Op werkdagen voor 23:00 besteld, morgen in huis Gratis verzending vanaf €20
Wij wijzen u graag op het volgende
Door drukte zijn de levertijden van PostNL aangepast en kan uw pakket vertraging oplopen. Door de Brexit kan de levering van Engelse boeken vertraging oplopen.
, , , e.a.

Integrated Security Technologies and Solutions - Volume II

Cisco Security Solutions for Network Access Control, Segmentation, Context Sharing, Secure Connectivity and Vi

Paperback Engels 2019 9781587147074
Verkooppositie 5812
Verwachte levertijd ongeveer 7 werkdagen

Samenvatting

The essential reference for security pros and CCIE Security candidates: identity, context sharing, encryption, secure connectivity and virtualization

Integrated Security Technologies and Solutions – Volume II brings together more expert-level instruction in security design, deployment, integration, and support. It will help experienced security and network professionals manage complex solutions, succeed in their day-to-day jobs, and prepare for their CCIE Security written and lab exams.

Volume II focuses on the Cisco Identity Services Engine, Context Sharing, TrustSec, Application Programming Interfaces (APIs), Secure Connectivity with VPNs, and the virtualization and automation sections of the CCIE v5 blueprint. Like Volume I, its strong focus on interproduct integration will help you combine formerly disparate systems into seamless, coherent, next-generation security solutions.

Part of the Cisco CCIE Professional Development Series from Cisco Press, it is authored by a team of CCIEs who are world-class experts in their Cisco security disciplines, including co-creators of the CCIE Security v5 blueprint. Each chapter starts with relevant theory, presents configuration examples and applications, and concludes with practical troubleshooting.

- Review the essentials of Authentication, Authorization, and Accounting (AAA)
- Explore the RADIUS and TACACS+ AAA protocols, and administer devices with them
- Enforce basic network access control with the Cisco Identity Services Engine (ISE)
- Implement sophisticated ISE profiling, EzConnect, and Passive Identity features
- Extend network access with BYOD support, MDM integration, Posture Validation, and Guest Services
- Safely share context with ISE, and implement pxGrid and Rapid Threat Containment
- Integrate ISE with Cisco FMC, WSA, and other devices
- Leverage Cisco Security APIs to increase control and flexibility
- Review Virtual Private Network (VPN) concepts and types
- Understand and deploy Infrastructure VPNs and Remote Access VPNs
- Virtualize leading Cisco Security products
- Make the most of Virtual Security Gateway (VSG), Network Function Virtualization (NFV), and microsegmentation

Specificaties

ISBN13:9781587147074
Taal:Engels
Bindwijze:paperback
Aantal pagina's:666
Uitgever:Cisco Press
Druk:1
Verschijningsdatum:20-6-2019
Hoofdrubriek:IT-management / ICT

Lezersrecensies

Wees de eerste die een lezersrecensie schrijft!

Geef uw waardering

Zeer goed Goed Voldoende Matig Slecht

Over Aaron Woland

Aaron Woland , CCIE No. 20113, is a Senior Secure Access Engineer at Cisco Systems and works with Cisco's largest customers all over the world. His primary job responsibilities include secure access and ISE deployments, solution enhancements, futures, and escalations. Aaron joined Cisco in 2005 and is currently a member of numerous security advisory boards. Prior to joining Cisco, he spent 12 years as a consultant and technical trainer. His areas of expertise include network and host security architecture and implementation, regulatory compliance, and routing and switching. Aaron is the author of many white papers and design guides, including the TrustSec 2.0 Design and Implementation Guide and the NAC Layer 3 OOB Using VRFs for Traffic Isolation design guide. He is also a distinguished speaker at Cisco Live for topics related to identity and is a security columnist for Network World , where he blogs on all things related to identity. Additional certifications include CCSP, CCNP, CCDP, Certified Ethical Hacker, MCSE, and many other industry certifications.

Andere boeken door Aaron Woland

Inhoudsopgave

Introduction xix

Part I Knock, Knock! Who’s There? 1
Chapter 1 Who and What: AAA Basics 3
-Fundamentals of AAA 3
-Understanding the Concept of Triple-A in the Real World 4
-Compare and Select AAA Options 4
-TACACS+ 7
-RADIUS 12
-Comparing RADIUS and TACACS+ 15
-Summary 16

Chapter 2 Basic Network Access Control 17
-What Is Cisco ISE? 17
-ISE Architecture for Network Access AAA 18
-Configuring ISE for Single/Standalone and Multinode Deployments 23
-ISE Configuration for Network Access 32
-802.1X and Beyond 54
-Configuring Wired Network Access with ISE 71
-Configuring Wireless Network Access with ISE 115
-Verifying Dot1X and MAB 140
-Summary 148

Chapter 3 Beyond Basic Network Access Control 149
-Profiling with ISE 149
-ISE Profiler and CoA 175
-Profiles in Authorization Policies 178
-Passive Identities and EasyConnect 180
-Summary 191

Chapter 4 Extending Network Access with ISE 193
-Get Ready, Get Set, Prerequisites 194
-BYOD Onboarding with ISE 197
-MDM Onboarding and Enforcement with ISE 236
-Posture Assessment and Remediation with ISE 244
-Guest Access with ISE 265
-TrustSec with ISE 287
-Summary 306

Chapter 5 Device Administration Control with ISE 307
-The Case for Centralized AAA 307
-RADIUS Versus TACACS+ for Device Administration 308
-Using TACACS+ for Device Administration 309
-Using RADIUS for Device Administration 343
-Summary 352

Part II Spread the Love! 353
Chapter 6 Sharing the Context 355
-The Many Integration Types of the Ecosystem 356
-pxGrid in Depth 361
-Summary 406

Chapter 7 APIs in Cisco Security 407
-APIs 101 407
-Firepower Management Center APIs 413
-Identity Services Engine APIs 424
-Advanced Malware Protection APIs 428
-Threat Grid APIs 433
-Umbrella APIs 435
-Summary 437
-References 437

Part III c2889775343d1ed91b 439
Chapter 8 Security Connectivity 441
-Hashing, Ciphers, Cryptography, and PKI 441
-Virtual Private Networks 461
-Layer 2 Encryption: IEEE 802.1AE/MACsec 470
-Summary 474
-References 474

Chapter 9 Infrastructure VPN 477
-IPsec with IKEv1 478
-IPsec with IKEv2 484
-EzVPN 492
-DMVPN 500
-FlexVPN 514
-GETVPN 532
-Summary 541
-References 541

Chapter 10 Remote Access VPN 543
-Remote Access VPN Overview 543
-Cisco AnyConnect Secure Mobility Client 546
-Client-Based Remote Access VPN 554
-Clientless Remote Access VPN 586
-Summary 595
-References 595

Part IV The Red Pill 597
Chapter 11 Security Virtualization and Automation 599
-Cisco Virtual Solutions and Server Virtualization 599
-Virtualization and Automation Solutions 602
-Summary 613
-References 614

Alle 100 bestsellers

Rubrieken

Populaire producten

    Personen

      Trefwoorden

        Integrated Security Technologies and Solutions - Volume II