Używamy cookies, aby ułatwić korzystanie z Portalu. Możesz określić warunki przechowywania, dostępu do plików cookies w Twojej przeglądarce. Dowiedz się więcej.
strona główna Strona główna | Nowości | Promocje | Zapowiedzi Twoje konto | Zarejestruj | Schowek | Kontakt | Pomoc
mapa działów
Szukaj: szukanie zaawansowane
Książki \ Cisco

Integrated Security Technologies and Solutions - Volume II: Cisco Security Solutions for Network Access Control, Segmentation, Context Sharing, Secure Connectivity and Virtualization Język: 2


Cena Brutto: 361.20

Cena netto: 344.00

Wersja: Drukowana
Autor Aaron Woland, Vivek Santuka, Jamie Sanbower, Chad Mitchell
Liczba_stron 688
Wydawnictwo Cisco Press
Data_Wydania 2019-04-20
Integrated Security Technologies and Solutions - Volume II: Cisco Security Solutions for Network Access Control, Segmentation, Context Sharing, Secure Connectivity and Virtualization

Integrated Security Technologies and Solutions – Volume II brings together more expert-level instruction in security design, deployment, integration, and support. It will help experienced security and network professionals manage complex solutions, succeed in their day-to-day jobs, and prepare for their CCIE Security written and lab exams.

Volume II focuses on the Cisco Identity Services Engine, Context Sharing, TrustSec, Application Programming Interfaces (APIs), Secure Connectivity with VPNs, and the virtualization and automation sections of the CCIE v5 blueprint. Like Volume I, its strong focus on interproduct integration will help you combine formerly disparate systems into seamless, coherent, next-generation security solutions.

Part of the Cisco CCIE Professional Development Series from Cisco Press, it is authored by a team of CCIEs who are world-class experts in their Cisco security disciplines, including co-creators of the CCIE Security v5 blueprint. Each chapter starts with relevant theory, presents configuration examples and applications, and concludes with practical troubleshooting.

  • Review the essentials of Authentication, Authorization, and Accounting (AAA)
  • Explore the RADIUS and TACACS+ AAA protocols, and administer devices with them
  • Enforce basic network access control with the Cisco Identity Services Engine (ISE)
  • Implement sophisticated ISE profiling, EzConnect, and Passive Identity features
  • Extend network access with BYOD support, MDM integration, Posture Validation, and Guest Services
  • Safely share context with ISE, and implement pxGrid and Rapid Threat Containment
  • Integrate ISE with Cisco FMC, WSA, and other devices
  • Leverage Cisco Security APIs to increase control and flexibility
  • Review Virtual Private Network (VPN) concepts and types
  • Understand and deploy Infrastructure VPNs and Remote Access VPNs
  • Virtualize leading Cisco Security products
  • Make the most of Virtual Security Gateway (VSG), Network Function Virtualization (NFV), and microsegmentation
Introduction xix
Part I Knock, Knock! Who’s There? 1
Chapter 1 Who and What: AAA Basics 3
    Fundamentals of AAA 3
    Understanding the Concept of Triple-A in the Real World 4
    Compare and Select AAA Options 4
    TACACS+ 7
    RADIUS 12
    Comparing RADIUS and TACACS+ 15
    Summary 16
Chapter 2 Basic Network Access Control 17
    What Is Cisco ISE? 17
    ISE Architecture for Network Access AAA 18
    Configuring ISE for Single/Standalone and Multinode Deployments 23
    ISE Configuration for Network Access 32
    802.1X and Beyond 54
    Configuring Wired Network Access with ISE 71
    Configuring Wireless Network Access with ISE 115
    Verifying Dot1X and MAB 140
    Summary 148
Chapter 3 Beyond Basic Network Access Control 149
    Profiling with ISE 149
    ISE Profiler and CoA 175
    Profiles in Authorization Policies 178
    Passive Identities and EasyConnect 180
    Summary 191
Chapter 4 Extending Network Access with ISE 193
    Get Ready, Get Set, Prerequisites 194
    BYOD Onboarding with ISE 197
    MDM Onboarding and Enforcement with ISE 236
    Posture Assessment and Remediation with ISE 244
    Guest Access with ISE 265
    TrustSec with ISE 287
    Summary 306
Chapter 5 Device Administration Control with ISE 307
    The Case for Centralized AAA 307
    RADIUS Versus TACACS+ for Device Administration 308
    Using TACACS+ for Device Administration 309
    Using RADIUS for Device Administration 343
    Summary 352
Part II Spread the Love! 353
Chapter 6 Sharing the Context 355
    The Many Integration Types of the Ecosystem 356
    pxGrid in Depth 361
    Summary 406
Chapter 7 APIs in Cisco Security 407
    APIs 101 407
    Firepower Management Center APIs 413
    Identity Services Engine APIs 424
    Advanced Malware Protection APIs 428
    Threat Grid APIs 433
    Umbrella APIs 435
    Summary 437
    References 437
Part III c2889775343d1ed91b 439
Chapter 8 Security Connectivity 441
    Hashing, Ciphers, Cryptography, and PKI 441
    Virtual Private Networks 461
    Layer 2 Encryption: IEEE 802.1AE/MACsec 470
    Summary 474
    References 474
Chapter 9 Infrastructure VPN 477
    IPsec with IKEv1 478
    IPsec with IKEv2 484
    EzVPN 492
    DMVPN 500
    FlexVPN 514
    GETVPN 532
    Summary 541
    References 541
Chapter 10 Remote Access VPN 543
    Remote Access VPN Overview 543
    Cisco AnyConnect Secure Mobility Client 546
    Client-Based Remote Access VPN 554
    Clientless Remote Access VPN 586
    Summary 595
    References 595
Part IV The Red Pill 597
Chapter 11 Security Virtualization and Automation 599
    Cisco Virtual Solutions and Server Virtualization 599
    Virtualization and Automation Solutions 602
    Summary 613
    References 614
97815877147074, TOC, 2/28/19
Produkty Podobne
LISP Network Deployment and Troubleshooting: The Complete Guide to LISP Implementation on IOS-XE, IOS-XR, and NX-OS
IT Essentials Course Booklet, 7th Edition
CCNA 200-301 Official Cert Guide, Volume 1
Integrated Security Technologies and Solutions - Volume II: Cisco Security Solutions for Network Access Control, Segmentation, Context Sharing, Secure Connectivity and Virtualization
LISP Network, The: Evolution to the Next-Generation of Data Networks
Hyperconverged Infrastructure Data Centers: Demystifying HCI
Cisco Digital Network Architecture: Intent-based Networking for the Enterprise
Understanding Session Border Controllers: Comprehensive Guide to Designing, Deploying, Troubleshooting, and Maintaining Cisco Unified Border Element (CUBE) Solutions
Data Analytics for IT Networks: Developing Innovative Use Cases
CCNA Cybersecurity Operations Companion Guide
Więcej produktów