Server Farm Security in the Business Ready Data Center Architecture v2.1
DC_Pref
Downloads: This chapterpdf (PDF - 151.0KB) The complete bookPDF (PDF - 6.78MB) | Feedback

Preface

Table Of Contents

Preface

Document Purpose

Intended Audience

Document Organization


Preface


Document Purpose

This document describes the Cisco technologies, tools, and tested solutions for providing security in the enterprise data center.

Intended Audience

This document is intended for network design engineers, network architects, and network support engineers who are responsible for planning, designing, implementing, and operating enterprise data center networks.

Document Organization

Chapter
Description

Chapter 1, "Server Farm Security—Technology and Solution Overview"

Overview of the Cisco technologies, tools, and tested solutions for providing security in the enterprise data center.

Chapter 2, "Enterprise Data Center Topology"

Detailed description of how to harden and modify enterprise data center topologies for data center security.

Chapter 3, "Basic Infrastructure Security"

Describes basic security precautions for each router and switch in the data center.

Chapter 4, "Deploying the Cisco Catalyst 6500 Firewall Services Module in Transparent Mode"

Design and implementation recommendations for the use of firewall and load balancers in a data center.

Chapter 5, "CSM One-arm Design in the Data Center"

Design and configuration of secure and highly available data center with the Cisco Catalyst 6500 CSM in one-arm mode.

Chapter 6, "Catalyst SSL Services Module Deployment in the Data Center with Back-End Encryption"

Describes the use of the Cisco SSL Services Module to provide offloading of SSL decryption in the data center.

Chapter 7, "Traffic Capturing for Granular Traffic Analysis"

Describes how to significantly increase the granularity of network traffic analysis by combining RSPAN and VACL redirect.

Chapter 8, "Cisco Network-Based Intrusion Detection—Functionalities and Configuration"

Describes the need for and benefits of deploying network intrusion in the data center.

Chapter 9, "Deployment of Network-Based IDS Sensors and Integration with Service Modules"

Describes how to deploy multiple intrusion detection systems sensors in a data center and how to capture and differentiate traffic to improve performance and reduce the number of false positives.