
	...part of the openlysecure.org network

This is the companion site to "Network Security Illustrated," a book published by McGraw-Hill in Oct, 2003. The book is designed to provide decision makers with essential knowledge about information security concepts and technologies. The goal of the site is to provide our readers, and the internet community in general, with a greater depth of information than the 450 printed-page limit would allow.

The organization of this site parallels that of the book. The main sections correspond to the twelve parts of the book and the introduction. Each part contains a handful of chapters. These main parts are decribed below.

We are actively collecting internet-accessible resources that provide more informformation to anyone looking to go beyond the scope of the book. Most pages have a link (near the bottom) to "Resources" -- this is where the appropriate resources for that chapter or part can be found.

A link at the bottom of most pages will take you to our discussion forums, where community visitors can discuss security concepts and issues.

News:

Bonus Chapters: We've put an additional *nine* full chapters on the site -- these were originally cut from the book due to length restrictions. Look around for these "web bonus" chapters.

Press Release: We've got a press release out that you might want to read

Feedback: Bought the book? Drop us a line and let us know if you liked it.

Site Navigation / Table of Contents

Book Introduction The introduction section of the site is a good place to start if you want to learn more about the book. It also contains the following useful information: Sample chapters A summary of Errata A summary of Frequently Asked Questions
	Managing Security Information security is a business issue that needs to be managed effectively. Good security management can provide consistent protection from compromised data and downtime. Although complete security is impossible to achieve, too little security can cost a company dearly. The appropriate amount of security is unique to every organization. The following chapters explore some of the methods and tools used to manage security.
Outsourcing Options Some businesses find it easier and more cost effective to outsource security needs. In the physical security realm, this means hiring a security agency. In the world of network security,companies provide the digital equivalent. This part looks at the types of security needs that can be outsourced, and the issues involved.
	Reserving Rights How do you secure something that you’ve already given to someone else? How do you prevent digital information from being duplicated? How do you know when something has been duplicated illegally? Maintaining control of digital rights has become one of the most controversial and complicated aspects of security. A rapidly growing industry is addressing many of these core issues. This part will explore the various problems facing digital rights control.
Determining Identity It’s not enough to have a secure connection between two machines. You also need to be sure that the person or computer you’re connected to is who it claims to be. This part discusses the pros and cons of the many available identification systems as well as ideal technology combinations.
	Preserving Privacy The dark side of authorization and identification is that it relies on information; the more the better. This information can be used to violate the privacy of those you’re trying to protect. Furthermore, hackers can more easily compromise your network via social engineering if they have access to personal or private information. Because of this, keeping personal information private is a major need for many organizations.
Connecting Networks The tools used to build and connect networks are not always secure. Some are notoriously insecure (wireless). This chapter discusses issues and solutions for securing the basic components used to build and connect networks.
	Hardening Networks It’s not always possible to secure everything. Often many segments of a network connection will be out of your control, especially if you connect to the Internet in any manner (and who doesn’t nowadays?). Nonetheless, a number of technologies are available to secure the portions of a network that you do control. This part of the book discusses technologies available to harden your network against attacks.
Storing Information Once information worth protecting is created or obtained, it needs to be stored somewhere. Different types of storage systems come with different security risks. The following chapters cover the various technologies available for securely storing information.
	Hiding Information A handful of techniques for keeping critical information away from wandering eyes are available, such as cryptography and steganography. Not only can these methods aid in privacy (if used correctly), but they also continue to protect information even if the data has been intercepted or stolen.
Accessing Information We can hide and store information, but how do we actually use it? This chapter talks about tools for remotely connecting to and/or managing information sources and services in a secure manner. Secure storage is great, but what happens when you need to access that data, or move it from one machine to another? How do you do this securely?
	Ensuring Availability For many organizations, a loss of service is just as devastating as a loss of information. The odds of service interruption or information loss decrease significantly if no single points of failure exist. Some interesting and powerful technologies exist that can keep mission-critical services available even in the face of a catastrophic disaster.
Detecting Intrusions No matter how good your defenses, eventually a hacker will break through. How will you know when this happens? How will you catch the villain red-handed? Intrusion detection technologies can help spot hackers during and after the fact. Some of the tools can even identify places a hacker might attack before anything bad happens.