Hardening Physical Security
Physical security has to be in place to secure the hardware or the software from the intruders. Security is enabled to safeguard the organization’s information from the attackers.
This chapter describes about the need for physical security, factors that affect the network security, implementing premise security, threats to networks, and the physical security breach incidents. It discusses the various methods used to physically secure networks and their elements. This chapter also describes the challenges in ensuring physical security. It provides a checklist for developing the physical security.
Firewall is a program which is placed at the network gateway server. It is responsible for the traffic to be allowed to pass, block, or refuse.
This chapter describes the multiple components of a firewall, its operations, and types. This chapter explains the rules and restrictions for establishing your Firewall. It also describes the firewall configuration strategies, architecture, multi-layer firewall protection, and deployment strategies. This chapter also discusses the advantages and disadvantages of using firewalls and lists the limitations of firewall.
Packet Filtering and Proxy Servers
Packet filtering is the process of blocking or allowing the packets at a network interface based on the source and destination addresses, ports, or protocols, and a proxy server is a server that acts as an intermediary for requests from clients seeking resources from other servers.
This chapter describes approaches to packet filtering, sequencing, prioritization, and fragmentation. It explains the types, advantages, and disadvantages of filtering and explains the types of TCP flags. This chapter also describes the role of proxy server and explains the authentication process and firewalls in Proxy Server.
Bastion Hosts and Honeypots
A bastion host acts as a gateway between the organizational internal private network and outside public network. It is placed on the unrestricted side of the demilitarized zone (DMZ) whereas a honeypot is a trap set to detect, deflect, or in some manner counteract attempts at unauthorized use of information systems.
This chapter describes the need, the basic principles and steps for building, and the requirements to setup and configure a Bastion Host. It discusses the special consideration for Unix systems and explains the Bastion Host Security Policy. This chapter also describes how to build and deploy Honeypots. It also explains how to create a Homemade Honeypot.
Wireless Network Security
Wireless Network allows connecting computer to a network using radio waves instead of wires/cables. This network can allow access to other wired networks through a device called an Access Point.
This chapter describes the types of wireless networks based on connections and geography. It discusses the components of a wireless network, access points, wireless technologies, types of wireless threats and attacks, wireless standards such as IEEE 802.11a (Wi-Fi), IEEE 802.11b (Wi-Fi), and IEEE 802.11g (Wi-Fi). This chapter also discusses about securing wireless communication, authentication, WLAN security policy development issues and provides a wireless network security checklist.