SSL VPN : understanding, evaluating, and planning secure, web-based remote access /
| Основни автори: | Steinberg, Joseph., Speed, Tim. (Author) |
|---|---|
| Други автори: | Fernando, Chris. (Editor), Pande, Ashutosh. (Editor) |
| Формат: | Електронна книга |
| Език: | English |
| Публикувано: |
Birmingham, U.K. :
Packt Pub.,
℗♭2005.
|
| Издание: | 1st ed. |
| Серия: |
From technologies to solutions.
|
| Предмети: | |
| Онлайн достъп: |
http://search.ebscohost.com/login.aspx?direct=true&scope=site&db=nlebk&AN=268077 |
| Подобни документи: |
Print version::
SSL VPN. |
Съдържание:
- Cover
- Table of Contents
- Introduction
- Chapter 1: Introduction to SSL VPN
- The Internet
- Reference Models
- OSI Reference Model
- DARPA Model
- Introducing Hacker Bob
- Trapping Your Data
- Keeping Hacker Bob Out of Your Data
- VPNs
- One Computer to the Corporate Network
- Remote Office Network Connected to the Main Office
- VPN Examples
- IPsec
- SSL VPN
- IPsec Vs. SSL VPN
- Trusted Networks
- The DMZ
- SSL VPN Scenarios
- Summary
- Chapter 2: SSL VPN
- SSL VPN: A Historical Background
- Remote Access: Measuring Return-on-Investment
- So What Does SSL VPN Actually Give Me?
- Summary
- Chapter 3: How SSL VPNs Work
- Appliances Vs. Software
- The SSL Protocol
- Background
- Overview of SSL Technology
- Establishing Secure Tunnels Using SSL
- Secure Tunnels
- OSI Network Model
- Application-Level Communications
- Reverse Proxy Technology
- SSL Remote Access: Reverse Proxy Technology Plus
- Non-Web Traffic over SSL
- Establishing Network Connectivity over SSL
- Why Different Access Technologies for Web Applications
- Applets
- Remote Access to Files and Other Resources
- Internet-Enabling Internal Applications
- Remote Access Interface
- Administration Tools
- Performance
- Access from Older Web Browsers
- SSL VPN Sample Session
- Summary
- Chapter 4: SSL VPN Security
- Authentication and Authorization
- Authentication
- Single Sign On
- Authorization
- End Point Security Concerns
- The Problem: Sensitive Data in Insecure Locations
- The Solution
- The Problem: Third Party Search Tools Running on Access Devices
- The Solution
- Department of Defense (DoD) Requirements
- The Problem: Users May Neglect to Log Out
- The Solution
- The Problem: Viruses Enter Corporate Networks via the SSL VPN
- The Solution
- The Problem: Worms Enter Corporate Networks via the SSL VPN
- The Solution
- Problems of Insecure Locations
- Hackers Bridging to the Corporate Network
- The Problem: Internal Networking Information may be Leaked
- The Solution
- Trusted Endpoint
- Tiers of Access Based on Endpoint Situation
- Server-Side Security Issues
- The Problem: Firewalls and Other Security Technologies may be Undermined
- The Solution
- The Problem: Application-Level Vulnerabilities
- The Solution
- Encryption
- Patching of SSL VPN Servers
- Linux versus Windows
- Some Other SSL VPN Appliance Security Concepts
- Summary
- Chapter 5: Planning for an SSL VPN
- Determining Business Requirements
- Remote Access Paradigms
- Determining User Needs
- Selecting an Appropriate SSL VPN
- Ensuring Proper Level of Access
- Proper User Interface and Experience
- Remote Password Management
- Adherence to Security Standards
- Platform
- Determining which SSL VPN Functions to Use
- Where to Deploy the SSL VPN server
- Back Office
- DMZ
- Outside the Perimeter Firewall
- Air Gap
- Offloaded SSL
- Planning for Deployment
- User and Administrator Training
- Summary
- Chapter 6: Educating the User
- Building an Education Plan
- Education Plan: Start the Process
- Education Plan: Finalize the Plan.