Cisco ASA: All-in-One Firewall, IPS, and VPN Adaptive Security Appliance

ISBN: 1587052091
EAN: 2147483647

Year: 2006
Pages: 231

Authors: Omar Santos, Jazib Frahim

BUY ON AMAZON

Part I: Product Overview

Introduction to Network Security

• Introduction to Network Security
• Firewall Technologies
• Intrusion Detection and Prevention Technologies
• Network-Based Attacks
• Virtual Private Networks
• Summary

Product History

• Product History
• Cisco Firewall Products
• Cisco IDS Products
• Cisco VPN Products
• Cisco ASA All-in-One Solution
• Summary

Hardware Overview

• Hardware Overview
• Cisco ASA 5510 Model
• Cisco ASA 5520 Model
• Cisco ASA 5540 Model
• AIP-SSM Modules
• Summary

Part II: Firewall Solution

Initial Setup and System Maintenance

• Initial Setup and System Maintenance
• Accessing the Cisco ASA Appliances
• Managing Licenses
• Initial Setup
• IP Version 6
• Setting Up the System Clock
• Configuration Management
• Remote System Management
• System Maintenance
• System Monitoring
• Summary

Network Access Control

• Network Access Control
• Packet Filtering
• Advanced ACL Features
• Content and URL Filtering
• Deployment Scenarios Using ACLs
• Monitoring Network Access Control
• Understanding Address Translation
• DNS Doctoring
• Monitoring Address Translations
• Summary

IP Routing

• IP Routing
• Configuring Static Routes
• RIP
• OSPF
• IP Multicast
• Deployment Scenarios
• Summary

Authentication, Authorization, and Accounting (AAA)

• Authentication, Authorization, and Accounting (AAA)
• AAA Protocols and Services Supported by Cisco ASA
• Defining an Authentication Server
• Configuring Authentication of Administrative Sessions
• Authenticating Firewall Sessions (Cut-Through Proxy Feature)
• Configuring Authorization
• Configuring Accounting
• Deployment Scenarios
• Troubleshooting AAA
• Summary

Application Inspection

• Application Inspection
• Enabling Application Inspection Using the Modular Policy Framework
• Selective Inspection
• Computer Telephony Interface Quick Buffer Encoding Inspection
• Domain Name System
• Extended Simple Mail Transfer Protocol
• File Transfer Protocol
• General Packet Radio Service Tunneling Protocol
• H.323
• HTTP
• ICMP
• ILS
• MGCP
• NetBIOS
• PPTP
• Sun RPC
• RSH
• RTSP
• SIP
• Skinny
• SNMP
• SQL*Net
• TFTP
• XDMCP
• Deployment Scenarios
• Summary

Security Contexts

• Security Contexts
• Architectural Overview
• Configuration of Security Contexts
• Deployment Scenarios
• Monitoring and Troubleshooting the Security Contexts
• Summary

Transparent Firewalls

• Transparent Firewalls
• Architectural Overview
• Transparent Firewalls and VPNs
• Configuration of Transparent Firewall
• Deployment Scenarios
• Monitoring and Troubleshooting the Transparent Firewall
• Summary

Failover and Redundancy

• Failover and Redundancy
• Architectural Overview
• Failover Configuration
• Deployment Scenarios
• Monitoring and Troubleshooting Failovers
• Summary

Quality of Service

• Quality of Service
• Architectural Overview
• Configuring Quality of Service
• QoS Deployment Scenarios
• Monitoring QoS
• Summary

Part III: Intrusion Prevention System (IPS) Solution

Intrusion Prevention System Integration

• Intrusion Prevention System Integration
• Adaptive Inspection Prevention Security Services Module Overview (AIP-SSM)
• Directing Traffic to the AIP-SSM
• AIP-SSM Module Software Recovery
• Additional IPS Features
• Summary

Configuring and Troubleshooting Cisco IPS Software via CLI

• Configuring and Troubleshooting Cisco IPS Software via CLI
• Cisco IPS Software Architecture
• Introduction to the CIPS 5.x Command-Line Interface
• User Administration
• AIP-SSM Maintenance
• Advanced Features and Configuration
• Summary

Part IV: Virtual Private Network (VPN) Solution

Site-to-Site IPSec VPNs

• Site-to-Site IPSec VPNs
• Preconfiguration Checklist
• Configuration Steps
• Advanced Features
• Optional Commands
• Deployment Scenarios
• Monitoring and Troubleshooting Site-to-Site IPSec VPNs
• Summary

Remote Access VPN

• Remote Access VPN
• Cisco IPSec Remote Access VPN Solution
• Advanced Cisco IPSec VPN Features
• Deployment Scenarios of Cisco IPSec VPN
• Monitoring and Troubleshooting Cisco Remote Access VPN
• Cisco WebVPN Solution
• Advanced WebVPN Features
• Deployment Scenarios of WebVPN
• Monitoring and Troubleshooting WebVPN
• Summary

Public Key Infrastructure (PKI)

• Public Key Infrastructure (PKI)
• Introduction to PKI
• Enrolling the Cisco ASA to a CA Using SCEP
• Manual (Cut-and-Paste) Enrollment
• Configuring CRL Options
• Configuring IPSec Site-to-Site Tunnels Using Certificates
• Configuring the Cisco ASA to Accept Remote-Access VPN Clients Using Certificates
• Troubleshooting PKI
• Summary

Part V: Adaptive Security Device Manager

Introduction to ASDM

• Introduction to ASDM
• Setting Up ASDM
• Initial Setup
• Functional Screens
• Interface Management
• System Clock
• Configuration Management
• Remote System Management
• System Maintenance
• System Monitoring
• Summary

Firewall Management Using ASDM

• Firewall Management Using ASDM
• Access Control Lists
• Address Translation
• Routing Protocols
• AAA
• Application Inspection
• Security Contexts
• Transparent Firewalls
• Failover
• QoS
• Summary

IPS Management Using ASDM

• IPS Management Using ASDM
• Accessing the IPS Device Management Console from ASDM
• Configuring Basic AIP-SSM Settings
• Advanced IPS Configuration and Monitoring Using ASDM
• Summary

VPN Management Using ASDM

• VPN Management Using ASDM
• Site-to-Site VPN Setup Using Preshared Keys
• Site-to-Site VPN Setup Using PKI
• Cisco Remote-Access IPSec VPN Setup
• WebVPN
• VPN Monitoring
• Summary

Case Studies

• Case Studies
• Case Study 1: Deploying the Cisco ASA at Branch Offices and Small Businesses
• Case Study 2: Large Enterprise Firewall, VPN, and IPS Deployment
• Summary