Cisco Secure PIX Firewalls

One of the primary components of any organization's security policy is the implementation and maintenance of firewalls. Firewalls are network devices residing at the perimeter of corporate networks that protect internal networks from intrusion by the outside world. The integrated hardware/software PIX Firewall series delivers high security without impacting network performance while scaling to meet the entire range of customer requirements.

Based on the official instructor-led training course (Cisco Secure PIX Firewall Advanced-CSPFA), Cisco Secure PIX Firewalls teaches you the skills needed to describe, configure, verify, and manage the PIX Firewall product family and the Cisco IOS(r) Firewall feature set. Starting with a discussion of hacking methodologies and internal and external threats, this book opens by describing the Cisco Security Wheel, emphasizing network security as a continuous process. The authors then familiarize you with the characteristics of the various PIX models and examine upgrade tasks. This book covers basic installation details, as well as how to enable more advanced features and access control. In addition, this book details management and monitoring with PIX Syslog services and the PIX AAA subsystem. You also learn to configure the PIX Failover mechanism, IPSec on the PIX, and the Cisco IOS Firewall feature set. The appendixes provide helpful references, including configuring PIX intrusion detection features, SNMP management support, DHCP client and server, Secure Shell Protocol (SSH) connection, and dozens of security-related resources.

Whether you are preparing for the Cisco Security Specialist 1 certification or simply want to understand and make the most efficient use of PIX Firewalls, Cisco Secure PIX Firewalls provides you with a complete solution for planning, deploying, and managing PIX Firewall protected networks.

• Prepare for the Cisco Security Specialist 1 PIX exam with the official CSPFA self-study guide
• Understand the physical characteristics of PIX models 506, 515, 520, 525, and 535, including LED information and port and slot numbering
• Upgrade PIX OS code, perform password recovery, and install feature licenses
• Configure IPSec Phase I and Phase II Security Associations
• Configure Cisco routers to perform Context Based Access Control (CBAC)
• Examine the many operating features of the PIX, such as Cut-Through Proxy, Advanced Protocol Handling, Attack Guards, and the Adaptive Security Algorithm (ASA)
• Learn the ins and outs of address translation and access control
• Install the Cisco Secure ACS server and configure corresponding services on the PIX to authenticate and authorize users and services
• Understand attack guards such as Syn Flood, Fragmentation, AAA, DNS, and Mail
• Examine the workings of the PIX failover mechanism and learn the difference between failover, stateful failover, interface testing, and the failover poll

David W. Chapman Jr., CCNP(r), CCDP(r), CSS-1, is a Cisco Security Instructor with Global Knowledge. As Course Director for the Cisco Secure PIX Firewall course, David is charged with maintaining the integrity and quality of the course offering and mentoring instructors new to the course.

Andy Fox, CCSI(tm), CCNA(r), CCDA(r), CSS-1 is a Certified Cisco Systems Instructor with Global Knowledge. Andy has been teaching Cisco Certified Classes for more than five years and is the Course Director for the Managing Cisco Network Security course.