Previous Section  < Day Day Up >  Next Section

How This Book Is Organized

Part I, "MPLS VPN and Security Fundamentals," gives the foundations for MPLS VPN security work:

  • Chapter 1, "MPLS VPN Security: An Overview," gives a short introduction to the fundamental principles of security and how MPLS VPNs work, and provides comparison to other VPN technologies. It also defines "zones of trust" for an MPLS VPN environment.

  • Every security project should first define the threats against each trusted zone. Chapter 2, "A Threat Model for MPLS VPNs," builds a threat model with specific attack points.

Overall security is determined by the security of three components: the architecture, the design, and the operation. Part II, "Advanced MPLS VPN Security Issues," discusses these three components separately:

  • Chapter 3, "MPLS Security Analysis," analyzes the MPLS VPN architecture on its security properties. It explains which level of security can be reached using this architecture and how the architecture can be secured adequately against the threats defined in Chapter 2.

  • Chapter 4, "Secure MPLS VPN Designs," explains how to design secure MPLS VPN networks. It gives recommendations on how to implement various network topologies securely.

  • Chapter 5, "Security Recommendations," suggests how to operate the network securely. Best practices in securing routers are explained here, and many examples are given.

Part III, "Practical Guidelines to MPLS VPN Security," discusses special cases:

  • Chapter 6, "How IPsec Complements MPLS," discusses applications of IPsec in MPLS VPN environments.

  • Chapter 7, "Security of MPLS Layer 2 VPNs," explains special security issues in Layer 2 VPNs.

  • Chapter 8, "Secure Operation and Maintenance of an MPLS Core," explains how to manage an MPLS VPN network securely.

The book is rounded up by some practical case studies, a configuration example, and resources in Part IV, "Case Studies and Appendixes":

  • Chapter 9, "Case Studies," encompasses details from all the previous chapters to provide examples for overall secure solutions.

  • Appendix A, "Detailed Configuration Example for a PE," provides an example of a number of security features configured on a single router.

  • Appendix B, "Reference List," provides a list of sources to which you can refer for more information on MPLS VPN security.

    Previous Section  < Day Day Up >  Next Section