Index_R

RADIUS (Remote Authentication Dial-In User Service)

as AAA mechanism, 281

authentication server, 48, 250

Cisco Secure ACS as RADIUS server, 308 “310

Cisco Secure PIX Firewalls and, 293 “295

dial-in remote access, 152

login authentication, 282 “287

switch configuration for RADIUS server, 305

WPA configuration with RADIUS/802.1x, 270 “271

realistic expectations

management, 487

users, 485

recruitment, 502 “505

background checks, 504 “505

bonding and insurance, 505 “506

employer references, 504

security clearances, 505

technical interview, 503 “504

types of candidates, 502 “503

redundancy

CheckPoint firewalls and, 66

Cisco Secure PIX Firewalls and, 64 “65

Iptables firewalls and, 66

routers, 175 “176

VPNs and, 129 “131

registry entries, removing unnecessary, 50

remote access

Cisco IDS, 81

connectivity, 7

dial-in, 151 “153

policy, 33

user and IP address restrictions and, 79 “81

VPN/remote access module, 360 “362

VPNs, 107

remote access VPN termination segment, 361 “362

remote administration

preventing, 41 “44

securing, 44 “48

VPNs and, 110 “121

WAPs and, 248 “252

Remote Authentication Dial-In User Service. See RADIUS (Remote Authentication Dial-In User Service)

reports

incident response, 527, 533 “534

Security Monitor, 97 “98

SurfControl, 221 “222

Websense, 231 “234

resources ( vendors , publications , and web sites)

accounting software, 335

application and OS security policies, 30

background checks, 505

CAs (certificate authorities), 148

client-based content filters, 207

configuration management, 332

gateway-based Internet content filters, 210

HIDS/HIPS, 76

incident reports, 528

IPsec configuration, 51

Linux systems, 151

MAC address monitors , 247

NAT Traversal, 138

network polling, 314

operating system hardening, 50

OS fingerprinting, 247

patches/updates, 449

security auditors , 399, 423

security policies, 20, 391

threats, 394 “395

VA and penetration testing, 424

Windows systems, 151

wireless analyzers, 245

responsibilities/roles

individual, 507 “508

organizational/ group , 508 “509

Reverse-Path Forwarding (RPF), 182

revision history section

incident response policy, 527

security policy, 29

RFCs

incident response policy, 525

security policy, 20

RIP (Routing Information Protocol)

authentication configuration, 177

configuring for Nortel Contivity, 132 “133

hardening, 68 “69

risk analysis

assigning value to assets and information, 490 “491

change planning and, 433 “434

data gathering, 491

goals of, 488 “489

policy, 31

presenting results of, 496

quantitative vs. qualitative, 491 “495

terminology, 493

threat ratings, 24 “25

value of protection and, 495 “496

risk management, in incident response, 520, 524

RMON, 334 “335

roles and responsibilities

individual, 507 “508

organizational/group, 508 “509

routers. See also network devices (IOS)

ACLs for traffic filtering, 182 “187

BGP and, 178 “179

black-hole routes and null routing, 181

blocking, 103 “104

CBAC and, 187 “189

EIGRP and, 178

external router configuration, 356 “357

filtering, 180 “181, 349

as firewall, 353

flood management, 189 “191

IPsec and, 191 “193

OSPF and, 178

passive interfaces, 180

policy, 33

redundancy, 175 “176

RIP and, 177

routing mechanisms, 176 “177

traffic management mechanisms, 181

unicast RPF, 182

wireless, 243

Routing Information Protocol. See RIP (Routing Information Protocol)

routing protocols, 66 “70

BGP, 70

knowing which are running, 6

OSPF, 69 “70

overview, 66 “67

RIP, 68 “69

static routes, 67 “68

VPNs and, 131 “134

RPF (Reverse-Path Forwarding), 182

RST control, TCP, 409

rules/rulesets

PureSecure, 89 “90

SurfControl, 214 “221

Websense, 223 “231