SSL Remote Access VPNs Network Security

Understand remote access VPN technologies, such as Point-to-Point Tunneling Protocol (PPTP), Internet Protocol Security (IPsec), Layer 2 Forwarding (L2F), Layer 2 Tunneling (L2TP) over IPsec, and SSL VPN Learn about the building blocks of ...

SSL Remote Access VPNs  Network Security

SSL Remote Access VPNs An introduction to designing and configuring SSL virtual private networks Jazib Frahim, CCIE® No. 5459 Qiang Huang, CCIE No. 4937 Cisco® SSL VPN solutions (formerly known as Cisco WebVPN solutions) give you a flexible and secure way to extend networking resources to virtually any remote user with access to the Internet and a web browser. Remote access based on SSL VPN delivers secure access to network resources by establishing an encrypted tunnel across the Internet using a broadband (cable or DSL) or ISP dialup connection. SSL Remote Access VPNs provides you with a basic working knowledge of SSL virtual private networks on Cisco SSL VPN-capable devices. Design guidance is provided to assist you in implementing SSL VPN in existing network infrastructures. This includes examining existing hardware and software to determine whether they are SSL VPN capable, providing design recommendations, and guiding you on setting up the Cisco SSL VPN devices. Common deployment scenarios are covered to assist you in deploying an SSL VPN in your network. SSL Remote Access VPNs gives you everything you need to know to understand, design, install, configure, and troubleshoot all the components that make up an effective, secure SSL VPN solution. Jazib Frahim, CCIE® No. 5459, is currently working as a technical leader in the Worldwide Security Services Practice of the Cisco Advanced Services for Network Security. He is responsible for guiding customers in the design and implementation of their networks, with a focus on network security. He holds two CCIEs, one in routing and switching and the other in security. Qiang Huang, CCIE No. 4937, is a product manager in the Cisco Campus Switch System Technology Group, focusing on driving the security and intelligent services roadmap for market-leading modular Ethernet switching platforms. During his time at Cisco, Qiang has played an important role in a number of technology groups, including the Cisco TAC security and VPN team, where he was responsible for trouble-shooting complicated customer deployments in security and VPN solutions. Qiang has extensive knowledge of security and VPN technologies and experience in real-life customer deployments. Qiang holds CCIE certifications in routing and switching, security, and ISP Dial. Understand remote access VPN technologies, such as Point-to-Point Tunneling Protocol (PPTP), Internet Protocol Security (IPsec), Layer 2 Forwarding (L2F), Layer 2 Tunneling (L2TP) over IPsec, and SSL VPN Learn about the building blocks of SSL VPN, including cryptographic algorithms and SSL and Transport Layer Security (TLS) Evaluate common design best practices for planning and designing an SSL VPN solution Gain insight into SSL VPN functionality on Cisco Adaptive Security Appliance (ASA) and Cisco IOS® routers Install and configure SSL VPNs on Cisco ASA and Cisco IOS routers Manage your SSL VPN deployment using Cisco Security Manager This security book is part of the Cisco Press® Networking Technology Series. Security titles from Cisco Press help networking professionals secure critical data and resources, prevent and mitigate network attacks, and build end-to-end self-defending networks. Category: Networking: Security Covers: SSL VPNs

Network Security Firewalls and VPNs

SSL-based VPNs also enable remote-access connectivity from almost any
Internetenabled location using a Web browser and its native SSL encryption. It
does not require any special-purpose client software to be pre-installed on the
system.

Network Security  Firewalls and VPNs

PART OF THE NEW JONES & BARTLETT LEARNING INFORMATION SYSTEMS SECURITY & ASSURANCE SERIES Fully revised and updated with the latest data from the field, Network Security, Firewalls, and VPNs, Second Edition provides a unique, in-depth look at the major business challenges and threats that are introduced when an organization s network is connected to the public Internet. Written by an industry expert, this book provides a comprehensive explanation of network security basics, including how hackers access online networks and the use of Firewalls and VPNs to provide security countermeasures. Using examples and exercises, this book incorporates hands-on activities to prepare the reader to disarm threats and prepare for emerging technologies and future attacks. Key Features: -Introduces the basics of network security exploring the details of firewall security and how VPNs operate -Illustrates how to plan proper network security to combat hackers and outside threats -Discusses firewall configuration and deployment and managing firewall security -Identifies how to secure local and internet communications with a VPN Instructor Materials for Network Security, Firewalls, VPNs include: PowerPoint Lecture Slides Exam Questions Case Scenarios/Handouts About the Series This book is part of the Information Systems Security and Assurance Series from Jones and Bartlett Learning. Designed for courses and curriculums in IT Security, Cybersecurity, Information Assurance, and Information Systems Security, this series features a comprehensive, consistent treatment of the most current thinking and trends in this critical subject area. These titles deliver fundamental information-security principles packed with real-world applications and examples. Authored by Certified Information Systems Security Professionals (CISSPs), they deliver comprehensive information on all aspects of information security. Reviewed word for word by leading technical experts in the field, these books are not just current, but forward-thinking putting you in the position to solve the cybersecurity challenges not just of today, but of tomorrow, as well."

Network Security First step

Customized User Access SSL VPNs offer granular access policies to define what
network resources a user has ... make SSL VPNs a compelling choice for
reducing remote-access VPN operations costs and extending network access to
 ...

Network Security First step

Learn about network security, including the threats and the ways a network is protected from them. The book also covers firewalls, viruses and virtual private networks.

Network Security Firewalls and VPNs

SSL-based VPNs also enable remote-access connectivity from almost any
Internetenabled location using a Web browser and its native SSL encryption. It
does not require any special-purpose client software to be pre-installed on the
system.

Network Security  Firewalls  and VPNs

Network Security Fire walls, and VPNs provides a unique, in-depth look at the major business challenges and threats that are introduced when an organization's network is connected to the public Internet. Written by an industry expert, this book provides a comprehensive explanation of network security basics, including how hackers access online networks and the use of Firewalls and VPNs to provide security countermeasures. Using examples and exercises, this book incorporates hands-on activities to prepare the reader to disarm threats and prepare for emerging technologies and future attacks. Key Features -Introduces the basics of network securityùexploring the details of firewall security and how VPNs operate -Illustrates how to plan proper network security to combat hackers and outside threats -Discusses firewall configuration and deployment and managing firewall security -Identifies how to secure local and Internet communications with a VPN About The Series The Jones & Bartlett Learning: Information Systems Security & Assurance Series delivers fundamental IT security principles packed with real-world applications and examples for IT Security, Cyber-Security, Information Assurance, and Information Systems Security programs. Authored by Certified Information Systems Security Professionals (CISSPs), and reviewed by leading technical experts in the field, these books are current, forward-thinking resources that enable readers to solve the cyber-security challenges of today and tomorrow.

CCNP Security VPN 642 648 Official Cert Guide

Configuration > Remote Access VPN > Clientless SSL VPN Access > Dynamic
Access Policies b. Configuration > Remote Access VPN > Network (Client)
Access > Dynamic Access Policies c. Configuration > Remote Access VPN >
Clientless ...

CCNP Security VPN 642 648 Official Cert Guide

The official study guide helps you master all the topics on the CCNP Security VPN exam, including Configuring policies, inheritance, and attributes · AnyConnect Remote Access VPN solutions · AAA and Dynamic Access Policies (DAP) · High availability and performance · Clientless VPN solutions · SSL VPN with Cisco Secure Desktop · Easy VPN solutions · IPsec VPN clients and site-to-site VPNs The CD-ROM contains a free, complete practice exam. Includes Exclusive Offer for 70% Off Premium Edition eBook and Practice Test Pearson IT Certification Practice Test minimum system requirements: Windows XP (SP3), Windows Vista (SP2), or Windows 7; Microsoft .NET Framework 4.0 Client; Pentium class 1GHz processor (or equivalent); 512 MB RAM; 650 MB disc space plus 50 MB for each downloaded practice exam This volume is part of the Official Cert Guide Series from Cisco Press. Books in this series provide officially developed exam preparation materials that offer assessment, review, and practice to help Cisco Career Certification candidates identify weaknesses, concentrate their study efforts, and enhance their confidence as exam day nears. CCNP Security VPN 642-648 Official Cert Guide is a best of breed Cisco exam study guide that focuses specifically on the objectives for the CCNP Security VPN exam. Cisco Certified Internetwork Expert (CCIE) Howard Hooper shares preparation hints and test-taking tips, helping you identify areas of weakness and improve both your conceptual knowledge and hands-on skills. Material is presented in a concise manner, focusing on increasing your understanding and retention of exam topics. CCNP Security VPN 642-648 Official Cert Guide presents you with an organized test-preparation routine through the use of proven series elements and techniques. “Do I Know This Already?” quizzes open each chapter and enable you to decide how much time you need to spend on each section. Exam topic lists make referencing easy. Chapter-ending Exam Preparation Tasks help you drill on key concepts you must know thoroughly. The companion CD-ROM contains a powerful testing engine that enables you to focus on individual topic areas or take a complete, timed exam. The assessment engine also tracks your performance and provides feedback on a module-by-module basis, laying out a complete assessment of your knowledge to help you focus your study where it is needed most. Well-regarded for its level of detail, assessment features, and challenging review questions and exercises, this official study guide helps you master the concepts and techniques that will enable you to succeed on the exam the first time. CCNP Security VPN 642-648 Official Cert Guide is part of a recommended learning path from Cisco that includes simulation and hands-on training from authorized Cisco Learning Partners and self-study products from Cisco Press. To find out more about instructor-led training, e-learning, and hands-on instruction offered by authorized Cisco Learning Partners worldwide, please visit www.cisco.com/go/authorizedtraining.

Ssl Vpn

A comprehensive overview of SSL VPN technologies and design strategies.

Ssl Vpn

A comprehensive overview of SSL VPN technologies and design strategies.

Virtual Private Networks

Please note that the content of this book primarily consists of articles available from Wikipedia or other free sources online.

Virtual Private Networks

Please note that the content of this book primarily consists of articles available from Wikipedia or other free sources online. Pages: 31. Chapters: AEP Netilla Secure Remote Access SSL VPN, Darknet (file sharing), Decentralized network 42, DirectAccess, Gbridge, Hamachi (software), IP-VPN Lite, Ipredator, KAME project, Kerio Control, Layer 2 Tunneling Protocol, Network Extrusion, Openswan, OpenVPN, SoftEther Corporation, StrongSwan, Threenix, Virtual file server, Virtual private network, Vyatta, WinGate, Wippien, Zeroshell. Excerpt: A virtual private network (VPN) extends a private network across public networks like the Internet. It enables a host computer to send and receive data across shared or public networks as if they were an integral part of the private network with all the functionality, security and management policies of the private network. This is done by establishing a virtual point-to-point connection through the use of dedicated connections, encryption, or a combination of the two. The VPN connection across the Internet is technically a wide area network (WAN) link between the sites. From a user perspective, the extended network resources are accessed in the same way as resources available from the private network-hence the name "virtual private network." Early data networks allowed VPN-style remote connectivity through dial-up modems or through leased line connections utilizing Frame Relay and Asynchronous Transfer Mode (ATM) virtual circuits, provisioned through a network owned and operated by telecommunication carriers such as AT&T or Verizon. These networks are not considered true VPNs because they passively secure the data being transmitted by the creation of logical data streams. They have given way to VPNs based on IP and IP/Multiprotocol Label Switching Networks (MPLS), due to significant cost-reductions and increased bandwidth provided by new technologies such as Digital Subscriber Line (DSL) and fiber-optic networks. VPNs can be...

Comparing Designing and Deploying VPNs

3 4 5 6 7 8 9 10 access VPNs (using a web browser) provide only a subset of the
functionality provided by IPsec or L2TP/IPsec; ... large number of remote access
users; little or no configuration is required on firewalls to provide transit for SSL
remote access VPN traffic; one major ... being introduced into a corporate
network (some of these vulnerabilities can be addressed using the Cisco Secure
Desktop).

Comparing  Designing  and Deploying VPNs

A detailed guide for deploying PPTP, L2TPv2, L2TPv3, MPLS Layer-3, AToM, VPLS and IPSec virtual private networks.

Information Security Applications

Remote Access VPN with Port Protection Function by Mobile Codes Yoshiaki
Shiraishi1, Youji Fukuta2, and Masakatu ... Concern about SSL VPN technology
as a class of VPNs has been growing recently because a key advantage of SSL ...

Information Security Applications

This book constitutes the thoroughly refereed post-proceedings of the 4th International Workshop on Information Security Applications, WISA 2003, held on Jeju Island, Korea, in August 2003. The 36 revised full papers were carefully reviewed and selected from 200 submissions. The papers are organized in topical sections on network security, mobile security; intrusion detection; Internet security; secure software, hardware, and systems; e-commerce security; digital rights management; biometrics and human interfaces; public key cryptography and key management; and applied cryptography.

Juniper r Networks Secure Access SSL VPN Configuration Guide

Whether it be by regulation, corporate security policy, or just administrative
preference to not allow unprotected access to corporate ... This allows you, the
administrator, to grant remote access to corporate resources with the knowledge
that the ...

Juniper r  Networks Secure Access SSL VPN Configuration Guide

Juniper Networks Secure Access SSL VPN appliances provide a complete range of remote access appliances for the smallest companies up to the largest service providers. As a system administrator or security professional, this comprehensive configuration guide will allow you to configure these appliances to allow remote and mobile access for employees. If you manage and secure a larger enterprise, this book will help you to provide remote and/or extranet access, for employees, partners, and customers from a single platform. Complete coverage of the Juniper Networks Secure Access SSL VPN line including the 700, 2000, 4000, 6000, and 6000 SP. Learn to scale your appliances to meet the demands of remote workers and offices. Use the NEW coordinated threat control with Juniper Networks IDP to manage the security of your entire enterprise.

Practical Internet Security

COMMUNICATIONS. WITH. SSL. VPNS. INTRODUCTION. Over the years the
trend toward utilizing virtual private networks (VPNs) and the Internet for remote
access connectivity has grown dramatically – and shows no sign of slowing down
.

Practical Internet Security

As organizations today are linking their systems across enterprise-wide networks and VPNs as well as increasing their exposure to customers, competitors, browsers and hackers on the Internet, it becomes increasingly imperative for Web professionals to be trained in techniques for effectively protecting their sites from internal and external threats. Each connection magnifies the vulnerability to attack. With the increased connectivity to the Internet and the wide availability of automated cracking tools, organizations can no longer simply rely on operating system security to protect their valuable corporate data. Furthermore, the exploding use of Web technologies for corporate intranets and Internet sites has escalated security risks to corporate data and information systems. Practical Internet Security reveals how the Internet is paving the way for secure communications within organizations and on the public Internet. This book provides the fundamental knowledge needed to analyze risks to a system and to implement a security policy that protects information assets from potential intrusion, damage, or theft. It provides dozens of real-life scenarios and examples, as well as hands-on instruction in securing Web communications and sites. You will learn the common vulnerabilities of Web sites; as well as, how to carry out secure communications across unsecured networks. All system administrators and IT security managers will find this book an essential practical resource.

IPSec Virtual Private Network Fundamentals

... Multiprotocol Label Switching VPNs IPsec VPNs Transport Layer VPNs Secure
Socket Layer VPNs Transport Layer Security and SSL VPNs Common VPN
Deployments SitetoSite VPNs Remote Access VPNs SSL in RAVPN
Architectures ...

IPSec Virtual Private Network Fundamentals

An introduction to designing and configuring Cisco IPsec VPNs Understand the basics of the IPsec protocol and learn implementation best practices Study up-to-date IPsec design, incorporating current Cisco innovations in the security and VPN marketplace Learn how to avoid common pitfalls related to IPsec deployment Reinforce theory with case studies, configuration examples showing how IPsec maps to real-world solutions IPsec Virtual Private Network Fundamentals provides a basic working knowledge of IPsec on various Cisco routing and switching platforms. It provides the foundation necessary to understand the different components of Cisco IPsec implementation and how it can be successfully implemented in a variety of network topologies and markets (service provider, enterprise, financial, government). This book views IPsec as an emerging requirement in most major vertical markets, explaining the need for increased information authentication, confidentiality, and non-repudiation for secure transmission of confidential data. The book is written using a layered approach, starting with basic explanations of why IPsec was developed and the types of organizations relying on IPsec to secure data transmissions. It then outlines the basic IPsec/ISAKMP fundamentals that were developed to meet demand for secure data transmission. The book covers the design and implementation of IPsec VPN architectures using an array of Cisco products, starting with basic concepts and proceeding to more advanced topics including high availability solutions and public key infrastructure (PKI). Sample topology diagrams and configuration examples are provided in each chapter to reinforce the fundamentals expressed in text and to assist readers in translating concepts into practical deployment scenarios. Additionally, comprehensive case studies are incorporated throughout to map topics to real-world solutions.

Minoli Cordovana s Authoritative Computer Network Security Dictionary

Minoli Cordovana s Authoritative Computer   Network Security Dictionary

"The dictionary is written for industry executives, managers, and planners who are charged with the responsibility of protecting their organizations from random, negligent, or planned attacks on their information technology resources. It not only defines terms' use and applicability in the field of IT security. Users can therefore refer to the dictionary as a handbook and guide to provide direction and support in all critical areas of computer and network security."--Jacket.

Who is driving innovation in your business

IT solutions One centrally-managed gateway to control remote access to network
resources • Combining best of breed remote access and a choice of
authentication technology • SSL VPN delivers user-friendly secure remote access
tunnel ...

Who is driving innovation in your business


CompTIA Security SY0 401 Exam Cram

Explain Network Design Elements and Components ExamAlert Another address
range to keep in mind when designing IP ... Due to concerns about “always-on”
connections, RAS is achieved primarily through VPNs using IPsec or SSL or
other remote-access software. By using a remote-access VPN, secure access to
corporate resources can be provided using an encrypted tunnel over the Internet.

CompTIA Security  SY0 401 Exam Cram

CompTIA® Security+ Exam Cram, Fourth Edition, is the perfect study guide to help you pass CompTIA’s newly updated version of the Security+ exam. It provides coverage and practice questions for every exam topic. The book contains a set of 200 questions in two full practice exams. The CD-ROM contains the powerful Pearson IT Certification Practice Test engine that provides real-time practice and feedback with all the questions so you can simulate the exam. Covers the critical information you need to know to score higher on your Security+ exam! --Categorize types of attacks, threats, and risks to your systems --Secure devices, communications, and network infrastructure -- Troubleshoot issues related to networking components -- Effectively manage risks associated with a global business environment -- Differentiate between control methods used to secure the physical domain -- Identify solutions to secure hosts, data, and applications -- Compare techniques to mitigate risks in static environments -- Determine relevant access control, authorization, and authentication procedures -- Select appropriate mitigation techniques in response to attacks and vulnerabilities -- Apply principles of cryptography and effectively deploy related solutions --Implement security practices from both a technical and an organizational standpoint

Data Center Fundamentals

The authentication of the IKE peers is fundamental because all the successive
VPN security depends on it. For this ... Moreover, AH is incompatible with network
address translation (NAT). ... SSL. VPNs. and. IPSec. VPNs. IPSec VPNs are
currently used for remote access (transport mode) and for site-to-site connectivity
 ...

Data Center Fundamentals

Master the basics of data centers to build server farms that enhance your Web site performance Learn design guidelines that show how to deploy server farms in highly available and scalable environments Plan site performance capacity with discussions of server farm architectures and their real-life applications to determine your system needs Today's market demands that businesses have an Internet presence through which they can perform e-commerce and customer support, and establish a presence that can attract and increase their customer base. Underestimated hit ratios, compromised credit card records, perceived slow Web site access, or the infamous "Object Not Found" alerts make the difference between a successful online presence and one that is bound to fail. These challenges can be solved in part with the use of data center technology. Data centers switch traffic based on information at the Network, Transport, or Application layers. Content switches perform the "best server" selection process to direct users' requests for a specific service to a server in a server farm. The best server selection process takes into account both server load and availability, and the existence and consistency of the requested content. Data Center Fundamentals helps you understand the basic concepts behind the design and scaling of server farms using data center and content switching technologies. It addresses the principles and concepts needed to take on the most common challenges encountered during planning, implementing, and managing Internet and intranet IP-based server farms. An in-depth analysis of the data center technology with real-life scenarios make Data Center Fundamentals an ideal reference for understanding, planning, and designing Web hosting and e-commerce environments.

Deploying Microsoft Forefront Threat Management Gateway 2010

If the remote access VPN client fails to pass security checks, then it may be
offered a method of remediation. Only after the remote access VPN client passes
your security checks will it be allowed access to resources you've designated on
the corporate network. Forefront TMG ... This is made possible by encapsulating
the VPN communications in an HTTP header that is secured by SSL. Since
almost all ...

Deploying Microsoft Forefront Threat Management Gateway 2010

Get the focused, scenario-based guidance you need to plan and deploy Forefront Threat Management Gateway (TMG) as your network perimeter firewall. The evolution of Microsoft ISA Server, Forefront TMG provides multiple layers of continuously updated protections against the latest Web-based threats, including URL filtering, antimalware inspection, and intrusion prevention. Led by two members of the Microsoft Forefront team, you'll get pragmatic, inside insights into system components and capabilities; identify software, hardware, and business requirements; and step through essential planning and design considerations, including network topology, remote access, publishing rules, performance, administration, and more.

CCNA Certification All In One For Dummies

IPsec is used more for site-to-site VPNs, while SSL is better suited for remote
client access VPNs. ... (lPsec) is a suite of protocols that provides security
mitigation features at the Internet layer of the TCP/IP model (the OSI model's
network layer).

CCNA Certification All In One For Dummies

A complete preparation guide for the entry-level networking CCNA certification If you're planning to advance your career by taking the all-important Cisco Certified Network Associate (CCNA), this is the study guide you need! Seven minibooks cover all the concepts and topics on which you'll be tested, covering the latest version of the exam. Each part of the exam is covered thoroughly in its own section, so you can readily find the information you want to study. Plenty of review questions help you prepare, and the companion CD-ROM includes the highly rated Dummies Test Engine so you can test your progress with questions based on exam content. The Cisco Certified Network Associate (CCNA) is the entry-level certification for network professionals Seven minibooks in this guide cover Secure Device Manager, Virtual Private Networks, IPv6, 2960 Switches, Cisco Network Assistant, Advanced EIGRP and OSPF, and Introduction to Wireless Networks Covers the latest version of the exam, including the new voice, security and wireless components added in 2008 Packed with review questions to help you prepare Includes more security and troubleshooting information CD-ROM includes the popular Dummies Test Engine, an exclusive, fully customizable test-prep software package that features twice as many sample questions as the previous version CCNA Certification All-In-One For Dummies is the preparation guide you need to earn your CCNA certification. Note: CD-ROM/DVD and other supplementary materials are not included as part of eBook file.

Router Security Strategies

SSL VPN Services Secure Sockets Layer (SSL) VPNs are typically used to
provide secure, clientless remoteaccess connectivity to corporate networks and
assets. In contrast to IPsec, which was designed to provide secure services for IP
 ...

Router Security Strategies

Router Security Strategies: Securing IP Network Traffic Planes provides a compre-hensive approach to understand and implement IP traffic plane separation and protection on IP routers. This book details the distinct traffic planes of IP networks and the advanced techniques necessary to operationally secure them. This includes the data, control, management, and services planes that provide the infrastructure for IP networking. The first section provides a brief overview of the essential components of the Internet Protocol and IP networking. At the end of this section, you will understand the fundamental principles of defense in depth and breadth security as applied to IP traffic planes. Techniques to secure the IP data plane, IP control plane, IP management plane, and IP services plane are covered in detail in the second section. The final section provides case studies from both the enterprise network and the service provider network perspectives. In this way, the individual IP traffic plane security techniques reviewed in the second section of the book are brought together to help you create an integrated, comprehensive defense in depth and breadth security architecture. “Understanding and securing IP traffic planes are critical to the overall security posture of the IP infrastructure. The techniques detailed in this book provide protection and instrumentation enabling operators to understand and defend against attacks. As the vulnerability economy continues to mature, it is critical for both vendors and network providers to collaboratively deliver these protections to the IP infrastructure.” –Russell Smoak, Director, Technical Services, Security Intelligence Engineering, Cisco Gregg Schudel, CCIE® No. 9591, joined Cisco in 2000 as a consulting system engineer supporting the U.S. service provider organization. Gregg focuses on IP core network security architectures and technology for interexchange carriers and web services providers. David J. Smith, CCIE No. 1986, joined Cisco in 1995 and is a consulting system engineer supporting the service provider organization. David focuses on IP core and edge architectures including IP routing, MPLS technologies, QoS, infrastructure security, and network telemetry. Understand the operation of IP networks and routers Learn about the many threat models facing IP networks, Layer 2 Ethernet switching environments, and IPsec and MPLS VPN services Learn how to segment and protect each IP traffic plane by applying defense in depth and breadth principles Use security techniques such as ACLs, rate limiting, IP Options filtering, uRPF, QoS, RTBH, QPPB, and many others to protect the data plane of IP and switched Ethernet networks Secure the IP control plane with rACL, CoPP, GTSM, MD5, BGP and ICMP techniques and Layer 2 switched Ethernet-specific techniques Protect the IP management plane with password management, SNMP, SSH, NTP, AAA, as well as other VPN management, out-of-band management, and remote access management techniques Secure the IP services plane using recoloring, IP fragmentation control, MPLS label control, and other traffic classification and process control techniques This security book is part of the Cisco Press® Networking Technology Series. Security titles from Cisco Press help networking professionals secure critical data and resources, prevent and mitigate network attacks, and build end-to-end self-defending networks.