: Secure External Services Provision 216
Chapter 11. Publicly Accessible Servers Implementation 218
11.1 Chapter objectives 218
11.2 Securing your organization’s Internet site 218
11.3 Separating your Internet site from your intranet 228
11.4 Supporting SMTP mail architectures 230
11.5 Summary 232
Chapter 12. Architecture Selection 234
12.1 Chapter objectives 234
12.2 Types of screened subnet architectures 234
12.3 Single-box architecture 244
12.4 Summary 246
Chapter 13. External Servers Protection 248
13.1 Chapter objectives 248
13.2 Siting external servers on a perimeter net 248
13.3 Deploying packet filtering to control access to your servers 256
13.4 Router packet filtering 257
13.5 Using router access control lists 258
13.6 Summary 258
Section VI: Internal IP Services Protection 260
Chapter 14. Internal IP Security Threats: Beyond the Firewall 262
14.1 Chapter objectives 262
14.2 Network threats 263
14.3 Organization risk assessment 267
14.4 Examining inside attacks 269
14.5 Handling new threats 270
14.6 Antivirus software technology: Beyond the firewall 271
14.7 Summary 278
14.8 References 278
Chapter 15. Network Address Translation Deployment 280
15.1 Chapter objectives 280
15.2 Person-to-person communication 280
15.3 Internet protocol telephony 281
15.4 Routers, firewalls, and NATs 282
15.5 Handling SIP 282
15.6 Firewall traversal/SIP NAT 283
15.7 Employing a Linux-based SOHO firewall solution with NAT technology 284
15.8 Summary 298
15.9 References 299
Section VII: Firewall Remote Access Configuration 300
Chapter 16. Privacy and Authentication Technology 302
16.1 Chapter objectives 302
16.2 Selecting cryptographic algorithms through encryption 304
16.3 Key management 306
16.4 Auditing, authentication, and authorization 307
16.5 High availability and load balancing 309
16.6 Transport and network 309
16.7 Encryption of multiple columns: database considerations 310
16.8 Summary 313
16.9 References 314
Chapter 17. Tunneling: Firewall-to-Firewall 316
17.1 Chapter objectives 316
17.2 Increasing risk on extranets and intranets 317
17.3 Openness with protection of firewall tunneling and Internet security solutions 317
17.4 Firewall tunneling and Internet security architecture technologies 318
17.5 Firewall tunneling technologies 320
17.6 Demilitarized zone focus 322
17.7 Keeping the firewall tunneling security rules up-to-date through enterprise intranets 323
17.8 Summary 324
17.9 References 326
Section VIII: Firewall Management 328
Chapter 18. Auditing and Logging 330
18.1 Chapter objectives 330
18.2 Auditing your firewall 330
18.3 Logging 333
18.4 Summary 339
18.5 References 340
Chapter 19. Firewall Administration 342
19.1 Chapter objectives 342
19.2 System administration 343
19.3 Managing your firewall remotely 343
19.4 Maintenance of a firewall 348
19.5 Managing firewall security 352
19.6 Summary 357
19.7 References 358
Chapter 20. Summary, Conclusions, and Recommendations 360
20.1 Chapter objectives 360
20.2 Summary 361
20.3 Conclusions 362
20.4 Recommendations 363
20.5 References 370
Section IX: Appendixes 372
A. Contributors of Firewall Software 374
B. Worldwide Survey of Firewall Products 380
C. Firewall Companies 384
D. Commercial Products or Consultants Who Sell or Service Firewalls 388
E. Establishing Your Organization’s Security 394
F. Network Interconnections: A Major Point of Vulnerability 398
G. Deterring Masqueraders and Ensuring Authenticity 402
H. Preventing Eavesdropping to Protect Your Privacy 412
I. Thwarting Counterfeiters and Forgery to Retain Integrity Through a Reverse Firewall 416
J. Avoiding Disruption of Service to Maintain Availability 422
K. Developing Your Firewall Security Policy 424
Glossary 428
Index 438
| Erscheint lt. Verlag | 21.12.2004 |
|---|---|
| Sprache | englisch |
| Themenwelt | Sachbuch/Ratgeber |
| Mathematik / Informatik ► Informatik ► Grafik / Design | |
| Informatik ► Netzwerke ► Sicherheit / Firewall | |
| ISBN-10 | 0-08-049132-4 / 0080491324 |
| ISBN-13 | 978-0-08-049132-5 / 9780080491325 |
| Informationen gemäß Produktsicherheitsverordnung (GPSR) | |
| Haben Sie eine Frage zum Produkt? |
PDF (Adobe DRM)Kopierschutz: Adobe-DRM
Adobe-DRM ist ein Kopierschutz, der das eBook vor Mißbrauch schützen soll. Dabei wird das eBook bereits beim Download auf Ihre persönliche Adobe-ID autorisiert. Lesen können Sie das eBook dann nur auf den Geräten, welche ebenfalls auf Ihre Adobe-ID registriert sind.
Details zum Adobe-DRM
Dateiformat: PDF (Portable Document Format)
Mit einem festen Seitenlayout eignet sich die PDF besonders für Fachbücher mit Spalten, Tabellen und Abbildungen. Eine PDF kann auf fast allen Geräten angezeigt werden, ist aber für kleine Displays (Smartphone, eReader) nur eingeschränkt geeignet.
Systemvoraussetzungen:
PC/Mac: Mit einem PC oder Mac können Sie dieses eBook lesen. Sie benötigen eine
eReader: Dieses eBook kann mit (fast) allen eBook-Readern gelesen werden. Mit dem amazon-Kindle ist es aber nicht kompatibel.
Smartphone/Tablet: Egal ob Apple oder Android, dieses eBook können Sie lesen. Sie benötigen eine
Geräteliste und zusätzliche Hinweise
Buying eBooks from abroad
For tax law reasons we can sell eBooks just within Germany and Switzerland. Regrettably we cannot fulfill eBook-orders from other countries.
aus dem Bereich
