Saturday, February 4, 2012

Chapter 7

This chapter went through how to administer a secured network. It began by examining the OSI model as they relate to the various protocols used in a network such as ICMP (communicates errors up the chain), SNMP (allows remote configuration across a network), DNS (maps IP's to net addresses) and FTP (transfers files across a network), etc. Secondly, it talked about managing networks using a rule-based approach, which is something like managing through predetermined technical policies rather than creating rules and procedures on the fly, as the book mentions. The book mentions doing this for devices (configuring routers logically and installing appropriate protection software such a a flood guard, which protects against SYN storms), analyzing logs to detect patterns of traffic that are unusual, segmenting networks so as to create layers of security, disabling unused ports on devices, etc.Lastly, securing applications was covered. Virtualization simulates an operating system environment protects the host from some attacks. Server virtualization is similar, and allows an administrator to run several 'servers' from a single machine, saving operating costs and segmenting resources to prevent against attacks. Using IP telephony was discussed next. Its a convergence technology that helps enterprises administer many kinds of communication at once. Lastly, cloud computing was gone over, and how it can help to reduce costs of networking to those who use it. I personally think cloud computing is fine for some applications, but for those who wish to personally secure their data and own (for lack of a better word) their applications, it poses significant issues that make it a little less rosy than the book seems to advocate.

No comments:

Post a Comment