Op werkdagen voor 23:00 besteld, morgen in huis Gratis verzending vanaf €20
, , , e.a.

Integrated Security Technologies and Solutions - Volume I

Cisco Security Solutions for Advanced Threat Protection with Next Generation Firewall, Intrusion Prevention, A

Paperback Engels 2018 9781587147067
Verwachte levertijd ongeveer 8 werkdagen


The essential reference for security pros and CCIE Security candidates: policies, standards, infrastructure/perimeter and content security, and threat protection

Integrated Security Technologies and Solutions – Volume I offers one-stop expert-level instruction in security design, deployment, integration, and support methodologies to help security professionals manage complex solutions and prepare for their CCIE exams. It will help security pros succeed in their day-to-day jobs and also get ready for their CCIE Security written and lab exams.

Part of the Cisco CCIE Professional Development Series from Cisco Press, it is authored by a team of CCIEs who are world-class experts in their Cisco security disciplines, including co-creators of the CCIE Security v5 blueprint. Each chapter starts with relevant theory, presents configuration examples and applications, and concludes with practical troubleshooting.

Volume 1 focuses on security policies and standards; infrastructure security; perimeter security (Next-Generation Firewall, Next-Generation Intrusion Prevention Systems, and Adaptive Security Appliance [ASA]), and the advanced threat protection and content security sections of the CCIE Security v5 blueprint. With a strong focus on interproduct integration, it also shows how to combine formerly disparate systems into a seamless, coherent next-generation security solution.

- Review security standards, create security policies, and organize security with Cisco SAFE architecture
- Understand and mitigate threats to network infrastructure, and protect the three planes of a network device
- Safeguard wireless networks, and mitigate risk on Cisco WLC and access points
- Secure the network perimeter with Cisco Adaptive Security Appliance (ASA)
- Configure Cisco Next-Generation Firewall Firepower Threat Defense (FTD) and operate security via Firepower Management Center (FMC)
- Detect and prevent intrusions with Cisco Next-Gen IPS, FTD, and FMC
- Configure and verify Cisco IOS firewall features such as ZBFW and address translation
- Deploy and configure the Cisco web and email security appliances to protect content and defend against advanced threats
- Implement Cisco Umbrella Secure Internet Gateway in the cloud as your first line of defense against internet threats
- Protect against new malware with Cisco Advanced Malware Protection and Cisco ThreatGrid


Aantal pagina's:592
Uitgever:Cisco Press
Hoofdrubriek:IT-management / ICT


Wees de eerste die een lezersrecensie schrijft!

Geef uw waardering

Zeer goed Goed Voldoende Matig Slecht

Over Aaron Woland

Aaron Woland , CCIE No. 20113, is a Senior Secure Access Engineer at Cisco Systems and works with Cisco's largest customers all over the world. His primary job responsibilities include secure access and ISE deployments, solution enhancements, futures, and escalations. Aaron joined Cisco in 2005 and is currently a member of numerous security advisory boards. Prior to joining Cisco, he spent 12 years as a consultant and technical trainer. His areas of expertise include network and host security architecture and implementation, regulatory compliance, and routing and switching. Aaron is the author of many white papers and design guides, including the TrustSec 2.0 Design and Implementation Guide and the NAC Layer 3 OOB Using VRFs for Traffic Isolation design guide. He is also a distinguished speaker at Cisco Live for topics related to identity and is a security columnist for Network World , where he blogs on all things related to identity. Additional certifications include CCSP, CCNP, CCDP, Certified Ethical Hacker, MCSE, and many other industry certifications.

Andere boeken door Aaron Woland


Introduction xxv

Part I Hi There! This Is Network Security 1
Chapter 1 Let’s Talk About Network Security 3
Know Thy Enemy 4
Know Thy Self 6
Security Standards and Frameworks 9
Regulatory Compliance 15
Payment Card Industry Data Security Standard (PCI DSS) 16
Security Models 18
Integrating Security Solutions 23
Summary 25
References 25

Chapter 2 Infrastructure Security and Segmentation 27
The Three Planes 27
Securing the Management Plane 28
Securing the Control Plane 38
Securing the Data Plane 49
Visibility with NetFlow 76
Summary 77
References 78

Chapter 3 Wireless Security 79
What Is Wireless? 79
Wireless Security Overview 90
Securing the WLAN 94
Configuring Wireless Protection Policies 98
Management and Control Plane Protection 114
Integrating a WLC with Other Security Solutions 120
Summary 122
References 122

Part II Deny IP any any 123
Chapter 4 Firewalling with the ASA 125
ASA Fundamentals 125
Traffic with the ASA 151
ASA Advanced Features 167
Advanced Firewall Tuning 172
Troubleshooting the ASA 176
Summary 180
References 181

Chapter 5 Next-Gen Firewalls 183
Firepower Deployment Options 184
Configuring Firepower Threat Defense 186
Access Control Policies 206
Analysis and Reporting 229
Summary 237
References 238

Chapter 6 Next-Gen Intrusion Detection and Prevention 239
NGIPS Overview 239
Cisco NGIPS Appliances 248
Snort 256
Configuring a NGIPS 267
Operationalizing a NGIPS 283
Summary 296
References 297

Chapter 7 IOS Firewall and Security Features 299
Network Address Translation (NAT) 299
Zone-Based Firewall (ZBF) 309
IOS Advanced Security Features 319
Summary 331
References 331

Part III EHLO. You have threat in content 333
Chapter 8 Content Security and Advanced Threat Protection 335
Content Security Overview 335
Web Security Appliance 336
Email Security Appliance 370
Security Management Appliance 390
Summary 391
References 391

Chapter 9 Umbrella and the Secure Internet Gateway 393
Umbrella Fundamentals 393
Umbrella Overview Dashboard 399
Deploying Umbrella 401
Cisco Investigate 423
Summary 425
References 425

Chapter 10 Protecting Against Advanced Malware 427
Introduction to Advanced Malware Protection (AMP) 427
Role of the AMP Cloud 429
Doing Security Differently 430
The Cloud 437
Cloud Proxy Mode 438
Air Gap Mode 440
Threat Grid 442
The Clean Interface 446
The Administrative Interface 446
The Dirty Interface 446
Comparing Public and Private Deployments 446
AMP for Networks 447
AMP for Endpoints 457
Custom Detections 462
AMP for Windows 474
Mac Policies 490
Linux Policies 495
AMP for Android 497
Groups, Groups, and More Groups 498
The Download Connector Screen 499
Distributing via Cisco AnyConnect 500
Installing AMP for Windows 501
Installing AMP for Mac 503
Installing AMP for Linux 504
Proxy Complications 511
AMP for Content Security 513
Content Security Connectors 513
Configuring AMP for Content Security Appliances 514
Configuring the Web Security Appliance (WSA) Devices 515
Configuring the Email Security Appliance (ESA) Devices 519
AMP Reports 522

Summary 524

Managementboek Top 100


Populaire producten



        Integrated Security Technologies and Solutions - Volume I