It’s not always possible to secure everything. Often many segments of a network connection will be out of your control, especially if you connect to the Internet in any manner (and who doesn’t nowadays?). Nonetheless, a number of technologies are available to secure the portions of a network that you do control. This part of the book discusses technologies available to harden your network against attacks.
- No amount of network hardening can compensate for a poor network design.
The tools presented in the following chapters provide security for different aspects of network communication. Firewalls and network address translation protect the entry points to a network. Virtual private networking secures data traveling between networks. Traffic shaping ensures consistent availability of high priority network resources. These tools, when used in combination, can provide great protection of network data.
- Firewalls covers devices that can restrict information traveling in and out of a network.
- NAT explains a technology that can convert Transmission Control Protocol/Internet Protocol (TCP/IP) addresses from one subnet to another.
- VPNs looks at using encryption to create a secure network connection between two systems over an insecure network.
- Traffic Shaping examines a system for controlling access to bandwidth in order to improve data security and bandwidth efficiency.
The above information is an excerpt from "Network Security Illustrated," published by McGraw-Hill and available from amazon.com, as well as your local bookstore. The book goes into much greater depth on this topic. To learn more about the book and what it covers, click here.
Below, you'll find links to online resources that supplement this portion of the book.