Applications

Application security has many of the same security considerations as host security. The most important is keeping your application up-to-date with the latest security fixes. This doesn't always mean buying the latest version of a piece of code. (In fact, sometimes it means sticking with older, stable software.) Just make sure your critical applications are still supported by the developer and that any new security issues that are uncovered will be handled in a timely manner. In addition to keeping a system up-to-date, logging and application configuration are also important.

NOTE

Hardening guides for popular applications are available all over the Internet. The following are a few samples for some more popular applications:

  • Microsoft Internet Information Server (IIS) You can find IIS-hardening guidelines on the Microsoft website: http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/tools/tools.asp.
  • Apache web server The following site provides guidelines for setting up an Apache web server: http://httpd.apache.org/docs-2.0/misc/security_tips.html.
  • Berkeley Internet Name Domain (BIND) Rob Thomas provides a secure BIND template at the following site: http://www.cymru.com/Documents/secure-bind-template.html.


Part I. Network Security Foundations

Network Security Axioms

Security Policy and Operations Life Cycle

Secure Networking Threats

Network Security Technologies

Part II. Designing Secure Networks

Device Hardening

General Design Considerations

Network Security Platform Options and Best Deployment Practices

Common Application Design Considerations

Identity Design Considerations

IPsec VPN Design Considerations

Supporting-Technology Design Considerations

Designing Your Security System

Part III. Secure Network Designs

Edge Security Design

Campus Security Design

Teleworker Security Design

Part IV. Network Management, Case Studies, and Conclusions

Secure Network Management and Network Security Management

Case Studies

Conclusions

References

Appendix A. Glossary of Terms

Appendix B. Answers to Applied Knowledge Questions

Appendix C. Sample Security Policies

INFOSEC Acceptable Use Policy

Password Policy

Guidelines on Antivirus Process

Index



Network Security Architectures
Network Security Architectures
ISBN: 158705115X
EAN: 2147483647
Year: 2006
Pages: 249
Authors: Sean Convery

Similar book on Amazon

Flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net