Must-have security strategies using Cisco's complete solution to network security
Cisco Secure Internet Security Solutions covers the basics of Internet security, and then concentrates on each member of the Cisco Secure product family, providing a detailed explanation with examples of the preferred configurations required for securing Internet connections. The Cisco Secure PIX Firewall is covered in depth from an architectural point of view, and a reference of the PIX commands explains their use in the real world. Although Cisco Secure Internet Security Solutions is primarily concerned with Internet security, the information inside is also applicable to many general network security scenarios
I. INTERNET SECURITY FUNDAMENTALS.1. Internet Security.
Internet Threats. Network Services. Security in the TCP/IP Suite. Denial of Service (DoS) Attacks. Creating a Corporate Security Policy. Summary. Frequently Asked Questions. Glossary.2. Basic Cisco Router Security.
Basic Management Security. Access Lists. Password Management. Physical Security. Out-of-Band Management Security. Cisco Discovery Protocol (CDP). Hypertext Transfer Protocol (HTTP) Configuration Services. Simple Network Management Protocol (SNMP). Network Time Protocol (NTP). Banners. Recommended Minimum IOS Security Settings. TCP Intercept. Summary.
II. CISCO SECURE PRODUCT FAMILY.3. Overview of the Cisco Security Solution and the Cisco Secure Product Family.
Cisco Security Solution. Cisco Secure Product Family. Summary. Frequently Asked Questions. Glossary. Bibliography. URLs.4. Cisco Secure PIX Firewall.
PIX Models. PIX Features. PIX Configuration. VPN with Point-to-Point Tunneling Protocol (PPTP). VPN with IPSec and Manual Keys. VPN with Preshared Keys. Obtaining Certificate Authorities (CAs). PIX-to-PIX Configuration. Summary.5. Cisco IOS Firewall.
Access Lists. Dynamic Access Lists. Time-Based Access Lists. Reflexive Access Lists. Cisco IOS Firewall Features. How Context-Based Access Control (CBAC) Works. Configuring CBAC. Summary.6. Intrusion Detection Systems.
Overview of Intrusion Detection. Intrusion Detection Systems. Cisco Secure Intrusion Detection System (CSIDS). Cisco IOS Firewall IDS. Cisco Secure PIX Firewall IDS. Cisco IDS Configuration. Summary. Frequently Asked Questions. Glossary.7. Cisco Secure Scanner.
Cisco Secure Scanner Features. Cisco Secure Scanner Installation. Cisco Secure Scanner Configuration. Summary. Frequently Asked Questions. Glossary. URLs.8. Cisco Secure Policy Manager (CSPM).
CSPM Features. CSPM Installation. Configuration Example. Summary. Frequently Asked Questions. Glossary. URLs.9. Cisco Secure Access Control Server (ACS).
Cisco Secure ACS Features. Overview of Authentication, Authorization, and Accounting (AAA). RADIUS and TACACS+. Cisco Secure ACS Installation. Cisco Secure ACS Configuration. Network Access Server Configuration. Configuration Example. Summary. Frequently Asked Questions. Glossary. Bibliography. URLs.
III. INTERNET SECURITY SITUATIONS.10. Securing the Corporate Network.
Dial-In Security. Dial-In User Authentication, Authorization, and Accounting (AAA). AAA Authentication Setup with TACACS+ and RADIUS. AAA Authorization Setup. AAA Accounting Setup. Using All AAA Services Simultaneously. Virtual Private Networks (VPNs).11. Providing Secure Access to Internet Services.
Internet Services. Common Internet Security Threats. Internet Service Security Example. Web Servers. File Transfer Protocol (FTP) Servers. Internet e-Mail Servers (SMTP/POP3/IMAP4). Domain Name System (DNS) Servers. Back-End Servers. Summary. Frequently Asked Questions. Glossary.
IV. APPENDIX.Appendix A: Cisco SAFE: A Security Blueprint for Enterprise Networks.
Authors of This Appendix. Abstract. Audience. Caveats. Architecture Overview. Enterprise Module. Enterprise Campus. Enterprise Edge. Migration Strategies. Annex A: Validation Lab. Annex B: Network Security Primer. Annex C: Architecture Taxonomy.References.
Download - 290 KB -- Index