TABLE OF CONTENTS In an age where our society relies so heavily on electronic communication, the need for information security is continuously increasing. Given the value and confidential nature of the information that exists on today s networks, CIOs are investing very heavily in security. Without security, a company can suffer from theft or alteration of data, legal ramifications, and other issues that all result in monetary losses. Consequently, corporations are realizing the need to create and enforce an information security policy. Furthermore, companies are now experiencing significant pressure from external regulators and governance rules such as Sarbanes-Oxley.
In this chapter, you will learn about why information security is necessary. We also look at how and why security policies are created and how security needs to be handled as a process. We look at firewalls in general, explore the different types of firewalls available in the market, and learn basic concepts about how firewalls work. Finally, we discuss the three relevant security certifications that Cisco offers in the context of PIX firewalls: the Cisco Firewall Specialist, the Cisco Certified Security Professional (CCSP), and the Cisco Certified Internet Expert (CCIE) Security.
Over the last couple of decades, many companies began to realize that their most valuable assets were not only their buildings or factories, but also the intellectual property and other information that flowed internally within the company, as well as outwardly to suppliers and customers. Company managers, used to dealing with risk in their business activities, started to think...
