Role of Identity in Secure Networking

Although there are clearly right and wrong ways to deploy security technologies, identity is less obvious. From a network designer's perspective, you must start by deciding where and what kind of identity information you must acquire. Broadly defined, there are three potential network identity paths:

  • Device to network A device authenticates to the network or another device within the network.
  • User to network A user authenticates to the network or a device within the network.
  • User to application A user authenticates directly to an application somewhere on the network.

NOTE

Local application or system authentication is not discussed here because the techniques are obvious and not directly related to secure networking.

These three methods can be combined to achieve multilayered security. For example, when using 802.1x for LAN authentication, RFC 2827 filtering, and user application authentication, some elements of all three methods are used (user to network, device to network, and user to application).

Part I. Network Security Foundations

Network Security Axioms

Security Policy and Operations Life Cycle

Secure Networking Threats

Network Security Technologies

Part II. Designing Secure Networks

Device Hardening

General Design Considerations

Network Security Platform Options and Best Deployment Practices

Common Application Design Considerations

Identity Design Considerations

IPsec VPN Design Considerations

Supporting-Technology Design Considerations

Designing Your Security System

Part III. Secure Network Designs

Edge Security Design

Campus Security Design

Teleworker Security Design

Part IV. Network Management, Case Studies, and Conclusions

Secure Network Management and Network Security Management

Case Studies

Conclusions

References

Appendix A. Glossary of Terms

Appendix B. Answers to Applied Knowledge Questions

Appendix C. Sample Security Policies

INFOSEC Acceptable Use Policy

Password Policy

Guidelines on Antivirus Process

Index



Network Security Architectures
Network Security Architectures
ISBN: 158705115X
EAN: 2147483647
Year: 2006
Pages: 249
Authors: Sean Convery

Flylib.com © 2008-2020.
If you may any questions please contact us: flylib@qtcs.net