Designing Network Security, 2nd Edition

Author: Merike Kaeo
Pages: 768
Publisher: Cisco Press
ISBN: 1587051176

Introduction

Designing Network Security is a book that will teach you how to secure your corporate network infrastructure. Starting with security fundamentals, you’ll learn how to define a security policy for your enterprise and how to implement it, then finish with learning from examples of practical implementation concerning physical and network infrastructure.

About the author

Merike Kaeo is a consultant focusing primarily on security-related products and network design solutions. She has been in the networking industry more than 15 years. She was employed by Cisco Systems for 7 years, where she worked primarily on technical issues relating to router performance, network routing protocols, network design, and network security.

Inside the book

The first part of this book is dedicated to security fundamentals. First, you’ll learn the some things about cryptography, and after a few words about authentication, authorization and key management, you are ready to tackle a chapter on security technologies and another one on how these technologies are applied to real networks.

Before starting to design a security policy, you must understand what threats you are facing. If you have been keeping abreast of the threat landscape, you can skip this part and go straight to a handy chapter which will tell you where to begin when deciding on a security policy (usually, with the existing security guidelines), impress upon you the importance of assessing your assets and the risks tied to them, and make you cherish the 5 main elements of a security architecture.

A corporate security policy must define physical and logical security controls and ensure data confidentiality and integrity – as well as the integrity of the entire system. Defining policies and procedures for the staff, and developing and implementing security training for them is also something to take into consideration.

The most important part of the book is the third, where you learn how to secure your corporate infrastructure, Internet access, remote dial-in access and various kinds of networks (VPN, VoIP, wireless) by configuring routers, switches, firewalls and network access servers.

Of course, this being a Cisco book, the devices described are those manufactured by the company, but the same things apply to devices from other companies – most of them have very similar features. Lists of commands and samples of configuration processes are given, along with warnings about potentially tricky situations if you forget to do something.

Each chapter is sprinkled with notes used to point out particular issues which a lot of people are not often clear on, and end with a short summary and review questions. A couple of appendixes about prevention of industrial espionage and mitigation of DDoS attacks are a welcome addition.

Firstly published in 2004, this book has been revised and reviews of new security features and trends have been added.

Final thoughts

Designing Network Security is a formidable tome made for a specific purpose – to learn all the things you need to know when designing and implementing a corporate security policy. If you are looking for a light read that will sum up network security, this is not the book for you.