Appendix A. Deploying Effective Security Management

This appendix provides a short summary of security best practices for you to use when deploying the ASA/PIX Security Appliance in your network.

This appendix addresses the following topics:

• Layer 2 Best Practices Guidelines on how to mitigate network sniffing and other Layer 2 attacks in your network.

• Authentication Best Practices Guidelines on how to strengthen you authentication profile.

• Perimeter Best Practices Guidelines on how to apply access rules in your network.

• Intrusion Prevention Best Practices Guidelines on applying intrusion prevention software.

• Host Intrusion Prevention Best Practices Guidelines on effective management of host intrusion prevention.

• VPN Best Practices Guidelines for strengthening your VPN deployment.

• Event Logging Best Practices Guidelines on how to deploy event logging in your network.

Congratulations! If you have followed the steps outlined in this book, the layers of defense in depth should be effectively deployed.

This appendix highlights some of the best practices that have been discussed in previous chapters as well as some additional best practices that you can implement to improve the security posture of your network. Many of the concepts presented in this appendix are covered in detail in the white paper titled "SAFE: A Security Blueprint for Enterprise Networks" located on the Cisco website at http://www.cisco.com/go/safe.

This appendix is a summary by design. The hope is that you can go directly to any topic and immediately find best practice information for any security technology addressed in the previous chapters.