Intrusion Prevention Fundamentals


book cover
Intrusion Prevention Fundamentals
By Earl Carter, Jonathan Hogue
...............................................
Publisher: Cisco Press
Pub Date: January 18, 2006
Print ISBN-10: 1-58705-239-3
Print ISBN-13: 978-1-58705-239-2
Pages: 312
 



Table of Contents  | Index
overview

An introduction to network attack mitigation with IPS

 

  • Where did IPS come from? How has it evolved?

  • How does IPS work? What components does it have?

  • What security needs can IPS address?

  • Does IPS work with other security products? What is the "big picture"?

  • What are the best practices related to IPS?

  • How is IPS deployed, and what should be considered prior to a deployment?

 

Intrusion Prevention Fundamentals offers an introduction and in-depth overview of Intrusion Prevention Systems (IPS) technology. Using real-world scenarios and practical case studies, this book walks you through the lifecycle of an IPS projectfrom needs definition to deployment considerations. Implementation examples help you learn how IPS works, so you can make decisions about how and when to use the technology and understand what "flavors" of IPS are available. The book will answer questions like:

 

Whether you are evaluating IPS technologies or want to learn how to deploy and manage IPS in your network, this book is an invaluable resource for anyone who needs to know how IPS technology works, what problems it can or cannot solve, how it is deployed, and where it fits in the larger security marketplace.

 

  • Understand the types, triggers, and actions of IPS signatures

  • Deploy, configure, and monitor IPS activities and secure IPS communications

  • Learn the capabilities, benefits, and limitations of host IPS

  • Examine the inner workings of host IPS agents and management infrastructures

  • Enhance your network security posture by deploying network IPS features

  • Evaluate the various network IPS sensor types and management options

  • Examine real-world host and network IPS deployment scenarios

 

This book is part of the Cisco Press® Fundamentals Series. Books in this series introduce networking professionals to new networking technologies, covering network topologies, example deployment concepts, protocols, and management techniques.

 

Includes a FREE 45-Day Online Edition

 



book cover
Intrusion Prevention Fundamentals
By Earl Carter, Jonathan Hogue
...............................................
Publisher: Cisco Press
Pub Date: January 18, 2006
Print ISBN-10: 1-58705-239-3
Print ISBN-13: 978-1-58705-239-2
Pages: 312
 



Table of Contents  | Index

   Copyright
   About the Authors
   About the Technical Reviewers
   Acknowledgments
   Icons Used in This Book
    Part I:  Intrusion Prevention Overview
      Chapter 1.  Intrusion Prevention Overview
      Evolution of Computer Security Threats
      Evolution of Attack Mitigation
      IPS Capabilities
      Summary
      Chapter 2.  Signatures and Actions
      Signature Types
      Signature Triggers
      Signature Actions
      Summary
      Chapter 3.  Operational Tasks
      Deploying IPS Devices and Applications
      Configuring IPS Devices and Applications
      Monitoring IPS Activities
      Securing IPS Communications
      Summary
      Chapter 4.  Security in Depth
      Defense-in-Depth Examples
      The Security Policy
      The Future of IPS
      Summary
    Part II:  Host Intrusion Prevention
      Chapter 5.  Host Intrusion Prevention Overview
      Host Intrusion Prevention Capabilities
      Host Intrusion Prevention Benefits
      Host Intrusion Prevention Limitations
      Summary
      References in This Chapter
      Chapter 6.  HIPS Components
      Endpoint Agents
      Management Infrastructure
      Summary
    Part III:  Network Intrusion Prevention
      Chapter 7.  Network Intrusion Prevention Overview
      Network Intrusion Prevention Capabilities
      Network Intrusion Prevention Benefits
      Network Intrusion Prevention Limitations
      Hybrid IPS/IDS Systems
      Shared IDS/IPS Capabilities
      Summary
      Chapter 8.  NIPS Components
      Sensor Capabilities
      Capturing Network Traffic
      Analyzing Network Traffic
      Responding to Network Traffic
      Sensor Management and Monitoring
      Summary
    Part IV:  Deployment Solutions
      Chapter 9.  Cisco Security Agent Deployment
      Step1: Understand the Product
      Step 2: Predeployment Planning
      Step 3: Implement Management
      Step 4: Pilot
      Step 5: Tuning
      Step 6: Full Deployment
      Step 7: Finalize the Project
      Summary
      Implement Management
      Chapter 10.  Deploying Cisco Network IPS
      Step 1: Understand the Product
      Step 2: Predeployment Planning
      Step 3: Sensor Deployment
      Step 4: Tuning
      Step 5: Finalize the Project
      Summary
      Chapter 11.  Deployment Scenarios
      Large Enterprise
      Branch Office
      Medium Financial Enterprise
      Medium Educational Institution
      Small Office
      Home Office
      Summary
    Part V:  Appendix
      Appendix A.  Sample Request for Information (RFI) Questions
      Solution
      Support
      Training
      Licensing
      Network Intrusion Prevention
      Host Intrusion Prevention
   Glossary
   Index