The working groups that define the Internet standards last only as long as until the work is completed, at which time the working group shuts down and the resulting documents are published. The main IETF site is the best start to search for relevant RFC standards:

You can find ongoing work in the security area here:

RFC 2196, The Site Security Handbook. A guide created by the Internet Engineering Task Force (IETF) to develop computer security policies and procedures for sites that have systems on the Internet:

The Federal Agency Security Practices (FASP) website whose areas contain a slew of information that incorporates the Federal CIO Council's best current practices pertaining to security issues:

FIPS PUB 191. Created by NIST. Although it is written specifically for LANs, this publication is applicable to any computer network environment. The use of risk management is presented to help the reader determine LAN assets, to identify threats and vulnerabilities, to determine the risk of those threats to the LAN, and to determine the possible security services and mechanisms that may be used to help reduce the risk to the LAN:

NIST Special Publication (SP) 800-3, Establishing a Computer Security Incident Response Capability (CSIRC).

Computer Security Resource Center (CSRC):

Handbook for Computer Security Incident Response Teams (CSIRTs):

The CERT Coordination Center provides comprehensive information that ranges from protecting systems against potential problems to reacting to current problems to predicting future problems:

Electronic Privacy Information Center (EPIC):

Comprehensive archive of security-related links:

At the following website, you can find general information on Cisco security offerings with links to detailed security products, services, and solutions:

Cisco IOS 12.0 Network Security. Indianapolis, IN: Cisco Press, 1999. Provides information about Cisco IOS security features.