- Cisco ASA Security Contexts
Omar Santos, Jazib Frahim
- Dec 16, 2005
- The virtual firewall methodology enables a physical firewall to be partitioned into multiple standalone firewalls. Each standalone firewall acts and behaves as an independent entity with its own configuration, interfaces, security policies, routing table, and administrators. In Cisco ASA, these virtual firewalls are known as security contexts. This chapter covers security contexts in detail.
- Corporate Governance, Business Continuity Planning, and Disaster Recovery
Michelle Johnston Sollicito
- Dec 1, 2005
- To protect business stakeholders, corporate governance focuses a sharp eye on all measures and systems within the organization to ensure compliance with laws, regulations, and standards. Michelle Johnston Sollicito points out the many required aspects of a proper business continuity plan and shows you where to look for holes in your process.
- IPSec Authentication and Authorization Models
Vijay Bollapragada, Mohamed Khalid, Scott Wainner
- Oct 21, 2005
- This chapter covers IPSec features and mechanisms that are primarily targeted at the authentication of remote access users. You'll learn about XAUTH, which provides extended authentication for IPSec telecommuters by using authentication schemes such as RADIUS. MODECFG uses a push model to push attributes to the IPSec client.
- Analyzing MPLS VPN Security
Michael H. Behringer, Monique Morrow
- Oct 6, 2005
- VPN users have certain expectations and requirements for their VPN service. In a nutshell, they want their service to be both private and secure. In other words, they want their VPN to be as secure as with dedicated circuits while gaining the scalability benefits of a shared infrastructure. Both concepts, of privacy and security, are not black and white, and need to be defined for a real world implementation. This chapter introduces you to VPN MPLS security requirements.
- Two-Factor Authentication in Windows
- Oct 6, 2005
- Simple passwords aren't good enough any more, as the flood of stories about phishing, fraud, and compromised accounts by the millions demonstrate. The Next Big Thing in computer security is two-factor authentication and, like it or not, you're probably going to be dealing with it in the next year or so. But two-factor authentication is a concept, not a product, and how it's implemented is critical to its success.
- Improve Your Network's Security Using Network Admission Control
- Aug 26, 2005
- Is there a place for security focused on the good guys in networking? There is, and one of the latest additions to this area of security is called Network Admission Control (NAC). Sean Convery introduces NAC, a security measure built around the idea that asking specific questions of an organization's end hosts can improve the overall security of a network by improving the compliance of end systems to a given admission policy.
- Deploying Secure Internet Connectivity with Cisco ASA and PIX Firewalls
- Aug 5, 2005
- This chapter provides you with the necessary information to use the ASDM Startup Wizard to perform the initial configuration of your network. It provides a step-by-step procedure explaining how to use the ASDM Startup Wizard to set up the initial configuration for your ASA/PIX Security Appliance.
- Understanding Cisco Security Agent Components and Installation
- Jul 29, 2005
- In this chapter, you will continue to gain an understanding of the CSA architecture through an exploration of the agent software components, protocol communication, and installation.
- Host Intrusion Prevention Systems: Defense-in-Depth's Best Friend
- Jul 1, 2005
- Chad Sullivan takes a look at common security issues and how host Intrusion Prevention Systems (IPS) can become the most crucial piece of your corporate layered security plan.
- Security Financials: The Core Element of Security Business Proposals
- Jun 10, 2005
- Security financials help business managers to understand how and why an IT security project costs what it does, which helps business management to understand why funds need to be allocated for IT security, and helps IT to justify their spending. This article explains the benefits of security financials, and what should be in them.
- Troubleshooting Any Transport over MPLS Based VPNs
- Jun 10, 2005
- MPLS Layer 3 VPNs allow a service provider to provision IP connectivity for multiple customers over a shared IP backbone, while maintaining complete logical separation of customer traffic and routing information. Learn more about MPLS Layer 3 VPNs in this sample chapter from Cisco.
- What's New in Cisco PIX Firewall 7.0
- Jun 10, 2005
- The Cisco PIX Firewall 7.0 has several new features, as well as some familiar features that have received upgrades. Find out what's new and what's improved in this article from David Hucaby.
- Core Elements of the Cisco Self-Defending Network Strategy
- May 27, 2005
- Can a network really defend itself? The short answer is, "Yes, it can." Network security has evolved from independently deployed products such as firewalls into the realm of system-wide solutions. And Cisco Systems® is at the forefront of the technology development that is making self-defending networks a reality.
- Layer 2 VPN Architectures: Understanding Any Transport over MPLS
Wei Luo, Dmitry Bokotey, Anthony YH Chan, Carlos Pignataro
- May 12, 2005
- This chapter provides an overview of LDP, including LDP components and operations that are related to pseudowire emulation over MPLS along with an explanation of the control signaling and data switching details of AToM.
- Policy, Personnel, and Equipment as Security Enablers
Catherine Paquet, Warren Saxe
- Apr 1, 2005
- Policy plays an integral role in security effectiveness. Educating users on their responsibility to enhance security can have a twofold effect: It ensures that deployed equipment can perform tasks with greater effectiveness, and it creates an environment that encourages and supports individual responsibility.
- Cracking Wi-Fi Protected Access (WPA), Part 2
- Mar 11, 2005
- Concluding his two-part series, Seth Fogie describes in detail how WPA-PSK can be cracked.
- Cracking Wi-Fi Protected Access (WPA), Part 1
- Mar 4, 2005
- In this two-part series, Seth Fogie examines the internals of WPA and demonstrates how this wireless protection method can be cracked with only four packets of data. Part 1 outlines the details of WPA as compared to WEP and builds the foundation for Part 2, in which he describes in detail how WPA-PSK can be cracked.
- EAP Authentication Protocols for WLANs
Krishna Sankar, Andrew Balinsky, Darrin Miller, Sri Sundaralingam
- Feb 18, 2005
- This chapter examines the authentication methods: EAP, PEAP, LEAP, and the newer, emerging paradigm EAP-FAST, and weighs the pros and cons of each, in terms of standardization maturity and effectiveness.
- CCSP Cisco Secure PIX Firewall Advanced Exam: CiscoWorks Management Center for Firewalls
Greg Bastien, Earl Carter, Christian Degu
- Jan 7, 2005
- To help you prepare for the CCSP Cisco Secure PIX Firewall Advanced Exam, this chapter provides information on using CiscoWorks with Firewall MC.
- CCSP CSI Exam Certification: SAFE IP Telephony Design
Ido Dubrawsky, Paul Grey
- Dec 30, 2004
- This chapter will help you prepare for the CCSP CSI Exam, with a focus on SAFE IP Telephony Design. Sample questions are included to help you study.