Secure Network Management and Network Security Management

This chapter covers the following topics:

  • Utopian Management Goals
  • Organizational Realities
  • Protocol Capabilities
  • Tool Capabilities
  • Secure Management Design Options
  • Network Security Management Best Practices

Things which you do not hope happen more frequently than things which you do hope.

Titus Maccius Plautus, "Mostellaria," Act I, Sc. iii, l. 40, 259-184 B.C.

Anyone can hold the helm when the sea is calm.

Publilius Syrus, Maxim 358, first century B.C.

In this chapter, you will learn the ins and outs of secure network management and network security management. The first is a way to manage your network securely; the latter is a way to manage the network security elements in your network. Secure network management is a superset of network security management, and combined, the two problems represent the single hardest issue in all of network security. It is discussed near the end of the book because it spans all technologies, best practices, policies, and designs.

Without secure network management, the act of configuring, monitoring, and maintaining would, in itself, create additional security risks on your network. Without network security management, some security technologies, such as firewalls, would be significantly hampered in the value they can add, and other security technologies, such as network intrusion detection systems (NIDS), would fail to add value at all. This chapter explores the management requirements, protocol options, deployment choices, and general best practices around management in a security-sensitive network.


Although both secure network management and network security management are covered in this chapter, they aren't broken out into separate sections. Each depends on elements of the other, so the conversation will shift between the two throughout the chapter.

Part I. Network Security Foundations

Network Security Axioms

Security Policy and Operations Life Cycle

Secure Networking Threats

Network Security Technologies

Part II. Designing Secure Networks

Device Hardening

General Design Considerations

Network Security Platform Options and Best Deployment Practices

Common Application Design Considerations

Identity Design Considerations

IPsec VPN Design Considerations

Supporting-Technology Design Considerations

Designing Your Security System

Part III. Secure Network Designs

Edge Security Design

Campus Security Design

Teleworker Security Design

Part IV. Network Management, Case Studies, and Conclusions

Secure Network Management and Network Security Management

Case Studies



Appendix A. Glossary of Terms

Appendix B. Answers to Applied Knowledge Questions

Appendix C. Sample Security Policies

INFOSEC Acceptable Use Policy

Password Policy

Guidelines on Antivirus Process


Network Security Architectures
Network Security Architectures
ISBN: 158705115X
EAN: 2147483647
Year: 2006
Pages: 249
Authors: Sean Convery © 2008-2020.
If you may any questions please contact us: