»
Managing Cisco Network Security 2E
 
 

Managing Cisco Network Security 2E, 2nd Edition

 
Managing Cisco Network Security 2E, 2nd Edition, Syngress,ISBN9781931836562
 
 
 

  

Syngress

9781931836562

9780080479057

752

Print Book + eBook

USD 77.94
USD 129.90

Buy both together and save 40%

Print Book

Paperback

In Stock

Estimated Delivery Time
USD 66.95

eBook
eBook Overview

VST format:

DRM Free included formats: PDF

USD 62.95
Add to Cart
 
 

Key Features

Security from a real-world perspective
Key coverage of the new technologies offered by the Cisco including: 500 series of Cisco PIX Firewall, Cisco Intrusion Detection System, and the Cisco Secure Scanner
Revised edition of a text popular with CCIP (Cisco Certified Internetwork Professional) students
Expanded to include separate chapters on each of the security products offered by Cisco Systems

Description

An in-depth knowledge of how to configure Cisco IP network security is a MUST for anyone working in today's internetworked world
"There's no question that attacks on enterprise networks are increasing in frequency and sophistication..."-Mike Fuhrman, Cisco Systems Manager, Security Consulting
Managing Cisco Network Security, Second Edition offers updated and revised information covering many of Cisco's security products that provide protection from threats, detection of network security incidents, measurement of vulnerability and policy compliance and management of security policy across an extended organization. These are the tools that network administrators have to mount defenses against threats. Chapters also cover the improved functionality and ease of the Cisco Secure Policy Manger software used by thousands of small-to-midsized businesses and a special section on the Cisco Aironet Wireless Security Solutions.

Managing Cisco Network Security 2E, 2nd Edition

Foreword Chapter 1 Introduction to IP Network Security Introduction What Role Does Security Play in a Network? Goals Philosophy What if I Don’t Deploy Security? The Fundamentals of Networking Where Does Security Fit in? Network Access Layer Security Internetwork Layer Security Host-to-Host Layer Security? Process Application Layer Security Authentication OSI Model How the OSI Model Works Composition of a Data Packet Security in TCP/IP Cisco IP Security Hardware and Software The Cisco Secure PIX Firewall Cisco Secure Integrated Software Cisco Secure Integrated VPN Software The Cisco Secure VPN Client Cisco Secure Access Control Server Cisco Secure Scanner Cisco Secure Intrusion Detection System Cisco Secure Policy Manager Cisco Secure Consulting Services Summary Solutions Fast Track Frequently Asked Questions Chapter 2 What are We Trying to Prevent? Introduction What Threats Face Your Network? Loss of Confidentiality Loss of Integrity Loss of Availability Sources of Threats Malicious Mobile Code Trojan Horses Viruses Worms Current Malicious Code Threats Current Malicious Code Impacts Denial of Service The Smurf Attack The SYN Flood Attack Distributed Denial of Service (DDoS) Attacks Detecting Breaches Initial Detection are Forensics Important? What are the Key Steps after a Breach is Detected? Preventing Attacks Reducing Vulnerabilities Providing a Simple Security Network Architecture Developing a Culture of Security Developing a Security Policy Summary Solutions Fast Track Frequently Asked Questions Chapter 3 Cisco PIX Firewall Introduction Overview of the Security Features Differences between PIX OS Version 4.x and Version 5.x Differences between PIX OS Version 6.0 and Version 5.x Initial Configuration Installing the PIX Software The Command-Line Interface IP Configuration Configuring NAT and PAT Permit Traffic Through Security Policy Configuration Security Strategies Identify the Security Services to Implement Implementing the Network Security Policy Confidentiality Configuration in PIX PIX Configuration Examples Protecting a Private Network Protecting a Network Connected to the Internet Protecting Server Access Using Authentication Protecting Public Servers Connected to the Internet Securing and Maintaining the PIX System Journaling Securing the PIX Summary Solutions Fast Track Frequently Asked Questions Chapter 4 Traffic Filtering in the Cisco Internetwork Operating System Introduction Access Lists Access List Operation Types of Access Lists Standard IP Access Lists Extended IP Access Lists Named Access Lists Editing Access Lists Problems with Access Lists Lock-and-key Access Lists Reflexive Access Lists Building Reflexive Access Lists Applying Reflexive Access Lists Context-based Access Control The Context-based Access Control Process Configuring Context-based Access Control Inspection Rules Applying the Inspection Rule Configuring Port to Application Mapping Configuring PAM Protecting a Private Network Protecting a Network Connected to the Internet Protecting Server Access Using Lock-and-key Protecting Public Servers Connected to the Internet Summary Solutions Fast Track Frequently Asked Questions Chapter 5 Network Address Translation/Port Address Translation Introduction NAT Overview Address Realm RFC 1918 Private Addressing NAT Transparent Address Assignment Transparent Routing Public, Global, and External Networks Private and Local Networks Application Level Gateways NAT Architectures Traditional NAT or Outbound NAT Port Address Translation Static NAT Twice NAT Guidelines for Deploying NAT and PAT IOS NAT Support for IP Telephony H.323 v2 Support CallManager Support Session Initiation Protocol Configuring NAT on Cisco IOS Configuration Commands Verification Commands Configuring NAT between a Private Network and the Internet Configuring NAT in a Network with DMZ Considerations on NAT and PAT IP Address Information in Data Bundled Session Applications Summary Solutions Fast Track Frequently Asked Questions Chapter 6 Cryptography Introduction Understanding Cryptography Concepts History Encryption Key Types Learning about Standard Cryptographic Algorithms Understanding Symmetric Algorithms Understanding Asymmetric Algorithms Understanding Brute Force Brute Force Basics Using Brute Force to Obtain Passwords Knowing When Real Algorithms are Being Used Improperly Bad Key Exchanges Hashing Pieces Separately Using a Short Password to Generate a Long Key Improperly Stored Private or Secret Keys Understanding Amateur Cryptography Attempts Classifying the Ciphertext Monoalphabetic Ciphers Other Ways to Hide Information Summary Solutions Fast Track Frequently Asked Questions Chapter 7 Cisco LocalDirector and DistributedDirector Introduction Improving Security Using Cisco LocalDirector LocalDirector Technology Overview LocalDirector Product Overview LocalDirector Security Features Filtering of Access Traffic Using synguard to Protect against SYN Flood Attacks Using NAT to Hide Real Addresses Restricting Who is Authorized to Have Telnet Access to LocalDirector Password Protection Syslog Logging Securing Geographically Dispersed Server Farms Using Cisco DistributedDirector DistributedDirector Technology Overview DistributedDirector Product Overview DistributedDirector Security Features Limiting the Source of DRP Queries Authentication between DistributedDirector and DRP Agents Password Protection Syslog Logging Summary Solutions Fast Track Frequently Asked Questions Chapter 8 Virtual Private Networks and Remote Access Introduction Overview of the Different VPN Technologies The Peer Model The Overlay Model Link Layer VPNs Network Layer VPNs Transport and Application Layer VPNs Intranet VPNs Extranet VPNs Access VPNs Layer 2 Transport Protocol Configuring Cisco L2TP IPSec IPSec Architecture IPSec and Cisco Encryption Technology Configuring Cisco IPSec Connecting IPSec Clients to Cisco IPSec Summary Solutions Fast Track Frequently Asked Questions Chapter 9 Cisco Authentication, Authorization, and Accounting Mechanisms Introduction Cisco AAA Overview AAA Authentication AAA Authorization AAA Accounting AAA Benefits Cisco AAA Mechanisms Supported AAA Security Protocols Configuring AAA Authentication Authorization Accounting Typical RAS Configuration Using AAA Typical Firewall Configuration Using AAA Authentication Proxy How the Authentication Proxy Works Comparison with the Lock-and-key Feature Benefits of Authentication Proxy Restrictions of Authentication Proxy Configuring Authentication Proxy Summary Solutions Fast Track Frequently Asked Questions Chapter 10 Cisco Content Services Switch Introduction Overview of Cisco Content Services Switch Cisco Content Services Switch Technology Overview Cisco Content Services Switch Product Information Security Features of Cisco Content Services Switch FlowWall Security? Using Network Address Translation to Hide Real Addresses Firewall Load Balancing Password Protection Disabling Telnet Access Syslog Logging Known Security Vulnerabilities Summary Solutions Fast Track Frequently Asked Questions Chapter 11 Cisco Secure Scanner Introduction Minimum System Specifications for Secure Scanner Searching the Network for Vulnerabilities Identifying Network Addresses Identifying Vulnerabilities Scheduling the Session Viewing the Results Changing Axis Views Drilling into Data Pivoting Data Zooming In and Out Creating Charts Saving Grid Views and Charts Reports and Wizards Keeping the System Up-to-Date Summary Solutions Fast Track Frequently Asked Questions Chapter 12 Cisco Secure Policy Manager Introduction Overview of the Cisco Secure Policy Manager The Benefits of Using Cisco Secure Policy Manager Installation Requirements for the Cisco Secure Policy Manager Features of the Cisco Secure Policy Manager Cisco Firewall Management VPN and IPSec Security Management Security Policy Management Network Security Deployment Options Cisco Secure Policy Manager Device and Software Support Using the Cisco Secure Policy Manager Configuration Summary Solutions Fast Track Frequently Asked Questions Chapter 13 Intrusion Detection Introduction What is Intrusion Detection? Types of IDSs IDS Architecture Why Should You Have an IDS? Benefits of an IDS in a Network Deploying an IDS in a Network Difficulties in Deploying an IDS IDS Tuning Tuning Network Attacks and Intrusions Poor Network Perimeter/Device Security Poor Physical Security Application and Operating Software Weaknesses Human Failure Weaknesses in the IP Suite of Protocols The Cisco Secure Network Intrusion Detection System What is the Cisco Secure Network Intrusion Detection System? Before You Install Director and Probe Setup General Operation nrConfigure The Data Management Package Cisco IOS Intrusion Detection Systems Summary Solutions Fast Track Frequently Asked Questions Chapter 14 Network Security Management Introduction PIX Device Manager PIX Device Manager Overview Supported PIX Firewall Versions Using PIX Device Manager Configuration Examples CiscoWorks2000 Access Control List Manager ACL Manager Overview Installation Requirements for ACL Manager ACL Manager Features The Basic Operation of ACL Manager Using ACL Manager Configuration Example: Creating ACLs with ACLM Cisco Secure Policy Manager Cisco Secure Access Control Server Overview of the Cisco Secure Access Control Server Benefits of the Cisco Secure Access Control Server Features of Cisco Secure ACS Cisco Secure ACS Device and Software Support Using Cisco Secure ACS Configuration Example: Adding and Configuring a AAA Client Summary Solutions Fast Track Frequently Asked Questions Chapter 15 Looking Ahead: Cisco Wireless Security Introduction Understanding Security Fundamentals and Principles of Protection Ensuring Confidentiality Ensuring Integrity Ensuring Availability Ensuring Privacy Ensuring Authentication Benefits of the Cisco Secure Access Features of Cisco Secure ACS Cisco Secure ACS Device and Software Support Using Cisco Secure ACS Configuration Example: Adding and Configuring a AAA Client Summary Solutions Fast Track Frequently Asked Questions Chapter 15 Looking Ahead: Cisco Wireless Security Introduction Understanding Security Fundamentals and Principles of Protection Ensuring Confidentiality Ensuring Integrity Ensuring Availability Ensuring Privacy Ensuring Authentication Ensuring Authorization MAC Filtering What is a MAC Address? Where in the Authentication/Association Process Does MAC Filtering Occur? Determining MAC Filtering is Enabled MAC Spoofing Ensuring Non-Repudiation Accounting and Audit Trails Using Encryption Reviewing the Role of Policy Identifying Resources Understanding Classification Criteria Implementing Policy Addressing the Issues with Policy Implementing WEP Defining WEP Creating Privacy with WEP The WEP Authentication Process WEP Benefits and Advantages WEP Disadvantages Implementing WEP on the Cisco Aironet AP 340 Exploiting WEP Security of 64-Bit versus 128-Bit Keys Acquiring a WEP Key Addressing Common Risks and Threats Finding a Target Finding Weaknesses in a Target Exploiting Those Weaknesses Sniffing, Interception, and Eavesdropping Defining Sniffing Sample Sniffing Tool Sniffing Case Scenario Protecting against Sniffing and Eavesdropping Spoofing and Unauthorized Access Defining Spoofing Sample Spoofing Tools Protecting against Spoofing and Unauthorized Attacks Network Hijacking and Modification Defining Hijacking Sample Hijacking Tools Hijacking Case Scenario Protection against Network Hijacking and Modification Denial of Service and Flooding Attacks Defining DoS and Flooding Sample DoS Tools DoS and Flooding Case Scenario Protecting against DoS and Flooding Attacks Summary Solutions Fast Track Frequently Asked Questions Index
 
 
Cyber Monday SALE Upto 50 Percent OFF | Use Code CYBER14
Shop with Confidence

Free Shipping around the world
▪ Broad range of products
▪ 30 days return policy
FAQ

Contact Us