
The
security provided by firewalls and VPNs is only as strong as the
protocol rules and policies that you create. The concepts of
"defense-in-depth" and "least privilege" are merely holes in your
perimeter waiting to be exploited, unless you can define and maintain
protocol rules that allow only the minimum protocols required to
provide your requisite services.
This book provides fundamental information necessary to
configure firewalls and build VPNs and DMZs to survive the dangers of
today"s internet. The book includes a bonus chapter from the companion
Web site on using Ethereal to monitor and analyze network traffic.
While you may now feel overwhelmed by the countless firewalls with a
dizzying array of features, you will feel empowered by the knowledge
gained from this book. This book covers the leading firewall products.
It describes in plain English what features can be controlled by a
policy, and walks the reader through the steps for writing the policy
to fit the objective. Because of their vulnerability and their
complexity, VPN policies are covered in more depth with numerous tips
for troubleshooting remote connections. Products covered include Cisco
PIX Firewall, ISA Server 2004, Check Point NGX, Juniper"?s NetScreen
Firewalls, SonicWall, and Nokia.