Cisco Security Agent
- Cisco Security Agent
- Table of Contents
- Copyright
- About the Author
- About the Technical Reviewers
- Acknowledgments
- This Book Is Safari Enabled
- Foreword
- Command Syntax Conventions
- Introduction
- Who Should Read This Book?
- How This Book Is Organized
- Part I: The Need for Endpoint Security
- Chapter 1. Introducing Endpoint Security
- The Early Days: Viruses and Worms
- The Present: Blended Threats
- The Insider
- Understanding Point Security Weaknesses
- Using Attack-Detection Methods
- Establishing a Security Policy
- Summary
- Chapter 2. Introducing the Cisco Security Agent
- Intrusion Prevention and Intrusion Detection Technologies
- The Life Cycle of an Attack
- CSA Capabilities
- CSA Components Overview
- CSA Communication
- CSA s Role Within SAFE
- Summary
- Part II: Understanding the CSA Building Blocks
- Chapter 3. Understanding CSA Groups and Hosts
- The Relationship Between Groups and Hosts
- Understanding CSA Groups
- Understanding CSA Hosts
- Summary
- Chapter 4. Understanding CSA Policies, Modules, and Rules
- The Relationship Between Policies, Modules, and Rules
- Establishing Acceptable Use Documents and Security Policies
- CSA Rules
- CSA Rule Modules
- CSA Policies
- Summary
- Chapter 5. Understanding Application Classes and Variables
- Using Application Classes
- Introducing Variables
- Summary
- Part III: CSA Agent Installation and Local Agent Use
- Chapter 6. Understanding CSA Components and Installation
- General CSA Agent Components Overview
- CSA Installation Requirements
- Agent Kits
- Summary
- Chapter 7. Using the CSA User Interface
- Windows Agent Interface
- Linux Agent Interface
- Solaris Agent Interface
- Summary
- Part IV: Monitoring and Reporting
- Chapter 8. Monitoring CSA Events
- Status Summary
- Event Log
- Event Monitor
- Event Log Management
- Event Sets
- Alerts
- Summary
- Chapter 9. Using CSA MC Reports
- Audit Trail Reporting
- Event Reporting
- Group Detail Reporting
- Host Detail Reporting
- Policy Detail Reporting
- Report Viewing
- Creating a Sample Report
- Summary
- Part V: Analyzing CSA
- Chapter 10. Application Deployment Investigation
- Using Application Deployment Investigation
- Using Application Deployment Reports
- Summary
- Chapter 11. Application Behavior Analysis
- Understanding Application Behavior Investigation Components
- Configuring Application Behavior Investigation
- Using Application Behavior Investigation on the Remote Agent
- Analyzing Log Data
- Viewing Behavior Reports
- Exporting the Behavior Analysis Report Data
- Analyzing UNIX Application Behavior
- Creating Behavior Analysis Rule Modules
- Summary
- Part VI: Creating Policy, Implementing CSA, and Maintaining the CSA MC
- Chapter 12. Creating and Tuning Policy
- Creating Policy
- Tuning Policy
- Summary
- Chapter 13. Developing a CSA Project Implementation Plan
- Planning for Success
- The Project Plan
- Outlining the Project Phases
- Summary
- Chapter 14. CSA MC Administration and Maintenance
- CSA Licensing
- CSA MC Registration Control
- CSA MC Component Sharing
- CSA MC Role-Based Access Control
- Other CSA MC Administrative Features
- CSA MC Backup and Restore Procedures
- Summary
- Part VII: Appendixes
- Appendix A. VMS and CSA MC 4.5 Installation
- VMS v2.3 Components
- Installation
- Summary
- Appendix B. Security Monitor Integration
- Adding the CSA MC to the Security Monitor
- Configuring the Security Monitor
- Verifying Connectivity
- Viewing Events in the Security Monitor
- Summary
- Appendix C. CSA MIB
- CSA MC MIB Definitions
- Index
- index_SYMBOL
- index_A
- index_B
- index_C
- index_D
- index_E
- index_F
- index_G
- index_H
- index_I
- index_L
- index_M
- index_N
- index_O
- index_P
- index_Q
- index_R
- index_S
- index_T
- index_U
- index_V
- index_W
Similar book on Amazon
