Cisco Firewalls

Cisco Firewalls By Alexandre M.S.P. Moraes
Publisher: Cis.co Pre.ss 2011 | 912 Pages | ISBN: 1587141094 | PDF | 13 MB

Concepts, design and deployment for Cisco Stateful Firewall solutions

Cisco Firewalls thoroughly explains each of the leading Cisco firewall products, features, and solutions, and shows how they can add value to any network security design or operation. The author tightly links theory with practice, demonstrating how to integrate Cisco firewalls into highly secure, self-defending networks. Cisco Firewalls shows you how to deploy Cisco firewalls as an essential component of every network infrastructure. The book takes the unique approach of illustrating complex configuration concepts through step-by-step examples that demonstrate the theory in action. This is the first book with detailed coverage of firewalling Unified Communications systems, network virtualization architectures, and environments that include virtual machines. The author also presents indispensable information about integrating firewalls with other security elements such as IPS, VPNs, and load balancers; as well as a complete introduction to firewalling IPv6 networks. Cisco Firewalls will be an indispensable resource for engineers and architects designing and implementing firewalls; security administrators, operators, and support professionals; and anyone preparing for the CCNA Security, CCNP Security, or CCIE Security certification exams.

• Create advanced security designs utilizing the entire Cisco firewall product family
• Choose the right firewalls based on your performance requirements
• Learn firewall configuration fundamentals and master the tools that provide insight about firewall operations
• Properly insert firewalls in your network’s topology using Layer 3 or Layer 2 connectivity
• Use Cisco firewalls as part of a robust, secure virtualization architecture
• Deploy Cisco ASA firewalls with or without NAT
• Take full advantage of the classic IOS firewall feature set (CBAC)
• Implement flexible security policies with the Zone Policy Firewall (ZPF)
• Strengthen stateful inspection with antispoofing, TCP normalization, connection limiting, and IP fragmentation handling
• Use application-layer inspection capabilities built into Cisco firewalls
• Inspect IP voice protocols, including SCCP, H.323, SIP, and MGCP
• Utilize identity to provide user-based stateful functionality
• Understand how multicast traffic is handled through firewalls
• Use firewalls to protect your IPv6 deployments

This security book is part of the Cisco Press Networking Technology Series. Security titles from Cisco Press help networking professionals secure critical data and resources, prevent and mitigate network attacks, and build end-to-end, self-defending networks.

Click here  or  Click here

Router Security Strategies: Securing IP Network Traffic Planes

Router Security Strategies: Securing IP Network Traffic Planes
Publisher: Cisco Press | ISBN: 1587053365 | edition 2008 | PDF | 673 pages | 10,2 mb

Router Security Strategies: Securing IP Network Traffic Planes provides a compre-hensive approach to understand and implement IP traffic plane separation and protection on IP routers. This book details the distinct traffic planes of IP networks and the advanced techniques necessary to operationally secure them. This includes the data, control, management, and services planes that provide the infrastructure for IP networking.
The first section provides a brief overview of the essential components of the Internet Protocol and IP networking. At the end of this section, you will understand the fundamental principles of defense in depth and breadth security as applied to IP traffic planes. Techniques to secure the IP data plane, IP control plane, IP management plane, and IP services plane are covered in detail in the second section.
The final section provides case studies from both the enterprise network and the service provider network perspectives. In this way, the individual IP traffic plane security techniques reviewed in the second section of the book are brought together to help you create an integrated, comprehensive defense in depth and breadth security architecture.

Click   or   Click

Network Security Auditing(Networking Technology: Security)

Chris Jackson, "Network Security Auditing (Networking Technology: Security)"
Publisher: Cisco Press | June 12, 2010 | 1 Edition | ISBN: 1587053527 | Pages: 528 | True PDF | Size: 11.3 MB

This complete new guide to auditing network security is an indispensable resource for security, network, and IT professionals, and for the consultants and technology partners who serve them.

Cisco network security expert Chris Jackson begins with a thorough overview of the auditing process, including coverage of the latest regulations, compliance issues, and industry best practices. The author then demonstrates how to segment security architectures into domains and measure security effectiveness through a comprehensive systems approach.

Network Security Auditing thoroughly covers the use of both commercial and open source tools to assist in auditing and validating security policy assumptions. The book also introduces leading IT governance frameworks such as COBIT, ITIL, and ISO 17799/27001, explaining their values, usages, and effective integrations with Cisco security products.

This book arms you with detailed auditing checklists for each domain, realistic design insights for meeting auditing requirements, and practical guidance for using complementary solutions to improve any company’s security posture.

Master the five pillars of security auditing: assessment, prevention, detection, reaction, and recovery.
Recognize the foundational roles of security policies, procedures, and standards.
Understand current laws related to hacking, cracking, fraud, intellectual property, spam, and reporting.
Analyze security governance, including the roles of CXOs, security directors, administrators, users, and auditors.
Evaluate people, processes, and technical security controls through a system-based approach.
Audit security services enabled through Cisco products.
Analyze security policy and compliance requirements for Cisco networks.
Assess infrastructure security and intrusion prevention systems.
Audit network access control and secure remote access systems.
Review security in clients, hosts, and IP communications.
Evaluate the performance of security monitoring and management systems.
This security book is part of the Cisco Press Networking Technology Series. Security titles from Cisco Press help networking professionals secure critical data and resources, prevent and mitigate network attacks, and build end-to-end, self-defending networks.

Downloads

Click   or  Click

PKI Uncovered: Certificate-Based Security Solutions for Next-Generation Networks

Andre Karamanian, Srinivas Tenneti, Francois Dessart
Publisher: C.is.co Press; 1 edition 2011 | 272 Pages | ISBN: 1587059169 | PDF | 4 MB

The only complete guide to designing, implementing, and supporting state-of-the-art certificate-based identity solutions with PKI

• Layered approach is designed to help readers with widely diverse backgrounds quickly learn what they need to know
• Covers the entire PKI project lifecycle, making complex PKI architectures simple to understand and deploy
• Brings together theory and practice, including on-the-ground implementers' knowledge, insights, best practices, design choices, and troubleshooting details

PKI Uncovered brings together all the techniques IT and security professionals need to apply PKI in any environment, no matter how complex or sophisticated. At the same time, it will help them gain a deep understanding of the foundations of certificate-based identity management. Its layered and modular approach helps readers quickly get the information they need to efficiently plan, design, deploy, manage, or troubleshoot any PKI environment. The authors begin by presenting the foundations of PKI, giving readers the theoretical background they need to understand its mechanisms. Next, they move to high-level design considerations, guiding readers in making the choices most suitable for their own environments. The authors share best practices and experiences drawn from production customer deployments of all types. They organize a series of design "modules" into hierarchical models which are then applied to comprehensive solutions. Readers will be introduced to the use of PKI in multiple environments, including Cisco router-based DMVPN, ASA, and 802.1X. The authors also cover recent innovations such as Cisco GET VPN. Throughout, troubleshooting sections help ensure smooth deployments and give readers an even deeper "under-the-hood" understanding of their implementations. 

Click     or     Click

CCSP: Securing Cisco IOS Networks Study Guide

CCSP: Securing Cisco IOS Networks Study Guide
Publisher: Sybex | ISBN: 0782142311 | edition 2003 | PDF | 438 pages | 10,2 mb

Cisco is moving aggressively into the network security arena by unveiling a lineup of a dozen new security products and services, and a new professional-level certification for them, Cisco Certified Security Professional (CCSP). The Securing Cisco IOS Networks (SECUR) exam (#642-501) is the first, and most critical, in a series of five exams required to achieve CCSP status. Sybex, the leader in Cisco certification study guides and winner of CertCities.com 2002 Readers' Choice Award for Best Study Guides, is offering this essential study guide to the SECUR exam (#642-501). Written for everyone pursuing a career as a Cisco security professional, this guide is packed with real world scenarios and exam essentials that take you beyond the basics and reinforce key subject areas.

Click       or        Click

Cisco Security Professional's Guide to Secure Intrusion Detection Systems

Cisco Security Professional's Guide to Secure Intrusion Detection Systems
Publisher: Syngress | ISBN: 1932266690 | edition 2003 | PDF | 673 pages | 12,2 mb

Cisco Systems, Inc. is the worldwide leader in networking for the Internet, and its Intrusion Detection Systems line of products is making in roads in the IDS market segment, with major upgrades having happened in February of 2003.
A comprehensive, up-to-date guide to the hardware and software that comprise the Cisco IDS. This book does more than show network engineers how to set up and manage this line of best selling products ... it walks them step by step through all the objectives of the Cisco Secure Intrusion Detection System course (and corresponding exam) that network engineers must pass on their way to achieving sought-after CCSP certification.
* Offers complete coverage of the Cisco Secure Intrusion Detection Systems Exam (CSIDS 9E0-100) for CCSPs

Click  or Click