Build Your Own Security Lab
Build Your Own Security Lab
Hardware and Gear
This book is designed for those who need to better understand the functionality
of security tools. Its objective is to help you learn when and how specific tools
can help you secure your network.
You may be wondering what security is. Security typically is defined by
three core concepts: confidentiality, integrity, and availability. There is also
the question as to how much security is enough. Some might say that you can
never have enough security, yet in reality it is about balancing the value of the
asset and the cost of protection. One thing that is agreed upon about security
is the value of defense in depth. Simply stated, security controls should be
built in layers. For example, renaming the administrator account is a good
idea, but so too is restricting access to the account, as well as adding complex
passwords and performing periodic audits of the log files.
Because no two networks are the same, and because they change over time,
it is impossible to come upwith a one-size-fits-all list of hardware and software
that will do the job for you. Networks serve the enterprise that owns them.
The enterprise necessarily changes over time, too. In addition, the scale of
operation impacts security considerations. If you pursue a career as a security
consultant, your goals (and inevitably your needs) will differ if you decide
to work for a large multinational corporation (and even differ depending on
the type of industry) or if your interests lie primarily with small office/home
office (SOHO) or small business. Clearly, a whole spectrum of possibilities
exists here.
This chapter provides the first step in building your own network security
lab. You will start to examine the types of hardware and gear that you can use
to build such a test environment, and then look at the operating systems you
should consider loading on your new equipment.
No comments:
Post a Comment