(Chapter 1, "Maintaining Your Network," provides an overview of the basic periods of attack and the firewall options available for adversarial attacks during each period. Chapter 2, "Reconnaissance and Deterrence," describes the options you can use to turn off IP address scanning, port scanning, and operating system (OS)-type testing of the discovery scheme system. Chapter 3, "Denial of Service Attack Protection," explains firewall, network, and operating system-related DoS attacks, and explains how ScreenOS mitigates such attacks. Chapter 4, “Content Monitoring and Filtering,” describes how to protect users from malicious consistent resource locators (URLs), and describes how to configure JuniperNetworks security appliances to work with third-party products, then provide antivirus scanning, antispam Mail and Web filtering capabilities. Chapter 5, "Deep Inspection," describes how to configure JuniperNetworks security appliances for IDP target updates, how to create user-defined targets and target groups, and how to use IDP at the policy level. Chapter 6, "Intrusion/Intrusion Detection and Prevention," introduces JuniperNetworks Intrusion Detection and Prevention (IDP) technology, which, when deployed inline to your network, can detect and prevent attacks. This chapter describes how to use IDP at the policy level to drop malicious packets or connections before an attack enters the network. Chapter 7, "Suspicious Packet Attributes," describes several SCREEN options for maintaining network resources against potential attacks indicated by unusual IP and ICMP packet attributes. Appendix A, "User-Defined Signature Environments," provides a description of the environments that can be specified when defining a stateful signature attack target.)
收藏
