Device Hardening

This chapter covers the following topics:

  • Components of a Hardening Strategy
  • Network Devices
  • NIDS
  • Host Operating Systems
  • Applications
  • Appliance-Based Network Services
  • Rogue Device Detection

At the stumbling of a horse, the fall of a tile, the slightest pin prick, let us promptly chew on this: Well, what if it were death itself? And thereupon let us stiffen and fortify ourselves.

Michel de Montaigne, That to Philosophize Is to Learn to Die, 1580

There is no security for any of us unless there is security for all.

Howard Koch, Mission to Moscow, 1943

This chapter defines basic hardening strategies for the most common elements of a security system. Entire books have been written in detail about hardening each of these elements. At a bare minimum, extensive guides are available online to augment the information described here. Because this book is focused on the network portion of security, host security receives deliberately light coverage. Just the major topics are covered, with references provided for additional information. At the end of the chapter, a discussion on rogue device detection can be found.

Part I. Network Security Foundations

Network Security Axioms

Security Policy and Operations Life Cycle

Secure Networking Threats

Network Security Technologies

Part II. Designing Secure Networks

Device Hardening

General Design Considerations

Network Security Platform Options and Best Deployment Practices

Common Application Design Considerations

Identity Design Considerations

IPsec VPN Design Considerations

Supporting-Technology Design Considerations

Designing Your Security System

Part III. Secure Network Designs

Edge Security Design

Campus Security Design

Teleworker Security Design

Part IV. Network Management, Case Studies, and Conclusions

Secure Network Management and Network Security Management

Case Studies

Conclusions

References

Appendix A. Glossary of Terms

Appendix B. Answers to Applied Knowledge Questions

Appendix C. Sample Security Policies

INFOSEC Acceptable Use Policy

Password Policy

Guidelines on Antivirus Process

Index

show all menu



Network Security Architectures
Network Security Architectures
ISBN: 158705115X
EAN: 2147483647
Year: 2006
Pages: 249
Authors: Sean Convery
Similar book on Amazon

Flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net