Summary

This module expanded upon the idea that network security is a constant cycle of securing, monitoring, testing, and improving, centered on a security policy. This module discussed a number of methods that administrators can use to secure a network. The initialization and configuration of a Firewall IPS router was discussed and the student gained hands-on experience by configuring an IPS router through lab activities.

A series of attack guards for the PIX Security Appliance were presented next. These are special techniques that can prevent many problems that surround popular services such as e-mail and DNS. The methods of intrusion detection available to the PIX Security Appliance were also discussed, and the configuration steps were explained. When a packet must be rejected, the process is called shunning. Shunning was discussed, along with configuration examples.