Integrated Security Technologies and Solutions - Volume I: CCIE Professional Development
Autor Aaron Woland, Vivek Santuka, Mason Harris, Jamie Sanboweren Limba Engleză Paperback – 14 mai 2018
- The must-have ready-reference for all Cisco security professionals
- First of two volumes: Volume 1 focuses on network security, next-generation firewalling and intrusion prevention, and advanced threat and content security
- Discover how Cisco firewalls, IPS systems, access control, and other security products and solutions integrate in the real world
Preț: 419.12 lei
Preț vechi: 523.90 lei
-20% Nou
Puncte Express: 629
Preț estimativ în valută:
80.21€ • 83.32$ • 66.63£
80.21€ • 83.32$ • 66.63£
Carte indisponibilă temporar
Doresc să fiu notificat când acest titlu va fi disponibil:
Se trimite...
Preluare comenzi: 021 569.72.76
Specificații
ISBN-13: 9781587147067
ISBN-10: 1587147068
Pagini: 592
Dimensiuni: 183 x 229 x 36 mm
Greutate: 0.98 kg
Editura: Pearson Education
Seria CCIE Professional Development
ISBN-10: 1587147068
Pagini: 592
Dimensiuni: 183 x 229 x 36 mm
Greutate: 0.98 kg
Editura: Pearson Education
Seria CCIE Professional Development
Notă biografică
Aaron Woland, CCIE No. 20113, is a principal engineer in Cisco's Advanced Threat Security group and works with Cisco's largest customers all over the world. His primary job responsibilities include security design, solution enhancements, standards development, advanced threat solution design, endpoint security, and futures.
Aaron joined Cisco in 2005 and is currently a member of numerous security advisory boards and standards body working groups. Prior to joining Cisco, Aaron spent 12 years as a consultant and technical trainer.
Aaron is the author of both editions of Cisco ISE for BYOD and Secure Unified Access, Cisco Next-Generation Security Solutions: All-in-one Cisco ASA FirePOWER Services, NGIPS, and AMP; CCNP Security SISAS 300-208 Official Cert Guide, CCNA Security 210-260 Complete Video Course, and many published white papers and design guides.
Aaron is one of only five inaugural members of the Hall of Fame Elite for Distinguished Speakers at Cisco Live, and he is a security columnist for Network World, where he blogs on all things related to security. His many other certifications include GHIC, GCFE, GSEC, CEH, MCSE, VCP, CCSP, CCNP, and CCDP.
Vivek Santuka, CCIE No. 17621 is a consulting systems engineer at Cisco and is a security consultant to some of Cisco's largest customers. He has over 13 years of experience in security, focusing on identity management and access control. Vivek is a member of multiple technical advisory groups.
Vivek holds two CCIE certifications: Security and Routing and Switching. In addition, he holds RHCE and CISSP certifications.
Vivek is author of the Cisco Press book AAA Identity Management Security.
Mason Harris, CCIE No. 5916, is a solutions architect for Cisco, focusing on cloud architectures with Cisco's largest global customers. He has more than 24 years of experience in information technology and is one the few individuals in the world who has attained five CCIE certifications. Prior to joining Cisco, he was the chief architect at cloud security startup vArmour Networks. Outside work, Mason can be found backpacking on long trails or at home with his family. A lifelong UNC Tarheels fan, he holds an undergraduate degree from UNC-Chapel Hill and a master's degree from NC State University, with a minor in Arabic.
Jamie Sanbower, CCIE No. 13637 (Routing and Switching, Security, and Wireless), is a technical solutions architect focusing on security for the Global Security Architecture Team.
Jamie has been with Cisco since 2010 and is currently a technical leader and member of numerous technical advisory groups. With over 15 years of technical experience in networking and security, Jamie has developed, designed, implemented, and operated enterprise network and security solutions for a wide variety of large clients.
Prior to joining Cisco, Jamie was the director of the cybersecurity practice at Force 3. His other certifications include CISSP, CEH, and MCSE.
Aaron joined Cisco in 2005 and is currently a member of numerous security advisory boards and standards body working groups. Prior to joining Cisco, Aaron spent 12 years as a consultant and technical trainer.
Aaron is the author of both editions of Cisco ISE for BYOD and Secure Unified Access, Cisco Next-Generation Security Solutions: All-in-one Cisco ASA FirePOWER Services, NGIPS, and AMP; CCNP Security SISAS 300-208 Official Cert Guide, CCNA Security 210-260 Complete Video Course, and many published white papers and design guides.
Aaron is one of only five inaugural members of the Hall of Fame Elite for Distinguished Speakers at Cisco Live, and he is a security columnist for Network World, where he blogs on all things related to security. His many other certifications include GHIC, GCFE, GSEC, CEH, MCSE, VCP, CCSP, CCNP, and CCDP.
Vivek Santuka, CCIE No. 17621 is a consulting systems engineer at Cisco and is a security consultant to some of Cisco's largest customers. He has over 13 years of experience in security, focusing on identity management and access control. Vivek is a member of multiple technical advisory groups.
Vivek holds two CCIE certifications: Security and Routing and Switching. In addition, he holds RHCE and CISSP certifications.
Vivek is author of the Cisco Press book AAA Identity Management Security.
Mason Harris, CCIE No. 5916, is a solutions architect for Cisco, focusing on cloud architectures with Cisco's largest global customers. He has more than 24 years of experience in information technology and is one the few individuals in the world who has attained five CCIE certifications. Prior to joining Cisco, he was the chief architect at cloud security startup vArmour Networks. Outside work, Mason can be found backpacking on long trails or at home with his family. A lifelong UNC Tarheels fan, he holds an undergraduate degree from UNC-Chapel Hill and a master's degree from NC State University, with a minor in Arabic.
Jamie Sanbower, CCIE No. 13637 (Routing and Switching, Security, and Wireless), is a technical solutions architect focusing on security for the Global Security Architecture Team.
Jamie has been with Cisco since 2010 and is currently a technical leader and member of numerous technical advisory groups. With over 15 years of technical experience in networking and security, Jamie has developed, designed, implemented, and operated enterprise network and security solutions for a wide variety of large clients.
Prior to joining Cisco, Jamie was the director of the cybersecurity practice at Force 3. His other certifications include CISSP, CEH, and MCSE.
Cuprins
Introduction xxv Part I Hi There! This Is Network Security 1 Chapter 1 Let's Talk About Network Security 3 Know Thy Enemy 4 Know Thy Self 6 Security Standards and Frameworks 9 Regulatory Compliance 15 Payment Card Industry Data Security Standard (PCI DSS) 16 Security Models 18 Integrating Security Solutions 23 Summary 25 References 25 Chapter 2 Infrastructure Security and Segmentation 27 The Three Planes 27 Securing the Management Plane 28 Securing the Control Plane 38 Securing the Data Plane 49 Visibility with NetFlow 76 Summary 77 References 78 Chapter 3 Wireless Security 79 What Is Wireless? 79 Wireless Security Overview 90 Securing the WLAN 94 Configuring Wireless Protection Policies 98 Management and Control Plane Protection 114 Integrating a WLC with Other Security Solutions 120 Summary 122 References 122 Part II Deny IP any any 123 Chapter 4 Firewalling with the ASA 125 ASA Fundamentals 125 Traffic with the ASA 151 ASA Advanced Features 167 Advanced Firewall Tuning 172 Troubleshooting the ASA 176 Summary 180 References 181 Chapter 5 Next-Gen Firewalls 183 Firepower Deployment Options 184 Configuring Firepower Threat Defense 186 Access Control Policies 206 Analysis and Reporting 229 Summary 237 References 238 Chapter 6 Next-Gen Intrusion Detection and Prevention 239 NGIPS Overview 239 Cisco NGIPS Appliances 248 Snort 256 Configuring a NGIPS 267 Operationalizing a NGIPS 283 Summary 296 References 297 Chapter 7 IOS Firewall and Security Features 299 Network Address Translation (NAT) 299 Zone-Based Firewall (ZBF) 309 IOS Advanced Security Features 319 Summary 331 References 331 Part III EHLO. You have threat in content
333 Chapter 8 Content Security and Advanced Threat Protection 335 Content Security Overview 335 Web Security Appliance 336 Email Security Appliance 370 Security Management Appliance 390 Summary 391 References 391 Chapter 9 Umbrella and the Secure Internet Gateway 393 Umbrella Fundamentals 393 Umbrella Overview Dashboard 399 Deploying Umbrella 401 Cisco Investigate 423 Summary 425 References 425 Chapter 10 Protecting Against Advanced Malware 427 Introduction to Advanced Malware Protection (AMP) 427 Role of the AMP Cloud 429 Doing Security Differently 430 The Cloud 437 Cloud Proxy Mode 438 Air Gap Mode 440 Threat Grid 442 The Clean Interface 446 The Administrative Interface 446 The Dirty Interface 446 Comparing Public and Private Deployments 446 AMP for Networks 447 AMP for Endpoints 457 Custom Detections 462 AMP for Windows 474 Mac Policies 490 Linux Policies 495 AMP for Android 497 Groups, Groups, and More Groups 498 The Download Connector Screen 499 Distributing via Cisco AnyConnect 500 Installing AMP for Windows 501 Installing AMP for Mac 503 Installing AMP for Linux 504 Proxy Complications 511 AMP for Content Security 513 Content Security Connectors 513 Configuring AMP for Content Security Appliances 514 Configuring the Web Security Appliance (WSA) Devices 515 Configuring the Email Security Appliance (ESA) Devices 519 AMP Reports 522 Summary 524 9781587147067, TOC, 4/16/2018
333 Chapter 8 Content Security and Advanced Threat Protection 335 Content Security Overview 335 Web Security Appliance 336 Email Security Appliance 370 Security Management Appliance 390 Summary 391 References 391 Chapter 9 Umbrella and the Secure Internet Gateway 393 Umbrella Fundamentals 393 Umbrella Overview Dashboard 399 Deploying Umbrella 401 Cisco Investigate 423 Summary 425 References 425 Chapter 10 Protecting Against Advanced Malware 427 Introduction to Advanced Malware Protection (AMP) 427 Role of the AMP Cloud 429 Doing Security Differently 430 The Cloud 437 Cloud Proxy Mode 438 Air Gap Mode 440 Threat Grid 442 The Clean Interface 446 The Administrative Interface 446 The Dirty Interface 446 Comparing Public and Private Deployments 446 AMP for Networks 447 AMP for Endpoints 457 Custom Detections 462 AMP for Windows 474 Mac Policies 490 Linux Policies 495 AMP for Android 497 Groups, Groups, and More Groups 498 The Download Connector Screen 499 Distributing via Cisco AnyConnect 500 Installing AMP for Windows 501 Installing AMP for Mac 503 Installing AMP for Linux 504 Proxy Complications 511 AMP for Content Security 513 Content Security Connectors 513 Configuring AMP for Content Security Appliances 514 Configuring the Web Security Appliance (WSA) Devices 515 Configuring the Email Security Appliance (ESA) Devices 519 AMP Reports 522 Summary 524 9781587147067, TOC, 4/16/2018