Asia Pacific University Library catalogue


Integrated security technologies and solutions - volume II: Cisco security solutions for network access control, segmentation, context sharing, secure connectivity and virtualization / Aaron Woland, Vivek Santuka, Jamie Sanbower, Chad Mitchell.

By: Woland, Aaron [author. ]Contributor(s): Woland, Aaron T [author. ] | Santuka, Vivek [author.] | Sanbower, Jamie [author.] | Mitchell, Chad [author. ]Material type: TextTextSeries: CCIE professional development ; Volume II.Publisher: Hoboken, NJ : Cisco Systems, Inc., ©2019Edition: 1st editionDescription: xxi, 665 pages: black and white illustration. 24cmISBN: 9781587147074 (paperback)Subject(s): Computer networks -- Security measures -- Computer securityLOC classification: QA76.9 | .A25 .I56 2019 c.1
Contents:
Introduction xix Part I Knock, Knock! Who’s There? 1Chapter 1 Who and What: AAA Basics 3 Fundamentals of AAA 3 Understanding the Concept of Triple-A in the Real World 4 Compare and Select AAA Options 4 TACACS+ 7 RADIUS 12 Comparing RADIUS and TACACS+ 15 Summary 16Chapter 2 Basic Network Access Control 17 What Is Cisco ISE? 17 ISE Architecture for Network Access AAA 18 Configuring ISE for Single/Standalone and Multinode Deployments 23 ISE Configuration for Network Access 32 802.1X and Beyond 54 Configuring Wired Network Access with ISE 71 Configuring Wireless Network Access with ISE 115 Verifying Dot1X and MAB 140 Summary 148Chapter 3 Beyond Basic Network Access Control 149 Profiling with ISE 149 ISE Profiler and CoA 175 Profiles in Authorization Policies 178 Passive Identities and EasyConnect 180 Summary 191Chapter 4 Extending Network Access with ISE 193 Get Ready, Get Set, Prerequisites 194 BYOD Onboarding with ISE 197 MDM Onboarding and Enforcement with ISE 236 Posture Assessment and Remediation with ISE 244 Guest Access with ISE 265 TrustSec with ISE 287 Summary 306Chapter 5 Device Administration Control with ISE 307 The Case for Centralized AAA 307 RADIUS Versus TACACS+ for Device Administration 308 Using TACACS+ for Device Administration 309 Using RADIUS for Device Administration 343 Summary 352. Part II Spread the Love! 353Chapter 6 Sharing the Context 355 The Many Integration Types of the Ecosystem 356 pxGrid in Depth 361 Summary 406Chapter 7 APIs in Cisco Security 407 APIs 101 407 Firepower Management Center APIs 413 Identity Services Engine APIs 424 Advanced Malware Protection APIs 428 Threat Grid APIs 433 Umbrella APIs 435 Summary 437 References 437. Part III c2889775343d1ed91b 439Chapter 8 Security Connectivity 441 Hashing, Ciphers, Cryptography, and PKI 441 Virtual Private Networks 461 Layer 2 Encryption: IEEE 802.1AE/MACsec 470 Summary 474 References 474Chapter 9 Infrastructure VPN 477 IPsec with IKEv1 478 IPsec with IKEv2 484 EzVPN 492 DMVPN 500 FlexVPN 514 GETVPN 532 Summary 541 References 541Chapter 10 Remote Access VPN 543 Remote Access VPN Overview 543 Cisco AnyConnect Secure Mobility Client 546 Client-Based Remote Access VPN 554 Clientless Remote Access VPN 586 Summary 595 References 595. Part IV The Red Pill 597Chapter 11 Security Virtualization and Automation 599 Cisco Virtual Solutions and Server Virtualization 599 Virtualization and Automation Solutions 602 Summary 613 References 614 Index 615.
Summary: The essential reference for security pros and CCIE Security candidates: identity, context sharing, encryption, secure connectivity and virtualization Integrated Security Technologies and Solutions - Volume II brings together more expert-level instruction in security design, deployment, integration, and support. It will help experienced security and network professionals manage complex solutions, succeed in their day-to-day jobs, and prepare for their CCIE Security written and lab exams. Volume II focuses on the Cisco Identity Services Engine, Context Sharing, TrustSec, Application Programming Interfaces (APIs), Secure Connectivity with VPNs, and the virtualization and automation sections of the CCIE v5 blueprint. Like Volume I, its strong focus on interproduct integration will help you combine formerly disparate systems into seamless, coherent, next-generation security solutions. Part of the Cisco CCIE Professional Development Series from Cisco Press, it is authored by a team of CCIEs who are world-class experts in their Cisco security disciplines, including co-creators of the CCIE Security v5 blueprint. Each chapter starts with relevant theory, presents configuration examples and applications, and concludes with practical troubleshooting.
    Average rating: 0.0 (0 votes)
Item type Current library Collection Call number Copy number Status Date due Barcode
General Circulation General Circulation APU Library
Open Shelf 		Book QA76.9 .A25 .I56 2019 c.1 (Browse shelf (Opens below)) 1 Available 00013074

Includes bibliographical references and index.

Introduction xix

Part I Knock, Knock! Who’s There? 1Chapter 1 Who and What: AAA Basics 3 Fundamentals of AAA 3 Understanding the Concept of Triple-A in the Real World 4 Compare and Select AAA Options 4 TACACS+ 7 RADIUS 12 Comparing RADIUS and TACACS+ 15 Summary 16Chapter 2 Basic Network Access Control 17 What Is Cisco ISE? 17 ISE Architecture for Network Access AAA 18 Configuring ISE for Single/Standalone and Multinode Deployments 23 ISE Configuration for Network Access 32 802.1X and Beyond 54 Configuring Wired Network Access with ISE 71 Configuring Wireless Network Access with ISE 115 Verifying Dot1X and MAB 140 Summary 148Chapter 3 Beyond Basic Network Access Control 149 Profiling with ISE 149 ISE Profiler and CoA 175 Profiles in Authorization Policies 178 Passive Identities and EasyConnect 180 Summary 191Chapter 4 Extending Network Access with ISE 193 Get Ready, Get Set, Prerequisites 194 BYOD Onboarding with ISE 197 MDM Onboarding and Enforcement with ISE 236 Posture Assessment and Remediation with ISE 244 Guest Access with ISE 265 TrustSec with ISE 287 Summary 306Chapter 5 Device Administration Control with ISE 307 The Case for Centralized AAA 307 RADIUS Versus TACACS+ for Device Administration 308 Using TACACS+ for Device Administration 309 Using RADIUS for Device Administration 343 Summary 352.

Part II Spread the Love! 353Chapter 6 Sharing the Context 355 The Many Integration Types of the Ecosystem 356 pxGrid in Depth 361 Summary 406Chapter 7 APIs in Cisco Security 407 APIs 101 407 Firepower Management Center APIs 413 Identity Services Engine APIs 424 Advanced Malware Protection APIs 428 Threat Grid APIs 433 Umbrella APIs 435 Summary 437 References 437.

Part III c2889775343d1ed91b 439Chapter 8 Security Connectivity 441 Hashing, Ciphers, Cryptography, and PKI 441 Virtual Private Networks 461 Layer 2 Encryption: IEEE 802.1AE/MACsec 470 Summary 474 References 474Chapter 9 Infrastructure VPN 477 IPsec with IKEv1 478 IPsec with IKEv2 484 EzVPN 492 DMVPN 500 FlexVPN 514 GETVPN 532 Summary 541 References 541Chapter 10 Remote Access VPN 543 Remote Access VPN Overview 543 Cisco AnyConnect Secure Mobility Client 546 Client-Based Remote Access VPN 554 Clientless Remote Access VPN 586 Summary 595 References 595.

Part IV The Red Pill 597Chapter 11 Security Virtualization and Automation 599 Cisco Virtual Solutions and Server Virtualization 599 Virtualization and Automation Solutions 602 Summary 613 References 614 Index 615.

The essential reference for security pros and CCIE Security candidates: identity, context sharing, encryption, secure connectivity and virtualization Integrated Security Technologies and Solutions - Volume II brings together more expert-level instruction in security design, deployment, integration, and support. It will help experienced security and network professionals manage complex solutions, succeed in their day-to-day jobs, and prepare for their CCIE Security written and lab exams. Volume II focuses on the Cisco Identity Services Engine, Context Sharing, TrustSec, Application Programming Interfaces (APIs), Secure Connectivity with VPNs, and the virtualization and automation sections of the CCIE v5 blueprint. Like Volume I, its strong focus on interproduct integration will help you combine formerly disparate systems into seamless, coherent, next-generation security solutions. Part of the Cisco CCIE Professional Development Series from Cisco Press, it is authored by a team of CCIEs who are world-class experts in their Cisco security disciplines, including co-creators of the CCIE Security v5 blueprint. Each chapter starts with relevant theory, presents configuration examples and applications, and concludes with practical troubleshooting.

There are no comments on this title.

to post a comment.