Free Trial

Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.

  • Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint

Chapter Summary

This chapter began with a discussion of the importance of a layered network security design. This layering of security provides a deeper level of protection for your network. You must avoid what I call “the orange syndrome,” as in the fruit, in which only a single layer of protection exists before you get to the good stuff. You do not want attackers to defeat a single security layer and get to the good stuff in your network.

This chapter looked at many technologies that you can use to provide a layered approach to security:

• Packet filtering via ACLs

• Stateful packet inspection

• Network Address Translation

• Proxies and application level protection

• Content filters

• Public key infrastructure

• AAA technologies

Separately, each of these technologies is just a single layer of protection, but combined, they provide you with several layers of protection and keep the good stuff safe.


  

You are currently reading a PREVIEW of this book.

                                                                                                                    

Get instant access to over $1 million worth of books and videos.

  

Start a Free Trial


  
  • Safari Books Online
  • Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint