Summary

The main topics covered in this chapter are the following:

• Security fundamentals were discussed. Specifically, you were introduced to the security goals of confidentiality, integrity, and availability. Then, you were presented with several examples of common network threats.

• You reviewed best practice recommendations for defending against threats to network security. These recommendations included such things as user training, patching, having a security policy, having an incident response policy, testing your own network with vulnerability scanners, distracting attackers with honey pots, and blocking unwanted traffic with access control lists.

• A collection of remote-access security technologies were presented (for example, SSH, AAA, and NAC).

• Firewalls were discussed, along with firewall types, inspection types, and firewall zones.

• Virtual private networks were introduced, along with various VPN protocols. However, the primary focus was on IPsec, and you saw a detailed explanation of how an IPsec tunnel is established.

• You saw how to defend your network against well-known attacks using IDS and IPS sensors.