Summer Reading Sale
 
 

Recently Viewed clear list


Original Essays | June 20, 2014

Lauren Owen: IMG The Other Vampire



It's a wild and thundery night. Inside a ramshackle old manor house, a beautiful young girl lies asleep in bed. At the window, a figure watches... Continue »

spacer
Qualifying orders ship free.
$74.25
List price: $79.99
New Trade Paper
Ships in 1 to 3 days
Add to Wishlist
available for shipping or prepaid pickup only
Qty Store Section
21 Local Warehouse Internet- General

More copies of this ISBN

Cisco Asa: All-In-One Next-Generation Firewall, Ips, and VPN Services

by

Cisco Asa: All-In-One Next-Generation Firewall, Ips, and VPN Services Cover

 

Synopses & Reviews

Publisher Comments:

Cisco® ASA

All-in-One Next-Generation Firewall, IPS, and VPN Services, Third Edition

 

Identify, mitigate, and respond to today’s highly-sophisticated network attacks.

 

Today, network attackers are far more sophisticated, relentless, and dangerous. In response, Cisco ASA: All-in-One Next-Generation Firewall, IPS, and VPN Services has been fully updated to cover the newest techniques and Cisco technologies for maximizing end-to-end security in your environment. Three leading Cisco security experts guide you through every step of creating a complete security plan with Cisco ASA, and then deploying, configuring, operating, and troubleshooting your solution.

 

Fully updated for today’s newest ASA releases, this edition adds new coverage of ASA 5500-X, ASA 5585-X, ASA Services Module, ASA next-generation firewall services, EtherChannel, Global ACLs, clustering, IPv6 improvements, IKEv2, AnyConnect Secure Mobility VPN clients, and more. The authors explain significant recent licensing changes; introduce enhancements to ASA IPS; and walk you through configuring IPsec, SSL VPN, and NAT/PAT.

 

You’ll learn how to apply Cisco ASA adaptive identification and mitigation services to systematically strengthen security in network environments of all sizes and types. The authors present up-to-date sample configurations, proven design scenarios, and actual debugs–

all designed to help you make the most of Cisco ASA in your rapidly evolving network.

 

Jazib Frahim, CCIE® No. 5459 (Routing and Switching; Security), Principal Engineer in the Global Security Solutions team, guides top-tier Cisco customers in security-focused network design and implementation. He architects, develops, and launches new security services concepts. His books include Cisco SSL VPN Solutions and Cisco Network Admission Control, Volume II: NAC Deployment and Troubleshooting.

 

Omar Santos, CISSP No. 463598, Cisco Product Security Incident Response Team (PSIRT) technical leader, leads and mentors engineers and incident managers in investigating and resolving vulnerabilities in Cisco products and protecting Cisco customers. Through 18 years in IT and cybersecurity, he has designed, implemented, and supported numerous secure networks for Fortune® 500 companies and the U.S. government. He is also the author of several other books and numerous whitepapers and articles.

 

Andrew Ossipov, CCIE® No. 18483 and CISSP No. 344324, is a Cisco Technical Marketing Engineer focused on firewalls, intrusion prevention, and data center security. Drawing on more than 16 years in networking, he works to solve complex customer technical problems, architect new features and products, and define future directions for Cisco’s product portfolio. He holds several pending patents.

 

Understand, install, configure, license, maintain, and troubleshoot the newest ASA devices

Efficiently implement Authentication, Authorization, and Accounting (AAA) services

Control and provision network access with packet filtering, context-aware Cisco ASA next-generation firewall services, and new NAT/PAT concepts

Configure IP routing, application inspection, and QoS

Create firewall contexts with unique configurations, interfaces, policies, routing tables, and administration

Enable integrated protection against many types of malware and advanced persistent threats (APTs) via Cisco Cloud Web Security and Cisco Security Intelligence Operations (SIO)

Implement high availability with failover and elastic scalability with clustering

Deploy, troubleshoot, monitor, tune, and manage Intrusion Prevention System (IPS) features

Implement site-to-site IPsec VPNs and all forms of remote-access VPNs (IPsec, clientless SSL, and client-based SSL)

Configure and troubleshoot Public Key Infrastructure (PKI)

Use IKEv2 to more effectively resist attacks against VPNs

Leverage IPv6 support for IPS, packet inspection, transparent firewalls, and site-to-site IPsec VPNs

 

 

Synopsis:

This is the definitive, up-to-date practitioner's guide to planning, deploying, and troubleshooting comprehensive security plans with Cisco ASA. Written by two experienced Cisco Security and VPN Solutions consultants who work closely with customers to solve security problems every day, the book brings together valuable insights and real-world deployment examples for both large and small network environments. Jazib Frahim and Omar Santos begin by introducing the newest ASA Firewall Solution and its capabilities. Next, they walk through configuring and troubleshooting both site-to-site and remote access VPNs, and implementing Intrusion Prevention System (IPS) features supported by the ASA's Advanced Inspection and Prevention Security Services Module (AIP-SSM). Each chapter is comprised of many sample configurations, accompanied by in-depth analysis of design scenarios, plus a complete set of debugs in every section.

 

Fully updated for the newest ASA product releases, Cisco ASA, Third Edition adds new coverage of:

  • ASA 5585X and ASA-SM
  • Major updates to license configurations
  • EtherChannel setup
  • Global ACLs
  • Configuring WCCP, WAAS, and NAT post-8.2 behavior
  • Identity-aware firewalls
  • IPv6 inspections
  • Major changes to IPS and AIP-SSM configuration and troubleshooting
  • IKEv1 and IKEv2 support
  • IPv6 support on site-to-site IPsec VPNs
  • AnyConnect Secure Mobility VPN clients, and more

About the Author

Jazib Frahim, CCIE No. 5459, is a Principal Engineer in the Global Security Services Practice at Cisco. He has been with Cisco for over 15 years, with a focus on cyber-security and emerging security technologies. Jazib is also responsible for guiding customers in

the design and implementation of security solutions and technologies in their networks with a focus on network security. He leads a team of solutions architects to guide them through the lifecycle of services and solutions development. Jazib has also been engaged

in the development of a number of customer-focused services, such as managed threat defense, network-based identity, bring-your-own-device (BYOD), and many others. Jazib holds a bachelor’s degree in computer engineering from Illinois Institute of

Technology and a master’s degree in business administration (MBA) from North Carolina State University. In addition to CISSP, Jazib also holds two CCIEs, one in routing and switching and the other in security. He has presented at many industry events, such as Cisco Live, Interop, and ISSA, on multiple occasions. He has also authored and coauthored numerous technical documents, whitepapers, and books, including the following Cisco Press titles:

 

¿ Cisco ASA: All-in-One Firewall, IPS, and VPN Adaptive Security Appliance

¿ Cisco ASA: All-in-One Firewall, IPS, Anti-X, and VPN Adaptive Security Appliance, Second Edition

¿ Cisco Network Admission Control, Volume II: NAC Deployment and Troubleshooting

¿ SSL Remote Access VPNs

 

Omar Santos, CISSP No. 463598 is a Senior Incident Manager of Cisco’s Product Security Incident Response Team (PSIRT), where he mentors and leads engineers and incident managers during the investigation and resolution of security vulnerabilities in all Cisco products. Omar has designed, implemented, and supported numerous secure networks for Fortune 500 companies and the U.S. government. Prior to his current role, he was a technical leader within the World Wide Security Practice and Cisco’s Technical Assistance Center (TAC), where he taught, led, and mentored many engineers within both organizations. Omar is an active member of the security community, where he leads several industrywide initiatives and standards bodies. His active role helps businesses, academic institutions, state and local law enforcement agencies, and other participants that are dedicated to increasing the security of the critical infrastructure. Omar has delivered numerous technical presentations at conferences and to Cisco customers and partners, as well as many C-level executive presentations to many organizations. He has authored numerous whitepapers, articles, and security configuration guidelines and best practices, and has also authored or coauthored the following Cisco Press books:

 

¿ Cisco ASA: All-in-One Firewall, IPS, and VPN Adaptive Security Appliance

¿ Cisco ASA: All-in-One Firewall, IPS, Anti-X, and VPN Adaptive Security

¿ Cisco Network Admission Control, Volume II: NAC Deployment and Troubleshooting

¿ End-to-End Network Security: Defense-in-Depth

 

Andrew Ossipov, CCIE No. 18483 and CISSP No. 344324, is currently a Technical Marketing Engineer at Cisco with primary concentration on firewall, intrusion prevention, and other Cisco Data Center Security solutions. With over 15 years of networking

experience, Andrew previously worked with LAN switching, routing protocol, and network data storage technologies and performed academic research in the area of VoIP. At Cisco, Andrew is involved in a broad range of activities that include solving customers’ technical problems of the highest complexity, architecting features and products, and defining the future direction of the product portfolio. He is an inventor and co-inventor of multiple pending cross-technology patents. Andrew received his bachelor of science in computer engineering and master of science in electrical engineering degrees from Wichita State University.

Table of Contents

Part I Product Overview

1. Introduction to Security Technologies

2. Cisco ASA Product and Solution Overview

3. Licensing

4. Initial Setup

5. System Maintenance

6. IPv6 Support

Part II Firewall Technology

7. Controlling Network Access

8. Network Address Translation

9. ASA IP Routing

10. Multicast Routing

11. Authentication, Authorization, and Accounting (AAA) Services

12. ASA Application Inspection (Fixup protocols)

13. Virtualization

14. Transparent Firewalls

15. Failover and Redundancy

16. Quality of Service (QoS)

Part III Intrusion Prevention System (IPS) Solution

17. Configuring and Troubleshooting Intrusion Prevention System (IPS) Technologies

18. Tuning and Monitoring (IPS)

Part V Virtual Private Network (VPN) Solutions

19. Site-to-site IPSec VPNs

20. IPSec Remote Access VPNs

21. Configuring and Troubleshooting Public Key Infrastructure (PKI)

22. Clientless Remote Access SSL VPN (104 pages)

23. Client-based Remote Access SSL VPN

 

Product Details

ISBN:
9781587143076
Author:
Frahim, Jazib
Publisher:
Cisco Press
Author:
Santos, Omar
Author:
Ossipov, Andrew
Subject:
Internet - Security
Subject:
Internet - General
Subject:
cisco; cisco asa; network attacks; network security; asa ip routing; system maintenance; ipc6 support; multicast routing; transparent firewalls; vpn; cisco asa firewall
Copyright:
Edition Description:
Trade paper
Publication Date:
20121012
Binding:
TRADE PAPER
Language:
English
Pages:
1248
Dimensions:
9.1 x 7.4 x 2.6 in 2028 gr

Related Subjects

Computers and Internet » Internet » General
Computers and Internet » Internet » Information
Computers and Internet » Networking » Cisco
Computers and Internet » Networking » Computer Security
Computers and Internet » Networking » General
Computers and Internet » Networking » Vendor Specific
Sports and Outdoors » Sports and Fitness » Sports General

Cisco Asa: All-In-One Next-Generation Firewall, Ips, and VPN Services New Trade Paper
0 stars - 0 reviews
$74.25 In Stock
Product details 1248 pages Cisco Press - English 9781587143076 Reviews:
"Synopsis" by ,

This is the definitive, up-to-date practitioner's guide to planning, deploying, and troubleshooting comprehensive security plans with Cisco ASA. Written by two experienced Cisco Security and VPN Solutions consultants who work closely with customers to solve security problems every day, the book brings together valuable insights and real-world deployment examples for both large and small network environments. Jazib Frahim and Omar Santos begin by introducing the newest ASA Firewall Solution and its capabilities. Next, they walk through configuring and troubleshooting both site-to-site and remote access VPNs, and implementing Intrusion Prevention System (IPS) features supported by the ASA's Advanced Inspection and Prevention Security Services Module (AIP-SSM). Each chapter is comprised of many sample configurations, accompanied by in-depth analysis of design scenarios, plus a complete set of debugs in every section.

 

Fully updated for the newest ASA product releases, Cisco ASA, Third Edition adds new coverage of:

  • ASA 5585X and ASA-SM
  • Major updates to license configurations
  • EtherChannel setup
  • Global ACLs
  • Configuring WCCP, WAAS, and NAT post-8.2 behavior
  • Identity-aware firewalls
  • IPv6 inspections
  • Major changes to IPS and AIP-SSM configuration and troubleshooting
  • IKEv1 and IKEv2 support
  • IPv6 support on site-to-site IPsec VPNs
  • AnyConnect Secure Mobility VPN clients, and more
spacer
spacer
  • back to top
Follow us on...




Powell's City of Books is an independent bookstore in Portland, Oregon, that fills a whole city block with more than a million new, used, and out of print books. Shop those shelves — plus literally millions more books, DVDs, and gifts — here at Powells.com.