Securing Storage: A Practical Guide to SAN and NAS Security (Hardcover)
Himanshu Dwivedi
- 出版商: Addison Wesley
- 出版日期: 2005-11-21
- 售價: $1,800
- 貴賓價: 9.5 折 $1,710
- 語言: 英文
- 頁數: 560
- 裝訂: Hardcover
- ISBN: 0321349954
- ISBN-13: 9780321349958
-
相關分類:
資訊安全
立即出貨(限量) (庫存=1)
買這商品的人也買了...
-
C++ Primer, 3/e 中文版$980$774 -
ASP.NET 程式設計徹底研究$590$466 -
$880Wi-Foo : The Secrets of Wireless Hacking (Paperback) -
ASP.NET 徹底研究進階技巧─高階技巧與控制項實作$650$507 -
駭客防護實戰系列─木馬防護全攻略$490$441 -
初探網路安全 (Network Security first-step)$480$432 -
Design Patterns 於 Java 語言上的實習應用, 2/e$560$437 -
新一代 ASP.NET 2.0 網站開發實戰-使用C# 以及 VB$550$495 -
最新詳解 Javascript & HTML & CSS 語法辭典(增訂新版)$490$382 -
VoIP 網路電話技術$350$298 -
Linux 系統程式實例設計 (Linux Programming by Example: The Fundamentals)$860$731 -
解決網頁設計一定會遇到的 210 個問題$480$408 -
深入淺出 Java 程式設計, 2/e (Head First Java, 2/e)$880$581 -
思科全球網路學會 CCNA 1 & 2 中文版 (Cisco Networking Academy Program CCNA 1 and 2 Companion Guide, Revised, 3/e)$880$695 -
SIP 會談啟始協議操典$680$578 -
Linux Kernel 完全剖析$750$585 -
防網路釣魚 + 側錄 + 間諜 + 詐騙 + 毒駭$480$408 -
Linux Mail Server 技術實務─架設、稽核、防毒、防垃圾信$580$493 -
Linux 嵌入式系統開發$590$466 -
CSS 功能索引式參考手冊$390$332 -
輕輕鬆鬆學會 Linux Kernel Module 及 TCP/IP 程式設計$350$315 -
軟體預先架構之美學 (Prefactoring)$580$458 -
深入淺出 Hibernate$650$507 -
SQL Server 2005 資料庫開發聖經$890$757 -
ASP.NET 2.0 深度剖析範例集$650$507
商品描述
Description
Systematically address your #1 enterprise security gap: storage
Securing Storage is an indispensable resource for every storage and security professional, and for anyone responsible for IT infrastructure, from architects and network designers to administrators.
You’ve invested heavily in securing your applications, operating systems, and network infrastructure. But you may have left one crucial set of systems unprotected: your SAN, NAS, and iSCSI storage systems. Securing Storage reveals why these systems aren’t nearly as secure as you think they are, and presents proven best practices for hardening them against more than 25 different attacks.
Securing storage is crucial to protecting intellectual property and trade secrets and complying with regulations ranging from Sarbanes-Oxley and HIPAA to Gramm-Leach-Bliley and SEC Rule 17a4. This book offers a complete blueprint for protecting all your storage systems–and all the data stored on them.
Most enterprises have failed to adequately address one crucial component of IT security: storage. The storage industry has largely failed to deliver secure solutions, and many IT professionals simply assume that security can be handled elsewhere. The result is a gaping security hole: it’s now far easier for internal attackers to compromise storage devices than to attack applications or operating systems. Now, for the first time, one of the world’s top storage security experts systematically reveals the weaknesses in SAN and NAS security–and offers robust, practical solutions.
Drawing on years of leading-edge research, renowned storage architect and security researcher Himanshu Dwivedi explains why SAN and NAS systems have become an open target for unauthorized access and data compromise–and why “security by obscurity” strategies will fail to protect storage, just as they’ve failed elsewhere. Dwivedi offers expert, step-by-step guidance for evaluating your own storage environment, designing security into it, implementing storage security best practices, and optimizing the security settings on any shared storage device. He also presents a full chapter of real-world case studies.
Coverage includes
• Recognizing vulnerabilities that arise from inadequate perimeter security
• Understanding where attacks on storage devices typically originate
• Testing storage network security and audit compliance
• Protecting against SAN attacks: WWN spoofing, name server pollution, session hijacking, zoning hopping, e-port and f-port
replication, LUN mask subversion, and more
• Protecting NAS systems against attacks on Windows CIFS and Unix/Linux NFS protocols
• Defending against iSCSI attacks, from iQN spoofing to CHAP message reflection and offline password brute forcing
• Securing individual Fibre Channel and iSCSI SANs, NAS devices, and more
Table of Contents
Preface.
Acknowledgments.
About the Author.
1. Introduction to Storage Security.
I. SAN SECURITY.
2. SANs: Fibre Channel Security.
3. SANs: LUN Masking and HBA.
4. SANs: Zone and Switch Security.
II. NAS SECURITY.
5. NAS Security.
6. NAS: CIFS Security.
7. NAS: NFS Security.
III. ISCSI SECURITY.
8. SANs: iSCSI Security.
IV. STORAGE DEFENSES.
9.Securing Fibre Channel SANs.
10. Securing NAS.
11. Securing iSCSI.
V. SAN/NAS Policies, Trends, and Case Studies.
12. Compliance, Regulations, and Storage.
13. Auditing and Securing Storage Devices.
14. Storage Security Case Studies.
Index.
商品描述(中文翻譯)
描述
《保護儲存系統》是每位儲存和安全專業人員以及負責IT基礎架構的人士的必備資源,從架構師和網絡設計師到管理員都適用。
您已經在保護應用程序、操作系統和網絡基礎架構上投入了大量資源。但是您可能忽略了一個關鍵的系統:SAN、NAS和iSCSI儲存系統。《保護儲存系統》揭示了這些系統並不像您想像的那麼安全,並提供了超過25種不同攻擊的硬化證明最佳實踐。
保護儲存系統對於保護知識產權和商業機密以及遵守從Sarbanes-Oxley和HIPAA到Gramm-Leach-Bliley和SEC Rule 17a4的各種法規至關重要。本書提供了保護所有儲存系統和其中存儲的所有數據的完整藍圖。
大多數企業未能充分解決IT安全的一個關鍵組成部分:儲存。儲存行業在提供安全解決方案方面基本上失敗了,許多IT專業人員只是假設安全問題可以在其他地方處理。結果是一個巨大的安全漏洞:內部攻擊者現在比攻擊應用程序或操作系統更容易破壞儲存設備。現在,世界頂級的儲存安全專家之一首次系統地揭示了SAN和NAS安全的弱點,並提供了堅固、實用的解決方案。
借助多年的尖端研究,著名的儲存架構師和安全研究人員Himanshu Dwivedi解釋了為什麼SAN和NAS系統已成為未經授權訪問和數據破壞的開放目標,以及為什麼“安全性通過模糊性”策略將無法保護儲存,就像在其他地方一樣失敗。Dwivedi提供了評估自己儲存環境、設計安全性、實施儲存安全最佳實踐和優化任何共享儲存設備的安全設置的專家級、逐步指導。他還提供了一整章的實際案例研究。
內容包括:
- 識別由於不足的邊界安全性而產生的漏洞
- 了解對儲存設備的攻擊通常從何處發起
- 測試儲存網絡安全性和審計合規性
- 防範SAN攻擊:WWN欺騙、名稱服務器污染、會話劫持、區域跳躍、e端口和f端口複製、LUN遮罩破壞等等
