Part 2. Security fundamentals

In today’s world, where seemingly everyone and everything is increasingly connected to the internet, robust network security isn’t optional; it’s absolutely critical. A data breach can cost an enterprise millions of dollars; according to IBM, the average cost of a breach was 4.45 million US dollars in 2023. And beyond the financial costs, the reputational damage can lead to lower trust from customers, negatively affecting the business for years to come. To put it simply, security cannot be an afterthought when it comes to designing and operating networks. So in part 2 of this volume, we turn our focus to network security.

Chapter 11 begins this part of the book with a selection of various security-related topics: the basic goals of security, common network-based attacks, social engineering attacks that target users, password-related best practices, user access control, firewalls, and more. Then, chapters 12, 13, and 14 cover three specific security features on Cisco switches: Port Security, DHCP Snooping, and Dynamic ARP Inspection. Each of these plays a key role in securing LANs right where user devices connect to them: switches.