Router Security Strategies

Securing IP Network Traffic Planes

Nonfiction, Computers, Networking & Communications
Cover of the book Router Security Strategies by Gregg Schudel, David Smith, Pearson Education
View on Amazon View on AbeBooks View on Kobo View on B.Depository View on eBay View on Walmart
Author: Gregg Schudel, David Smith ISBN: 9780132796736
Publisher: Pearson Education Publication: December 29, 2007
Imprint: Cisco Press Language: English
Author: Gregg Schudel, David Smith
ISBN: 9780132796736
Publisher: Pearson Education
Publication: December 29, 2007
Imprint: Cisco Press
Language: English

Router Security Strategies: Securing IP Network Traffic Planes provides a compre-hensive approach to understand and implement IP traffic plane separation and protection on IP routers. This book details the distinct traffic planes of IP networks and the advanced techniques necessary to operationally secure them. This includes the data, control, management, and services planes that provide the infrastructure for IP networking. 

 

The first section provides a brief overview of the essential components of the Internet Protocol and IP networking. At the end of this section, you will understand the fundamental principles of defense in depth and breadth security as applied to IP traffic planes. Techniques to secure the IP data plane, IP control plane, IP management plane, and IP services plane are covered in detail in the second section.

 

The final section provides case studies from both the enterprise network and the service provider network perspectives. In this way, the individual IP traffic plane security techniques reviewed in the second section of the book are brought together to help you create an integrated, comprehensive defense in depth and breadth security architecture.

 

“Understanding and securing IP traffic planes are critical to the overall security posture of the IP infrastructure.  The techniques detailed in this book provide protection and instrumentation enabling operators to understand and defend against attacks. As the vulnerability economy continues to mature, it is critical for both vendors and network providers to collaboratively deliver these protections to the IP infrastructure.”

–Russell Smoak, Director, Technical Services, Security Intelligence Engineering, Cisco

 

Gregg Schudel, CCIE® No. 9591, joined Cisco in 2000 as a consulting system engineer supporting the U.S. service provider organization. Gregg focuses on IP core network security architectures and technology for interexchange carriers and web services providers.

 

David J. Smith, CCIE No. 1986, joined Cisco in 1995 and is a consulting system engineer supporting the service provider organization. David focuses on IP core and edge architectures including IP routing, MPLS technologies, QoS, infrastructure security, and network telemetry.

 

  • Understand the operation of IP networks and routers
  • Learn about the many threat models facing IP networks, Layer 2 Ethernet switching environments, and IPsec and MPLS VPN services
  • Learn how to segment and protect each IP traffic plane by applying defense in depth and breadth principles
  • Use security techniques such as ACLs, rate limiting, IP Options filtering, uRPF, QoS, RTBH, QPPB, and many others to protect the data plane of IP and switched Ethernet networks
  • Secure the IP control plane with rACL, CoPP, GTSM, MD5, BGP and ICMP techniques and Layer 2 switched Ethernet-specific techniques
  • Protect the IP management plane with password management, SNMP, SSH, NTP, AAA, as well as other VPN management, out-of-band management, and remote access management techniques
  • Secure the IP services plane using recoloring, IP fragmentation control, MPLS label control, and other traffic classification and process control techniques

 This security book is part of the Cisco Press® Networking Technology Series. Security titles from Cisco Press help networking professionals secure critical data and resources, prevent and mitigate network attacks, and build end-to-end self-defending networks.

 

 

View on Amazon View on AbeBooks View on Kobo View on B.Depository View on eBay View on Walmart

Router Security Strategies: Securing IP Network Traffic Planes provides a compre-hensive approach to understand and implement IP traffic plane separation and protection on IP routers. This book details the distinct traffic planes of IP networks and the advanced techniques necessary to operationally secure them. This includes the data, control, management, and services planes that provide the infrastructure for IP networking. 

 

The first section provides a brief overview of the essential components of the Internet Protocol and IP networking. At the end of this section, you will understand the fundamental principles of defense in depth and breadth security as applied to IP traffic planes. Techniques to secure the IP data plane, IP control plane, IP management plane, and IP services plane are covered in detail in the second section.

 

The final section provides case studies from both the enterprise network and the service provider network perspectives. In this way, the individual IP traffic plane security techniques reviewed in the second section of the book are brought together to help you create an integrated, comprehensive defense in depth and breadth security architecture.

 

“Understanding and securing IP traffic planes are critical to the overall security posture of the IP infrastructure.  The techniques detailed in this book provide protection and instrumentation enabling operators to understand and defend against attacks. As the vulnerability economy continues to mature, it is critical for both vendors and network providers to collaboratively deliver these protections to the IP infrastructure.”

–Russell Smoak, Director, Technical Services, Security Intelligence Engineering, Cisco

 

Gregg Schudel, CCIE® No. 9591, joined Cisco in 2000 as a consulting system engineer supporting the U.S. service provider organization. Gregg focuses on IP core network security architectures and technology for interexchange carriers and web services providers.

 

David J. Smith, CCIE No. 1986, joined Cisco in 1995 and is a consulting system engineer supporting the service provider organization. David focuses on IP core and edge architectures including IP routing, MPLS technologies, QoS, infrastructure security, and network telemetry.

 

 This security book is part of the Cisco Press® Networking Technology Series. Security titles from Cisco Press help networking professionals secure critical data and resources, prevent and mitigate network attacks, and build end-to-end self-defending networks.

 

 

More books from Pearson Education

Cover of the book Adobe Analytics with SiteCatalyst Classroom in a Book by Gregg Schudel, David Smith
Cover of the book Microsoft SQL Server 2005 Management and Administration by Gregg Schudel, David Smith
Cover of the book Adobe After Effects CC Visual Effects and Compositing Studio Techniques by Gregg Schudel, David Smith
Cover of the book The Photoshop Elements 13 Book for Digital Photographers by Gregg Schudel, David Smith
Cover of the book iOS and macOS Performance Tuning by Gregg Schudel, David Smith
Cover of the book Learning iOS Design by Gregg Schudel, David Smith
Cover of the book Learn Adobe Dreamweaver CC for Web Authoring by Gregg Schudel, David Smith
Cover of the book Visual Models for Software Requirements by Gregg Schudel, David Smith
Cover of the book Strategies for Real-Time System Specification by Gregg Schudel, David Smith
Cover of the book Canon Rebel T1i/500D: From Snapshots to Great Shots by Gregg Schudel, David Smith
Cover of the book Adobe Dreamweaver CS6 Classroom in a Book by Gregg Schudel, David Smith
Cover of the book Flash CS3 Professional for Windows and Macintosh by Gregg Schudel, David Smith
Cover of the book What Makes a Stock (Bond, Commodity) Look Good? by Gregg Schudel, David Smith
Cover of the book Algorithms in Java, Part 5 by Gregg Schudel, David Smith
Cover of the book Motivating Those You Lead by Gregg Schudel, David Smith
We use our own "cookies" and third party cookies to improve services and to see statistical information. By using this website, you agree to our Privacy Policy