Cisco Firewalls (Paperback)

Alexandre M.S.P. Moraes

  • 出版商: Cisco Press
  • 出版日期: 2011-06-16
  • 定價: $2,450
  • 售價: 6.0$1,470
  • 語言: 英文
  • 頁數: 912
  • 裝訂: Paperback
  • ISBN: 1587141094
  • ISBN-13: 9781587141096
  • 相關分類: Cisco
  • 相關翻譯: Cisco 防火牆 (Cisco Firewalls) (簡中版)
  • 立即出貨 (庫存=1)

買這商品的人也買了...

商品描述

Cisco Firewalls

Concepts, design and deployment for Cisco Stateful Firewall solutions

 

In this book, Alexandre proposes a totally different approach to the important subject of firewalls: Instead of just presenting configuration models, he uses a set of carefully crafted examples to illustrate the theory in action. A must read!—Luc Billot, Security Consulting Engineer at Cisco

 

Cisco Firewalls thoroughly explains each of the leading Cisco firewall products, features, and solutions, and shows how they can add value to any network security design or operation. The author tightly links theory with practice, demonstrating how to integrate Cisco firewalls into highly secure, self-defending networks. Cisco Firewalls shows you how to deploy Cisco firewalls as an essential component of every network infrastructure. The book takes the unique approach of illustrating complex configuration concepts through step-by-step examples that demonstrate the theory in action. This is the first book with detailed coverage of firewalling Unified Communications systems, network virtualization architectures, and environments that include virtual machines. The author also presents indispensable information about integrating firewalls with other security elements such as IPS, VPNs, and load balancers; as well as a complete introduction to firewalling IPv6 networks. Cisco Firewalls will be an indispensable resource for engineers and architects designing and implementing firewalls; security administrators, operators, and support professionals; and anyone preparing for the CCNA Security, CCNP Security, or CCIE Security certification exams.

 

Alexandre Matos da Silva Pires de Moraes, CCIE No. 6063, has worked as a Systems Engineer for Cisco Brazil since 1998 in projects that involve not only Security and VPN technologies but also Routing Protocol and Campus Design, IP Multicast Routing, and MPLS Networks Design. He coordinated a team of Security engineers in Brazil and holds the CISSP, CCSP, and three CCIE certifications (Routing/Switching, Security, and Service Provider). A frequent speaker at Cisco Live, he holds a degree in electronic engineering from the Instituto Tecnológico de Aeronáutica (ITA – Brazil).

 

·        Create advanced security designs utilizing the entire Cisco firewall product family

·        Choose the right firewalls based on your performance requirements

·        Learn firewall  configuration fundamentals and master the tools that provide insight about firewall operations

·        Properly insert firewalls in your network’s topology using Layer 3 or Layer 2 connectivity

·        Use Cisco firewalls as part of a robust, secure virtualization architecture

·        Deploy Cisco ASA firewalls with or without NAT

·        Take full advantage of the classic IOS firewall feature set (CBAC)

·        Implement flexible security policies with the Zone Policy Firewall (ZPF)

·        Strengthen stateful inspection with antispoofing, TCP normalization, connection limiting, and IP fragmentation handling

·        Use application-layer inspection capabilities built into Cisco firewalls

·        Inspect IP voice protocols, including SCCP, H.323, SIP, and MGCP

·        Utilize identity to provide user-based stateful functionality

·        Understand how multicast traffic is handled through firewalls

·        Use firewalls to protect your IPv6 deployments

 

This security book is part of the Cisco Press Networking Technology Series. Security titles from Cisco Press help networking professionals secure critical data and resources, prevent and mitigate network attacks, and build end-to-end, self-defending networks.

商品描述(中文翻譯)

《Cisco防火牆》概念、設計和部署Cisco有狀態防火牆解決方案

在這本書中,亞歷山大提出了一種完全不同的防火牆重要主題的方法:他不僅僅呈現配置模型,還使用一組精心製作的示例來演示理論的應用。必讀!—Cisco安全顧問工程師Luc Billot

《Cisco防火牆》詳細解釋了領先的Cisco防火牆產品、功能和解決方案,並展示了它們如何為任何網絡安全設計或運營增加價值。作者緊密地將理論與實踐相結合,演示如何將Cisco防火牆集成到高度安全的自衛網絡中。《Cisco防火牆》向您展示如何將Cisco防火牆部署為每個網絡基礎設施的重要組件。本書採用獨特的方法,通過逐步示例來說明複雜的配置概念,以演示理論的應用。這是第一本詳細介紹統一通信系統防火牆、網絡虛擬化架構和包括虛擬機器在內的環境的書籍。作者還提供了關於將防火牆與其他安全元素(如IPS、VPN和負載均衡器)集成的不可或缺的信息,以及完整介紹防火牆IPv6網絡的入門知識。《Cisco防火牆》將成為設計和實施防火牆的工程師和架構師、安全管理員、運營商和支持專業人員以及準備CCNA安全、CCNP安全或CCIE安全認證考試的人的不可或缺的資源。

亞歷山大·馬托斯·達·席爾瓦·皮雷斯·德·莫拉斯(Alexandre Matos da Silva Pires de Moraes),CCIE編號6063,自1998年以來一直在Cisco巴西擔任系統工程師,參與的項目不僅涉及安全和VPN技術,還包括路由協議和校園設計、IP多播路由和MPLS網絡設計。他在巴西協調了一支安全工程師團隊,並擁有CISSP、CCSP和三個CCIE認證(路由/交換、安全和服務提供商)。作為Cisco Live的常客,他擁有巴西航空技術學院(ITA)的電子工程學學位。

· 利用整個Cisco防火牆產品系列創建高級安全設計
· 根據性能要求選擇合適的防火牆
· 學習防火牆配置基礎知識,並掌握提供有關防火牆操作的工具
· 使用第3層或第2層連接將防火牆正確插入您的網絡拓撲
· 將Cisco防火牆作為強大、安全的虛擬化架構的一部分部署
· 部署帶有或不帶有NAT的Cisco ASA防火牆
· 充分利用經典IOS防火牆功能集(CBAC)
· 使用區域策略防火牆(ZPF)實施靈活的安全策略
· 通過防止偽造、TCP規範化、連接限制和IP分段處理來加強有狀態檢查
· 利用內置於Cisco防火牆中的應用層檢查功能
· 檢查IP語音協議,包括SCCP、H.323、SIP和MGCP
· 利用身份識別提供基於用戶的有狀態功能
· 了解通過防火牆處理多播流量的方式