An Expert's Guide to Total Network Security
A concise, once-over book for the security novice and expert.
- By Doug Barney
- August 01, 2004
I first became in interested in
Hardening Network Infrastructure when
Wes Noonan contacted me about doing a round up and overview of IPS devices (look
for his article in the coming months). Wes impressed me with his knowledge and
personality. Then he mentioned he had just finished a book for Roberta Bragg's
"Hardening" series, this one about overall network security.
I wanted to check out Wes' writing, but also wanted a deep look into today's
critical security issues as I've long been frustrated with this never-ending
battle against hackers. A scan at Noonan's TOC pointed out an obvious fact -
one must protect the network in many many ways and with many many layers.
In many ways, the TOC itself can be viewed as a check list. Just by skimming
these 8 pages, one can see all the areas that need protecting, and where your
organization is deficient.
But that's just the overview. What about the actual text? I am glad you asked.
Wes is a terrific and clear author. And he and his editors know their stuff.
Wes starts in the beginning with a chapter, "Do These Six Things Before
You Do Anything Else." I love the name, but, moreover, I love the attitude.
Often IT is so busy putting out fires (many security-related), that it fails
to tackle long-range, critical, strategic issues. It's good to see such strident
advice.
The first step is a careful analysis of the entire network, leaving no stone
unturned. It sounds pretty obvious, but many are intimidated by the burden and
never get around to it. The rest of the basics include setting up a firewalls,
building ACLs, disabling unnecessary features, adding anti-virus and securing
wireless networks. Hopefully this is taken care of already, but if not, get
on the stick before you even start reading chapter 2.
Next, Noonan tells you how to build a security policy which includes technical
concerns and human issues such as how to handle passwords, and what you do and
do not allow users to do.
This is all good strategic stuff and leads the reader into deeper and deeper
technical territory. Convinced of the value of security and armed with a plan,
you will most likely gobble up the remaining chapters and harding firewalls,
IPSs, routers, switches, and how to do anti-virus right.
Many books talk about how hackers operate and attack. This one focuses 100
percent on stopping them.
About the Author
Doug Barney is editorial director of Redmond Channel Partner.