Implementing NAP and NAC Security Technologies: The Complete Guide to Network Access Control微软网络接入防护与网络访问控制实现技术:网络访问控制大全指南
分類: 图书,进口原版书,计算机 Computers & Internet ,
作者: Daniel V. Hoffman著
出 版 社:
出版时间: 2008-4-1字数:版次: 1页数: 266印刷时间: 2008/04/01开本: 16开印次: 1纸张: 胶版纸I S B N : 9780470238387包装: 精装编辑推荐
作者简介
Daniel V. Hoffman has designed mobile security solutions for the largest companies in the world. His hacking and security expertise has been featured in educational curriculum, conferences, and media outlets globally. He is the author of Blackjacking: Security Threats to Blackberry Devices, PDAs, and Cell Phones in the Enterprise, also from Wiley.
内容简介
Prevent hacker exploits with this comprehensive implementation guide
You're ready to see through the misconceptions and misinformation about NAP/NAC that might come your way. Here is an excellent resource for uncovering the actual vulnerabilities and exploits that the various NAP/NAC types can address. You'll find real-world hacking scenarios, along with complete implementation guidance for the right NAP/NAC solution. This guide will help you determine what type of solution makes the most sense, based upon the most prevalent risks in your environment.
Follow the actual steps hackers take to perform specific exploits
Determine which security solutions will stop the exploits from happening
Gain a strong understanding of the various NAP/NAC terms, standards, and organizations
Learn all about the standard components of any NAP/NAC solution
Analyze a security posture, set policies for device analysis, communicate to the device, and take action
Explore NAP and NAC solutions from different vendors, including Cisco(r)NAC, Microsoft(r)NAP, Mobile NAC, and Fiberlink Mobile NAC
目录
Acknowledgments.
Introduction.
Chapter 1 Understanding Terms and Technologies.
Who Is the Trusted Computing Group?
Is There a Cisco NAC Alliance Program?
NAC-Certified Shipping Product.
Developing NAC Solutions.
Understanding Clientless and Client-Based NAC.
Clientless NAC.
Client-Based NAC.
Pre-Admission NAC.
Post-Admission NAC.
Summary.
Chapter 2 The Technical Components of NAC Solutions.
Analyzing the Security Posture.
What to Analyze?
Does Your Company Have the“Strength”?
Patch Analysis Best Practices.
How the Analysis Takes Place.
Utilizing APIs for Analysis.
Monitoring Processes.
Monitoring for Unwanted Processes and Applications.
Setting Policy for Device Analysis.
The Need for Different Analysis Policies.
Communicating the Security Posture of the Device.
Communicating with NAC/NAP-Specific Software Components.
Communicating the Security Posture to Third-Party Applications.
Communicating with Network Devices.
Cisco Trust Agent.
Understanding TCG IF-TNCCS and Microsoft IF-TNCCS-SOH.
Taking Action Based on the Security Posture.
Mobile NAC Action.
LAN-Based NAC Actions.
Remediating the Security Deficiency.
Remediation Actions.
The Reporting Mechanism.
Knowing the Current State of Devices.
Helping with Audits and Compliance Standards.
Reports Help Find the Problem.
Summary.
Chapter 3 What Are You Trying to Protect?
LAN-Based NAC.
Sedentary Desktop.
Laptops Used on and off the LAN.
Mobile-Only Laptops.
Employee-Owned Home Computers.
Unknown Devices.
PDAs and Other Devices.
Mobile NAC.
Dangers of Mobility.
Sedentary Desktop.
Laptops Used on and off the LAN.
Mobile-Only Laptops.
Employee-Owned Home Computers.
Pros.
Cons.
Unknown Devices.
PDAs and Other Devices.
Summary.
Chapter 4 Understanding the Need for LAN-Based NAC/NAP.
The Security Reasons for LAN-Based NAC.
Unintentional LAN-Based Threats.
The Pros and Cons of a Guest Network.
Pro.
Con.
The Pros and Cons of Assessing Each Device.
Pro.
Con.
……
Chapter 5 Understanding the Need for Mobile NAC.
Chapter 6 Understanding Cisco Clean Access.
Chapter 7 Understanding Cisco Network Admission Control Framework.
Chapter 8 Understanding Fiberlink Mobile NAC.
Chapter 9 Understanding Microsoft NAP Solutions.
Chapter 10 Understanding NAC and NAP in Other Products.
Appendix A Case Studies and Additional Information.
Index.