Implementing Cisco IOS Network Security (IINS 640-554) Foundation Learning Guide

Catherine Paquet is a practitioner and a published author in the field of Internetworking, Network Security and Security Financials. Catherine has in-depth knowledge of security systems, remote access, and routing technology. She is a Cisco Certified Security Professional and a Cisco Certified Network Professional. She is also a Certified Cisco Systems Instructor and a Cisco IronPort Security Systems Instructor with Cisco's largest training partner, Global Knowledge Inc. Her most recent consulting projects include conducting security assessments, performing network designs, configuring and implementing security solutions such as firewalls, virtual private networks, web filters and intrusion prevention solutions. Recently, on the invitation of Cisco Systems, she visited 22 emerging countries as part of a book tour promoting her manuscript her latest Security book. In 2002 and 2003, Catherine volunteered with the United Nations mission in Kabul, Afghanistan, to train Afghan public servants in the area of networking. Catherine holds a Bachelor degree from the Royal Military College of St-Jean and a Masters from York University. Catherine lives in Toronto with her husband. They have two children both attending university.

Introduction xxviii

Part I Networking Security Fundamentals

Chapter 1 Network Security Concepts and Policies 1

Building Blocks of Information Security 2

Basic Security Assumptions 2

Basic Security Requirements 2

Data, Vulnerabilities, and Countermeasures 3

  Data Classification 4

  Vulnerabilities Classifications 7

  Countermeasures Classification 8

  Need for Network Security 12

  Intent Evolution 13

  Threat Evolution 14

  Trends Affecting Network Security 16

Adversaries, Methodologies, and Classes of Attack 19

  Adversaries 20

  Methodologies 21

  Threats Classification 23

  Man-in-the-Middle Attacks 32

  Overt and Covert Channels 33

  Botnets 37

  DoS and DDoS Attacks 37

Principles of Secure Network Design 39

  Defense in Depth 41

Evaluating and Managing the Risk 42

Levels of Risks 43

Risk Analysis and Management 44

  Risk Analysis 44

  Building Blocks of Risk Analysis 47

  A Lifecycle Approach to Risk Management 49

Regulatory Compliance 50

Security Policies 53

Security Policy Components 55

  Governing Policy 56

  End-User Policies 57

  Technical Policies 57

  Standards, Guidelines, and Procedures 59

  Security Policy Roles and Responsibilities 61

  Security Awareness 62

Secure Network Lifecycle Management 63

IT Governance, Risk Management, and Compliance 64

Secure Network Life Cycle 64

  Initiation Phase 65

  Acquisition and Development Phase 65

  Implementation Phase 66

  Operations and Maintenance Phase 67

  Disposition Phase 67

  Models and Frameworks 67

Network Security Posture 69

Network Security Testing 70

  Security Testing Techniques 70

  Common Testing Tools 71

Incident Response 72

Incident Management 73

  Computer Crime Investigations 74

  Laws and Ethics 75

  Liability 76

Disaster Recovery and Business Continuity Planning 77

     Business Continuity Concepts 78

Summary 79

References 79

Publications 79

Web Resources 80

Review Questions 80

Chapter 2 Security Strategy and Cisco Borderless Network 85

Borderless Networks 85

Cisco Borderless Network Security Architecture 86

Borderless End Zone 88

Borderless Internet 89

Borderless Data Center 90

Policy Management Layer 91

Borderless Network Services 91

Borderless Security Products 92

SecureX, a Context-Aware Security Approach 93

  SecureX Core Components 94