Product Description
Protect your network with self-regulating network security solutions that combat both internal and external threats.
- Provides an overview of the security components used to design proactive network security
- Helps network security professionals understand what the latest tools and techniques can do and how they interact
- Presents detailed information on how to use integrated management to increase security
- Includes a design guide with step-by-step implementation instructions
Self-Defending Networks: The Next Generation of Network Security helps networking professionals understand how to deploy an end-to-end, integrated network security solution. It presents a clear view of the various components that can be used throughout the network to not only monitor traffic but to allow the network itself to become more proactive in preventing and mitigating network attacks. This security primer provides unique insight into the entire range of Cisco security solutions, showing what each element is capable of doing and how all of the pieces work together to form an end-to-end Self-Defending Network. While other books tend to focus on individual security components, providing in-depth configuration guidelines for various devices and technologies, Self-Defending Networks instead presents a high-level overview of the entire range of technologies and techniques that comprise the latest thinking in proactive network security defenses. This book arms network security professionals with the latest information on the comprehensive suite of Cisco security tools and techniques. Network Admission Control, Network Infection Containment, Dynamic Attack Mitigation, DDoS Mitigation, Host Intrusion Prevention, and Integrated Security Management are all covered, providing the most complete overview of various security systems. It focuses on leveraging integrated management, rather than including a device-by-device manual to implement self-defending networks.
Self-Defending Networks: The Next Generation of Network Security
2 Responses to “Self-Defending Networks: The Next Generation of Network Security”
Cisco has been leading the industry in solutions to the security problems facing the Internet. They have built solutions such as routers and firewalls that are as advanced as any on the market from the security standpoint. Unfortunately that is not enough. The threats being faced today are changing so fast that Cisco has developed new products with the capability to provide some amount of automatic network protection in the event of an attack.
These systems monitor the incoming data stream constantly looking for general classes of problems rather than specific viruses or other malware. In today’s world the discovery of a virus is usually accomplished when a virus is spreading fast. Finding a virus at that time is too late, you could all of a sudden have several thousand infected machines in your network.
This book describes the advanced technques and systems that have been developed by Cisco to stop such attacks before they are known. It is not a large book, but covers the subject as deeply as needed to enable you to set up a self-defending network.
Rating: 5 / 5
Remember when networks used to be a thick copper cable that you had to tap to add a workstation. Each year we get further and further from a dumb network to a very smart network and this book shows you what is possible.
I liked the last line in the forward by Ullal, “the reality of securing information assets, applications, and networks.” If you have worked in the field of security you know what a hard task that is. The book says it is designed for CSOs, network engineers and architects and I agree, it does a good job of showing what might be possible with modern technology.
Let’s take a look at some of the highlights of the book. Page 13 introduces the incident control service in partnership with Trend Micro. This is to help you identify a worm running in your net and minimize its ability to spread. This first reference is fully supported in chapter 4 where they go into depth on the technology.
Page 25’s Caution is appreciated! A self-defending network stimulated by a false positive could be a bit of a problem. Kind of brings back memories of sci fi movies with robots gone amuck.
I am a lover of IDS and similar rule languages so I enjoyed the Cisco Guard filters discussion. And it was clear enough that I felt I could configure a system at least for basic rules.
The reverse path antispoofing idea is pretty neat, a packet can be dropped if a route does not exist back to the source. I suppose that could add latency, but for critical assets this could be a nice touch.
The IPS signature screen shot on page 50 is interesting on that shot and in the entire section the only action is Produce Alert, I am guessing this means the device is being operated in passive mode, essentially an IDS instead of an IPS. This section is an opportunity for improvement when the book is updated, the reader should not have to guess.
The next major discussion in the book is the HTTP inspection engine. It appears to be pretty lightweight and there is not much discussion in the book. My guess, is Cisco Press probably has a book just on that. In any case, I prefer dedicated web firewalls by companies that really focus on that over what appears to be a lightweight solution.
The summary on page 76 is not to be missed, this is where the author restates the idea of soup to nuts coverage.
Chapter 5 is my favorite though far too short, Demystifying 802.1x, while the rest of the book is neat, it reads a bit like a Cisco infomercial from time to time. This is straight up network technology. The book goes on to discuss Network Admissions Control and the Cisco Security Agent.
The bottom line: fast reading, a survey of the Cisco approach to network security with enough detail to give you a sense you know what the gadgets do. If you are still in the “I put a firewall in, what else would I need” phase, you should make a point of reading this book.
Rating: 4 / 5
Leave a Reply:
You must be logged in to post a comment.