PART1 THE FOUNDATIONS OF VPNs Chapter1 Introduction to VPN Technology What Is a VPN? Components That Make Up a VPN Who Supports VPNs? The Growth of VPNs Identifying a Need for VPN The Business Need for VPNs How to Choose VPN Services Conclusion Chapter2 Network Secrity for VPNs What Is Network Security? What Can You Do to Protect Against Threats? How to Identify Attacks What Are Some Security Requirements of VPNs? Why Is Security So Important when Implementing VPNs? Implementing a Good Security Policy Is Your Organization vuinerable to Attacks? What Are Some Types of Attacks? Conclusion Chapter3 The Advatages and Disdvantages of VPN Technology VPN Benefits Cost Savings of VPNs Benefits of Network Design End-User Benefits of VPNs Benefits of a Global Reach Benefits to ISPs Competitive Advatage of VPNs Cost of VPN Technology Additional Telecommunication costs Quality of Service guarantees Service Level Agreements Conclusion Chapter4 VPN Architecture Introduction to Architecture Which Is the Best VPN for You? VPN Supplied by Network Servcie Provider Firewall-Based VPNs Black-Based VPNs router-Based VPNs Remote Access-Based VPNs Application-Applications with VPNs Software-Based VPNs Tunnel Switches for VPNs Performance Statistics/Comparisons- certification/Compliance Conclusion Chapter5 Topologies of VPNs Introduction to VPN Topology Firewall/VPN-to-Client Topology VPN/LAN-to-LAN Topology VPN/Firewall-to-Intranec/Extranet Topology VPN/ Frame of ATM Topology Hardware(Black-Box)VPN Topology VPN/NAT Topology VPN Switch Topology VPN Nested Tunnels Load Balancing and Synchronization Conclusion Chapter6 Government Restrictions on VPN Technology Introducton to the Politics of Encryption What Role Does Government Play in VPN Technology? Why Would the Government’s Policy Actions Affect VPN Security? Where Do I Get Permission to Use Strong Security? The Economic Cost of Government Intrusion Legal Status of Encryption International Impact on U.S.Government’s Encryption Policy What’s Happening Today? Conclusion PART2 THE VPN IMPLENENTATION Chapter7 The Basics Decide on a Game Plan VPN Architecture Placement Routing Problems Topology Palcement IP/NAT Addressing concerns Remote Access Issues DNS/SMTP Issues Conclusion Chapter8 Installing a VPN,Part1 Introduction to Installing a Firewall-Based VPN The Firewall-Based VPN Model Obtain and Assign IP Address Space Implementing a Good Security Policy Implementing Management Traffic Implementing SMTP and DNS Issues Implementing Authentication The Drop All Rule Implementing the VPN Rule Branch Office VPNs Remote Users’VPNs Conclusion Chapter9 Installing a VPN,Part2 Service Provider VPN Services Stand-alone VPN Services Aventail ExtraNet Center Compatible Systems-Access Servers Nortel Networks-Extranet Switch 4000 Radguard-cIPro System RedCreek-ravlin Timestep-PERMIT Enterprise VPNet-VPLink Architecture Conclusion Chapter10 Troubleshooting VPNs Introduction to Troubleshooting VPNs Remote Dial-In Users LAN-to-LAN VPN PPTP VPN LZTP VPN IPSec VPN Multihoned Firewall/VPN Conclusion Chapter11 Maintaining a VPN Introduction Redundant Links Growth in Your Organization Software Updates Onsite Technical Support Telephone Support Help Desk Support to Remote Users VPNs,Build or Buy? Compatibility Issues Monitoring Alerting Logging Event Correlation Encrption and Encapsulation Key Management Random-Number Generators Certificates Security Update Support of Major Upgrade Tunneling Protocols Management Devices Performance Quality of Service Authentication Skilled Labor conclusion PART3 THE SECURITY OF VPNs Chapter12 Cryptography What Is Cryptography? Private versus Public Key Cryptography Block Ciphers Stream Ciphers Hash Functions Message Authentication Codes Digital Timestamps Digital Signatures with Certificate Authorities Strengths of cryptographic Hash Functions Random-Number Generators Clipper Chip Which Cryptosystem Is Right for You? Cryptography Timeline Conclusion Chapter13 Encrption Private-Key Encryption Public-Key Encryption Shared Secret Key Digital Signatures Certificate Authorities(CAs) Diffie-Hellman Public-Key Algorithm RSA Public-Key Algorithm Pretty Good Privacy(PGP) Internet Security Protocol (IPSec) Encapsulating Security Payload(ESP)PFC-2406 Public Key Infrastructure(PKI) Layer 2 Forwarding Protocol(LZF) Point-to-Point Tunneling Protocol(PPTP) Layer 2 tunneling Protocol(L2TP) Simple Key Internet Protocol(SKIP) Secure Wide Area Network(S/WAN) Conclusion Chapter14 Secure Communication and Authentication Authentication Protocols Operating System Passwords S/KEY Remote Authentication Dial-In Service(RADIUS) Terminal Access Controller Access Control System(TACACS/XTACACS) Terminal Access Controller Access Control System Plus(TACACS+) Kerberos Certificates Smart Cards Hardware Tokens/PKCS#11 Lightweight Directory Access Protocol(LDAP) ACE/Server with SecurID Biometrics Secure Modems Conclusion Chapter15 VPN Operating System Vulnerabilities What Are VPN Operating System Vulnerabilities? UNIX Guidelines UNIX Operating System Vulnerabilities Windows 95 Guidelines Windows 95 Vulnerabilities Windows NT Guidelines Windows NT Vulnerabilities Novell Guidelines Conclusion Chapter16 VPN Security Attacks Introduction to VPN Attacks Cryptographic Algorithms Attacks Random-Number Generator(RNG)Attacks Government Attacks via Key Pecovery Internet Security(IPSec)Attacks Point-To-Point tunneling Protocol(PPTP)Attacks SKIP Attacks Certificate Authorities Attacks RADIUS Attacks Kerberos Attacks Pretty Good Privacy(PGP)Attacks Denial of Service(DoS)Attacks Other Attacks Conclusion Chapter17 Security Toolbelt What Is a Security Toolbelt? The Need for a Security Toolbelt RFC 2196 Site Security Handbook Security Escalation Procedures Building a Secure Site Security Tools Incident Response Centers Mailing Lists/Newsgroups Web Security Conclusion chapter18 Intrusion Detection and Security Scanning Introduction to Intrusion Detection Categories of Intrusion Systems Characteristics of a Good Intrusion Detection System Intrusion Detection/footprint Fooling an Intrusion detection System Intrusion Detection Tools Limiting Intrusion Scanners Conclusion Chapter19 Emerging Technologies for VPNs Introduction to Emerging Technologies Advances in Computing Advances in cryptographic Systems Private Doorbell Steganography What Are the New Threats? Government Regulations Wireless VPNs Conclusion Appendix A:Links and References Glossary Index
鄂公網(wǎng)安備 42010302001612號(hào) 