A Practical Introduction to Enterprise Network and Security Management
A Practical Introduction to Enterprise Network and Security Management
Bongsik Shin, Ph.D
CRC Press
Taylor & Francis Group
6000 Broken Sound Parkway NW, Suite 300
Boca Raton, FL 33487-2742
2017 by Taylor & Francis Group, LLC
CRC Press is an imprint of Taylor & Francis Group, an Informa business
No claim to original U.S. Government works
Printed on acid-free paper
International Standard Book Number-13: 978-1-4987-8797-0 (Hardback)
This book contains information obtained from authentic and highly regarded sources. Reasonable efforts have been made to publish reliable data and information, but the author and publisher cannot assume responsibility for the validity of all materials or the consequences of their use. The authors and publishers have attempted to trace the copyright holders of all material reproduced in this publication and apologize to copyright holders if permission to publish in this form has not been obtained. If any copyright material has not been acknowledged please write and let us know so we may rectify in any future reprint.
Except as permitted under U.S. Copyright Law, no part of this book may be reprinted, reproduced, transmitted, or utilized in any form by any electronic, mechanical, or other means, now known or hereafter invented, including photocopying, microfilming, and recording, or in any information storage or retrieval system, without written permission from the publishers.
For permission to photocopy or use material electronically from this work, please access www.copyright.com (http://www.copyright.com/) or contact the Copyright Clearance Center, Inc. (CCC), 222 Rosewood Drive, Danvers, MA 01923, 978-750-8400. CCC is a not-for-profit organization that provides licenses and registration for a variety of users. For organizations that have been granted a photocopy license by the CCC, a separate system of payment has been arranged.
Trademark Notice: Product or corporate names may be trademarks or registered trademarks, and are used only for identification and explanation without intent to infringe.
Visit the Taylor & Francis Web site at
http://www.taylorandfrancis.com
and the CRC Press Web site at
http://www.crcpress.com
Contents
This book is written for those who study or practice information technology, management information systems (MIS), accounting information systems (AIS), or computer science (CS). It is assumed that readers are exposed to computer networking and security subjects for the first time. Computer networking and cybersecurity are challenging subjects, partly because of the constant rise and fall of related technologies and IT paradigms. As the title implies, much focus of this book is on providing the audience with practical, as well as, theoretical knowledge necessary to build a solid ground for a successful professional career.
If used for a class, the book of 12 chapters contains just about right amount of coverage for a semester or quarter. It balances introductory and fairly advanced subjects on computer networking and cybersecurity to effectively deliver technical and managerial knowledge. Although the writing is moderately dense, utmost attempts have been made on explaining sometimes challenging concepts in a manner that readers can follow through, with careful reading.
The book is designed to offer impactful, hands-on learning experience without relying on a computer lab. First, each chapter comes with practical exercise questions. In the class setting, they are good as individual or group assignments. Many of them are based on simulated or real cases, and take advantage of actual industry products and systems for a reader to better relate theories to practice. Second, there are a number of information-rich screen shots, figures, and tables in each chapter carefully constructed to solidify concepts and thus enhance visual learning.
In addition to the thorough technical details, managerial issues including, enterprise network planning, design, and management are embedded throughout the book from the practitioners perspective to assist balanced learning. Besides, bearing in mind of the critical importance of security in todays enterprise networks, implications of network design and management on enterprise security are discussed whenever appropriate. Lastly, to further reinforce knowledge in security management, two chapters are dedicated to introduce fundamentals of cybersecurity in terms of threat types and defense techniques.
Bongsik Shin is a professor of management information systems at San Diego State University. He earned a Ph.D. from the University of Arizona and was an assistant professor at the University of Nebraska at Omaha before joining San Diego State University. He has taught computer network & cybersecurity management, business intelligence (data warehousing & data mining, statistics), decision support systems, electronic commerce, and IT management & strategy. Especially, he has been teaching computer networking and cybersecurity continuously over 20 years.
His academic activities in pursuit of teaching and research excellence have been funded by more than 25 internal and external grants. His recent research efforts have been all about cybersecurity on subjects related to cyber threat intelligence, ransomware, authentication & access control and countermeasures of phishing. Recently, his team, he as the principal investigator, has been awarded a grant by the US Department of Defense to conduct research on Actionable Intelligence-Oriented Cyber Threat Modeling.
He has published more than 30 articles in such high impact journals as MIS Quarterly; IEEE Transactions on Engineering Management; IEEE Transactions on Systems, Man, and Cybernetics; Communications of the ACM; Journal of Association for Information Systems; European Journal of Information Systems; Journal of Management Information Systems; Information Systems Journal; Information & Management; and Decision Support Systems. In 2016, he served as a conference co-chair of the Americas Conference on Information Systems, one of the three largest MIS conferences with attendees from 40+ countries.
By definition, the computer network represents a collection of wired and wireless communication links through which computers and other hardware devices exchange data (or messages). A network can be either as small as the one installed in a house or as big as the Internet that literally covers the entire planet. The size of a particular network, thus, reflects the size of the place (e.g., building, campus) where it is installed. In recent days, the wireless and wired network links have become the arteries of organizations (e.g., companies, universities) and the society, revolutionizing every facet of our life by facilitating resource (e.g., storage) sharing and exchange of data (e.g., texts, videos, music) in an unprecedented manner. Throughout this book, the two terms data and message are used synonymously.
Because of the rapid advancement of information and communication technologies (ICTs), more electronic and mobile devices are being attached to the computer network. Among them are digital smart phones, high-definition Internet protocol televisions (IPTVs), music and video game players, tablets such as iPads, electronic appliances, and control and monitoring systems (e.g., security cameras, closed-circuit televisions (CCTVs), traffic signals). The rapid increase of various digital devices is transforming the network into a more dynamic, diversified, and, at the same time, more vulnerable platform.
Next page