Guide to Firewalls and VPNs

Firewalls are among the best-known network security tools in use today, and their critical role in information security continues to grow. However, firewalls are most effective when backed by thoughtful security planning, well-designed security policies, and integrated support from anti-virus software, intrusion detection systems, and related tools. GUIDE TO FIREWALLS AND VPNs, THIRD EDITION explores firewalls in the context of these critical elements, providing an in-depth guide that focuses on both managerial and technical aspects of security. Coverage includes packet filtering, authentication, proxy servers, encryption, bastion hosts, virtual private networks (VPNs), log file maintenance, and intrusion detection systems. The book also features an abundant selection of realistic projects and cases incorporating cutting-edge technology and current trends, giving you a valuable opportunity to hone and apply your knowledge and skills. GUIDE TO FIREWALLS AND VPNs includes new and updated cases and projects, enhanced coverage of network security and VPNs, and information on relevant National Institute of Standards and Technology guidelines used by businesses and information technology professionals nationwide.

Table of Contents:
Introduction. Part I: INTRODUCTION TO INFORMATION SECURITY. 1. Introduction to Information Security. 2. Network Security Policies and Standards. 3. Authenticating Users. Case Projects. Part II: FIREWALLS. 4. Introduction to Firewalls. 5. Packet Filtering. 6. Firewall Configuration and Administration. 7. Working with Proxy Servers and Application-Level Firewalls. 8. Selecting and Implementing the Firewall. Part III: VPNs. 9. Encryption and Firewalls. 10. Setting Up a Virtual Private Network.

About the Author :
Michael E. Whitman, Ph.D., C.I.S.M., C.I.S.S.P., is the executive director of the Institute for Cybersecurity Workforce Development and a professor of information security at Kennesaw State University. In 2004, 2007, 2012 and 2015, under Dr. Whitman's direction, the Center for Information Security Education spearheaded K.S.U.'s successful bid for the prestigious National Center of Academic Excellence recognitions (CAE/IAE and CAE/CDE), awarded jointly by the Department of Homeland Security and the National Security Agency. Dr. Whitman is also the editor-in-chief of the Journal of Cybersecurity Education and Research and Practice and director of the Southeast Collegiate Cyber Defense Competition. Dr. Whitman is an active researcher and author in information security policy, threats, curriculum development and ethical computing. He currently teaches graduate and undergraduate courses in information security. Dr. Whitman has several information security textbooks currently in print, including "Principles of Information Security," "Principles of Incident Response and Disaster Recovery," "Management of Information Security," "Readings and Cases in the Management of Information Security, Volumes I and II, "The Hands-On Information Security Lab Manual," "The Guide to Network Security" and "The Guide to Firewalls and Network Security." He has published articles in Information Systems Research, the Communications of the ACM, the Journal of International Business Studies, Information and Management and the Journal of Computer Information Systems. Dr. Whitman is a member of the Information Systems Security Association, ISACA and the Association for Information Systems. Previously, Dr. Whitman served the U.S. Army as an armored cavalry officer with additional duties as the automated data processing system security officer (ADPSSO). Herbert Mattord, Ph.D., C.I.S.M., C.I.S.S.P., completed 24 years of IT industry experience as an application developer, database administrator, project manager and information security practitioner before joining the faculty at Kennesaw State University, where he serves as a professor of information security and assurance and cybersecurity. Dr. Mattord currently teaches graduate and undergraduate courses. He is also a senior editor of the Journal of Cybersecurity Education, Research and Practice. He and Dr. Michael Whitman have authored "Principles of Information Security," "Principles of Incident Response and Disaster Recovery," "Management of Information Security," "Readings and Cases in the Management of Information Security," "The Guide to Network Security" and "The Hands-On Information Security Lab Manual." Dr. Mattord is an active researcher, author and consultant in information security management and related topics. He has published articles in the Information Resources Management Journal, Journal of Information Security Education, the Journal of Executive Education and the International Journal of Interdisciplinary Telecommunications and Networking. Dr. Mattord is a member of the Information Systems Security Association, ISACA and the Association for Information Systems. During his career as an IT practitioner, Dr. Mattord was an adjunct professor at Kennesaw State University, Southern Polytechnic State University, Austin Community College and Texas State University: San Marcos. He was formerly the manager of corporate information technology security at Georgia-Pacific Corporation, where he acquired much of the practical knowledge found in this and his other textbooks. Andrew Green has been involved in information security for nine years, offering consulting services that focus primarily on the needs of small and medium-sized businesses. Prior to becoming a full-time information security consultant, Mr. Green worked in the health care IT field, where he developed and supported transcription interfaces for medical facilities throughout the United States. In addition to his consulting work, Mr. Green is faculty member at Kennesaw State University, where he teaches classes in information security, database management, and Web development.