Home > Store

Integrated Security Technologies and Solutions - Volume I: Cisco Security Solutions for Advanced Threat Protection with Next Generation Firewall, Intrusion Prevention, AMP, and Content Security

Integrated Security Technologies and Solutions - Volume I: Cisco Security Solutions for Advanced Threat Protection with Next Generation Firewall, Intrusion Prevention, AMP, and Content Security

eBook (Watermarked)

  • Your Price: $51.19
  • List Price: $63.99
  • Includes EPUB, MOBI, and PDF
  • About eBook Formats
  • This eBook includes the following formats, accessible from your Account page after purchase:

    ePub EPUB The open industry format known for its reflowable content and usability on supported mobile devices.

    MOBI MOBI The eBook format compatible with the Amazon Kindle and Amazon Kindle applications.

    Adobe Reader PDF The popular standard, used most often with the free Adobe® Reader® software.

    This eBook requires no passwords or activation to read. We customize your eBook by discreetly watermarking it with your name, making it uniquely yours.

Also available in other formats.

Register your product to gain access to bonus material or receive a coupon.


  • Copyright 2018
  • Dimensions: 7-3/8" x 9-1/8"
  • Edition: 1st
  • eBook (Watermarked)
  • ISBN-10: 0-13-480758-8
  • ISBN-13: 978-0-13-480758-4

The essential reference for security pros and CCIE Security candidates: policies, standards, infrastructure/perimeter and content security, and threat protection

Integrated Security Technologies and Solutions – Volume I offers one-stop expert-level instruction in security design, deployment, integration, and support methodologies to help security professionals manage complex solutions and prepare for their CCIE exams. It will help security pros succeed in their day-to-day jobs and also get ready for their CCIE Security written and lab exams.

Part of the Cisco CCIE Professional Development Series from Cisco Press, it is authored by a team of CCIEs who are world-class experts in their Cisco security disciplines, including co-creators of the CCIE Security v5 blueprint. Each chapter starts with relevant theory, presents configuration examples and applications, and concludes with practical troubleshooting.

Volume 1 focuses on security policies and standards; infrastructure security; perimeter security (Next-Generation Firewall, Next-Generation Intrusion Prevention Systems, and Adaptive Security Appliance [ASA]), and the advanced threat protection and content security sections of the CCIE Security v5 blueprint. With a strong focus on interproduct integration, it also shows how to combine formerly disparate systems into a seamless, coherent next-generation security solution.

  • Review security standards, create security policies, and organize security with Cisco SAFE architecture
  • Understand and mitigate threats to network infrastructure, and protect the three planes of a network device
  • Safeguard wireless networks, and mitigate risk on Cisco WLC and access points
  • Secure the network perimeter with Cisco Adaptive Security Appliance (ASA)
  • Configure Cisco Next-Generation Firewall Firepower Threat Defense (FTD) and operate security via Firepower Management Center (FMC)
  • Detect and prevent intrusions with Cisco Next-Gen IPS, FTD, and FMC
  • Configure and verify Cisco IOS firewall features such as ZBFW and address translation
  • Deploy and configure the Cisco web and email security appliances to protect content and defend against advanced threats
  • Implement Cisco Umbrella Secure Internet Gateway in the cloud as your first line of defense against internet threats
  • Protect against new malware with Cisco Advanced Malware Protection and Cisco ThreatGrid

Sample Content

Table of Contents

    Introduction xxv
Part I Hi There! This Is Network Security 1
Chapter 1 Let’s Talk About Network Security 3
    Know Thy Enemy 4
    Know Thy Self 6
    Security Standards and Frameworks 9
    Regulatory Compliance 15
    Payment Card Industry Data Security Standard (PCI DSS) 16
    Security Models 18
    Integrating Security Solutions 23
    Summary 25
    References 25
Chapter 2 Infrastructure Security and Segmentation 27
    The Three Planes 27
    Securing the Management Plane 28
    Securing the Control Plane 38
    Securing the Data Plane 49
    Visibility with NetFlow 76
    Summary 77
    References 78
Chapter 3 Wireless Security 79
    What Is Wireless? 79
    Wireless Security Overview 90
    Securing the WLAN 94
    Configuring Wireless Protection Policies 98
    Management and Control Plane Protection 114
    Integrating a WLC with Other Security Solutions 120
    Summary 122
    References 122
Part II Deny IP any any 123
Chapter 4 Firewalling with the ASA 125
    ASA Fundamentals 125
    Traffic with the ASA 151
    ASA Advanced Features 167
    Advanced Firewall Tuning 172
    Troubleshooting the ASA 176
    Summary 180
    References 181
Chapter 5 Next-Gen Firewalls 183
    Firepower Deployment Options 184
    Configuring Firepower Threat Defense 186
    Access Control Policies 206
    Analysis and Reporting 229
    Summary 237
    References 238
Chapter 6 Next-Gen Intrusion Detection and Prevention 239
    NGIPS Overview 239
    Cisco NGIPS Appliances 248
    Snort 256
    Configuring a NGIPS 267
    Operationalizing a NGIPS 283
    Summary 296
    References 297
Chapter 7 IOS Firewall and Security Features 299
    Network Address Translation (NAT) 299
    Zone-Based Firewall (ZBF) 309
    IOS Advanced Security Features 319
    Summary 331
    References 331
Part III <HTML> EHLO. You have threat in content </HTML> 333
Chapter 8 Content Security and Advanced Threat Protection 335
    Content Security Overview 335
    Web Security Appliance 336
    Email Security Appliance 370
    Security Management Appliance 390
    Summary 391
    References 391
Chapter 9 Umbrella and the Secure Internet Gateway 393
    Umbrella Fundamentals 393
    Umbrella Overview Dashboard 399
    Deploying Umbrella 401
    Cisco Investigate 423
    Summary 425
    References 425
Chapter 10 Protecting Against Advanced Malware 427
    Introduction to Advanced Malware Protection (AMP) 427
    Role of the AMP Cloud 429
    Doing Security Differently 430
    The Cloud 437
    Cloud Proxy Mode 438
    Air Gap Mode 440
    Threat Grid 442
    The Clean Interface 446
    The Administrative Interface 446
    The Dirty Interface 446
    Comparing Public and Private Deployments 446
    AMP for Networks 447
    AMP for Endpoints 457
    Custom Detections 462
    AMP for Windows 474
    Mac Policies 490
    Linux Policies 495
    AMP for Android 497
    Groups, Groups, and More Groups 498
    The Download Connector Screen 499
    Distributing via Cisco AnyConnect 500
    Installing AMP for Windows 501
    Installing AMP for Mac 503
    Installing AMP for Linux 504
    Proxy Complications 511
    AMP for Content Security 513
    Content Security Connectors 513
    Configuring AMP for Content Security Appliances 514
    Configuring the Web Security Appliance (WSA) Devices 515
    Configuring the Email Security Appliance (ESA) Devices 519
    AMP Reports 522
    Summary 524
9781587147067, TOC, 4/16/2018



We've made every effort to ensure the accuracy of this book and its companion content. Any errors that have been confirmed since this book was published can be downloaded below.

Download the errata (46 KB .doc)

Submit Errata

More Information

Unlimited one-month access with your purchase
Free Safari Membership