Chris Chapman is Senior Methodologist for Spirent Communications, a global leader in network design and development. Chris has more than 20 years of experience with multiprotocol and cloud networking technologies. He writes industry-leading tests and test methodologies for major service providers, network equipment manufacturers, and standards bodies, and he is an active blogger for InformationWeek and other publications. Previously Chris held key engineering positions at Apple, Netscape, CompuServe, and MCI.

Introduction: Practical Security and Performance Testing

Ch. 1: Getting organized: Asset Inventory; knowing what you have

Ch. 2: Locking down Access: Internet, Wi-Fi, Wired Zones, and VPN

Ch. 3: Securing BYOD device access

Ch. 4: Hardening the Server

Ch. 5: Internal Security Threats and defending assets and zones

Ch. 6: How to test the Firewall and IPS/IDS Effectively

Ch. 7: Security Device Deployment Patterns

Ch. 8: Continuous Testing

Ch. 9: Defending against penetration attacks

Ch. 10: How to write and test a Request for Proposal

Ch. 11: Security "Fire drills"

Glossary

Network Performance Security: Testing and Analyzing Using Open Source and Low-Cost Tools gives mid-level IT engineers the practical tips and tricks they need to use the best open source or low cost tools available to harden their IT infrastructure. The book details how to use the tools and how to interpret them. Network Performance Security: Testing and Analyzing Using Open Source and Low-Cost Tools begins with an overview of best practices for testing security and performance across devices and the network. It then shows how to document assets-such as servers, switches, hypervisor hosts, routers, and firewalls-using publicly available tools for network inventory.

The book explores security zoning the network, with an emphasis on isolated entry points for various classes of access. It shows how to use open source tools to test network configurations for malware attacks, DDoS, botnet, rootkit and worm attacks, and concludes with tactics on how to prepare and execute a mediation schedule of the who, what, where, when, and how, when an attack hits.

Network security is a requirement for any modern IT infrastructure. Using Network Performance Security: Testing and Analyzing Using Open Source and Low-Cost Tools makes the network stronger by using a layered approach of practical advice and good testing practices.

• Offers coherent, consistent guidance for those tasked with securing the network within an organization and ensuring that it is appropriately tested
• Focuses on practical, real world implementation and testing
• Employs a vetted "security testing by example" style to demonstrate best practices and minimize false positive testing
• Gives practical advice for securing BYOD devices on the network, how to test and defend against internal threats, and how to continuously validate a firewall device, software, and configuration
• Provides analysis in addition to step by step methodologies