Cisco Asa: All-in-one Next-generation Firewall, Ips, And Vpn Services

Kobo eBook available

read instantly on your Kobo or tablet.

buy the ebook now

Cisco Asa: All-in-one Next-generation Firewall, Ips, And Vpn Services

by Andrew Ossipov, Jazib Frahim, Omar Santos

Pearson Education | April 30, 2014 | Trade Paperback

Not yet rated | write a review

Cisco® ASA

All-in-One Next-Generation Firewall, IPS, and VPN Services, Third Edition

 

Identify, mitigate, and respond to today''s highly-sophisticated network attacks.

 

Today, network attackers are far more sophisticated, relentless, and dangerous. In response, Cisco ASA: All-in-One Next-Generation Firewall, IPS, and VPN Services has been fully updated to cover the newest techniques and Cisco technologies for maximizing end-to-end security in your environment. Three leading Cisco security experts guide you through every step of creating a complete security plan with Cisco ASA, and then deploying, configuring, operating, and troubleshooting your solution.

 

Fully updated for today''s newest ASA releases, this edition adds new coverage of ASA 5500-X, ASA 5585-X, ASA Services Module, ASA next-generation firewall services, EtherChannel, Global ACLs, clustering, IPv6 improvements, IKEv2, AnyConnect Secure Mobility VPN clients, and more. The authors explain significant recent licensing changes; introduce enhancements to ASA IPS; and walk you through configuring IPsec, SSL VPN, and NAT/PAT.

 

You''ll learn how to apply Cisco ASA adaptive identification and mitigation services to systematically strengthen security in network environments of all sizes and types. The authors present up-to-date sample configurations, proven design scenarios, and actual debugs-
all designed to help you make the most of Cisco ASA in your rapidly evolving network.

 

Jazib Frahim, CCIE® No. 5459 (Routing and Switching; Security),Principal Engineer in the Global Security Solutions team, guides top-tier Cisco customers in security-focused network design and implementation. He architects, develops, and launches new security services concepts. His books include Cisco SSL VPN Solutions and Cisco Network Admission Control, Volume II: NAC Deployment and Troubleshooting.

 

Omar Santos, CISSP No. 463598, Cisco Product Security Incident Response Team (PSIRT) technical leader, leads and mentors engineers and incident managers in investigating and resolving vulnerabilities in Cisco products and protecting Cisco customers. Through 18 years in IT and cybersecurity, he has designed, implemented, and supported numerous secure networks for Fortune® 500 companies and the U.S. government. He is also the author of several other books and numerous whitepapers and articles.

 

Andrew Ossipov, CCIE®No. 18483 and CISSP No. 344324,is a Cisco Technical Marketing Engineer focused on firewalls, intrusion prevention, and data center security. Drawing on more than 16 years in networking, he works to solve complex customer technical problems, architect new features and products, and define future directions for Cisco''s product portfolio. He holds several pending patents.

 

Understand, install, configure, license, maintain, and troubleshoot the newest ASA devices

Efficiently implement Authentication, Authorization, and Accounting (AAA) services

Control and provision network access with packet filtering, context-aware Cisco ASA next-generation firewall services, and new NAT/PAT concepts

Configure IP routing, application inspection, and QoS

Create firewall contexts with unique configurations, interfaces, policies, routing tables, and administration

Enable integrated protection against many types of malware and advanced persistent threats (APTs) via Cisco Cloud Web Security and Cisco Security Intelligence Operations (SIO)

Implement high availability with failover and elastic scalability with clustering

Deploy, troubleshoot, monitor, tune, and manage Intrusion Prevention System (IPS) features

Implement site-to-site IPsec VPNs and all forms of remote-access VPNs (IPsec, clientless SSL, and client-based SSL)

Configure and troubleshoot Public Key Infrastructure (PKI)

Use IKEv2 to more effectively resist attacks against VPNs

Leverage IPv6 support for IPS, packet inspection, transparent firewalls, and site-to-site IPsec VPNs

 

 

Format: Trade Paperback

Dimensions: 1248 pages, 9.1 × 7.4 × 2.8 in

Published: April 30, 2014

Publisher: Pearson Education

Language: English

The following ISBNs are associated with this title:

ISBN - 10: 1587143070

ISBN - 13: 9781587143076

save
5%

In Stock Hurry, only 0 left! Not yet released

$83.99  ea

Online Price

$83.99 List Price

or, Used from $56.50

eGift this item

Give this item in the form of an eGift Card.

+ what is this?

This item is eligible for FREE SHIPPING on orders over $25.
See details

Easy, FREE returns. See details

Item can only be shipped in Canada

Downloads instantly to your kobo or other ereading device. See details

All available formats:

Check store inventory (prices may vary)

Reviews

– More About This Product –

Cisco Asa: All-in-one Next-generation Firewall, Ips, And Vpn Services

by Andrew Ossipov, Jazib Frahim, Omar Santos

Format: Trade Paperback

Dimensions: 1248 pages, 9.1 × 7.4 × 2.8 in

Published: April 30, 2014

Publisher: Pearson Education

Language: English

The following ISBNs are associated with this title:

ISBN - 10: 1587143070

ISBN - 13: 9781587143076

Table of Contents

Introduction  Chapter 1 Introduction to Security Technologies 1 Firewalls 2     Network Firewalls 2         Packet-Filtering Techniques 2         Application Proxies 3         Network Address Translation 3         Stateful Inspection Firewalls 6     Demilitarized Zones (DMZ) 7     Deep Packet Inspection 8     Next-Generation Context-Aware Firewalls 8     Personal Firewalls 9 Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS) 9     Pattern Matching and Stateful Pattern-Matching Recognition 11     Protocol Analysis 12     Heuristic-Based Analysis 12     Anomaly-Based Analysis 12     Global Threat Correlation Capabilities 14 Virtual Private Networks 14     Technical Overview of IPsec 16         IKEv1 Phase 1 16         IKEv1 Phase 2 20         IKEv2 23     SSL VPNs 23 Cisco AnyConnect Secure Mobility 25 Cloud and Virtualization Security 26   Chapter 2 Cisco ASA Product and Solution Overview 29 Cisco ASA Model Over
read more read less

From the Publisher

Cisco® ASA

All-in-One Next-Generation Firewall, IPS, and VPN Services, Third Edition

 

Identify, mitigate, and respond to today''s highly-sophisticated network attacks.

 

Today, network attackers are far more sophisticated, relentless, and dangerous. In response, Cisco ASA: All-in-One Next-Generation Firewall, IPS, and VPN Services has been fully updated to cover the newest techniques and Cisco technologies for maximizing end-to-end security in your environment. Three leading Cisco security experts guide you through every step of creating a complete security plan with Cisco ASA, and then deploying, configuring, operating, and troubleshooting your solution.

 

Fully updated for today''s newest ASA releases, this edition adds new coverage of ASA 5500-X, ASA 5585-X, ASA Services Module, ASA next-generation firewall services, EtherChannel, Global ACLs, clustering, IPv6 improvements, IKEv2, AnyConnect Secure Mobility VPN clients, and more. The authors explain significant recent licensing changes; introduce enhancements to ASA IPS; and walk you through configuring IPsec, SSL VPN, and NAT/PAT.

 

You''ll learn how to apply Cisco ASA adaptive identification and mitigation services to systematically strengthen security in network environments of all sizes and types. The authors present up-to-date sample configurations, proven design scenarios, and actual debugs-
all designed to help you make the most of Cisco ASA in your rapidly evolving network.

 

Jazib Frahim, CCIE® No. 5459 (Routing and Switching; Security),Principal Engineer in the Global Security Solutions team, guides top-tier Cisco customers in security-focused network design and implementation. He architects, develops, and launches new security services concepts. His books include Cisco SSL VPN Solutions and Cisco Network Admission Control, Volume II: NAC Deployment and Troubleshooting.

 

Omar Santos, CISSP No. 463598, Cisco Product Security Incident Response Team (PSIRT) technical leader, leads and mentors engineers and incident managers in investigating and resolving vulnerabilities in Cisco products and protecting Cisco customers. Through 18 years in IT and cybersecurity, he has designed, implemented, and supported numerous secure networks for Fortune® 500 companies and the U.S. government. He is also the author of several other books and numerous whitepapers and articles.

 

Andrew Ossipov, CCIE®No. 18483 and CISSP No. 344324,is a Cisco Technical Marketing Engineer focused on firewalls, intrusion prevention, and data center security. Drawing on more than 16 years in networking, he works to solve complex customer technical problems, architect new features and products, and define future directions for Cisco''s product portfolio. He holds several pending patents.

 

Understand, install, configure, license, maintain, and troubleshoot the newest ASA devices

Efficiently implement Authentication, Authorization, and Accounting (AAA) services

Control and provision network access with packet filtering, context-aware Cisco ASA next-generation firewall services, and new NAT/PAT concepts

Configure IP routing, application inspection, and QoS

Create firewall contexts with unique configurations, interfaces, policies, routing tables, and administration

Enable integrated protection against many types of malware and advanced persistent threats (APTs) via Cisco Cloud Web Security and Cisco Security Intelligence Operations (SIO)

Implement high availability with failover and elastic scalability with clustering

Deploy, troubleshoot, monitor, tune, and manage Intrusion Prevention System (IPS) features

Implement site-to-site IPsec VPNs and all forms of remote-access VPNs (IPsec, clientless SSL, and client-based SSL)

Configure and troubleshoot Public Key Infrastructure (PKI)

Use IKEv2 to more effectively resist attacks against VPNs

Leverage IPv6 support for IPS, packet inspection, transparent firewalls, and site-to-site IPsec VPNs

 

 

About the Author

Jazib Frahim , CCIE No. 5459, is a Principal Engineer in the Global Security Services Practice at Cisco. He has been with Cisco for over 15 years, with a focus on cyber-security and emerging security technologies. Jazib is also responsible for guiding customers in the design and implementation of security solutions and technologies in their networks with a focus on network security. He leads a team of solutions architects to guide them through the lifecycle of services and solutions development. Jazib has also been engaged in the development of a number of customer-focused services, such as managed threat defense, network-based identity, bring-your-own-device (BYOD), and many others. Jazib holds a bachelor''s degree in computer engineering from Illinois Institute of Technology and a master''s degree in business administration (MBA) from North Carolina State University. In addition to CISSP, Jazib also holds two CCIEs, one in routing and switching and the other in security. He has presented at many industry events, such as Cisco Live, Interop, and ISSA, on multiple occasions. He has also authored and coauthored numerous technical documents, whitepapers, and books, including the following Cisco Press titles:   ¿ Cisco ASA: All-in-One Firewall, IPS, and VPN Adaptive Security Appliance ¿ Cisco ASA: All-in-One Firewall, IPS, Anti-X, and VPN Adaptive Security Appliance, Second Edition ¿ Cisco Network Admission Control, Volume II: NAC Deployment a
read more read less
Item not added

This item is not available to order at this time.

See used copies from 00.00
  • My Gift List
  • My Wish List
  • Shopping Cart