Network Security Technologies and Solutions (CCIE Professional Development Series)

Product Description

CCIE Professional Development

Network Security Technologies and Solutions

A comprehensive, all-in-one reference for Cisco network security

Yusuf Bhaiji, CCIE No. 9305

Network Security Technologies and Solutions is a comprehensive reference to the most cutting-edge security products and methodologies available to networking professionals today. This book helps you understand and implement current, state-of-the-art network security technologies to ensure secure communications throughout the network infrastructure.

With an easy-to-follow approach, this book serves as a central repository of security knowledge to help you implement end-to-end security solutions and provides a single source of knowledge covering the entire range of the Cisco network security portfolio.  The book is divided into five parts mapping to Cisco security technologies and solutions: perimeter security, identity security and access management, data privacy, security monitoring, and security management. Together, all these elements enable dynamic links between customer security policy, user or host identity, and network infrastructures.

With this definitive reference, you can gain a greater understanding of the solutions available and learn how to build integrated, secure networks in today’s modern, heterogeneous networking environment. This book is an excellent resource for those seeking a comprehensive reference on mature and emerging security tactics and is also a great study guide for the CCIE Security exam.

“Yusuf’s extensive experience as a mentor and advisor in the security technology field has honed his ability to translate highly technical information into a straight-forward, easy-to-understand format. If you’re looking for a truly comprehensive guide to network security, this is the one! ”

–Steve Gordon, Vice President, Technical Services, Cisco

Yusuf Bhaiji, CCIE No. 9305 (R&S and Security), has been with Cisco for seven years and is currently the program manager for Cisco CCIE Security certification. He is also the CCIE Proctor in the Cisco Dubai Lab. Prior to this, he was technical lead for the Sydney TAC Security and VPN team at Cisco.

• Filter traffic with access lists and implement security features on switches
• Configure Cisco IOS router firewall features and deploy ASA and PIX Firewall appliances
• Understand attack vectors and apply Layer 2 and Layer 3 mitigation techniques
• Secure management access with AAA
• Secure access control using multifactor authentication technology
• Implement identity-based network access control
• Apply the latest wireless LAN security solutions
• Enforce security policy compliance with Cisco NAC
• Learn the basics of cryptography and implement IPsec VPNs, DMVPN, GET VPN, SSL VPN, and MPLS VPN technologies
• Monitor network activity and security incident response with network and host intrusion prevention, anomaly detection, and security monitoring and correlation
• Deploy security management solutions such as Cisco Security Manager, SDM, ADSM, PDM, and IDM
• Learn about regulatory compliance issues such as GLBA, HIPPA, and SOX

This book is part of the Cisco CCIE Professional Development Series from Cisco Press, which offers expert-level instruction on network design, deployment, and support methodologies to help networking professionals manage complex networks and prepare for CCIE exams.

Category: Network Security

Covers: CCIE Security Exam

Sample Pages

Download the sample pages (includes Chapter 4 and Index)

Table of Contents

Table of Contents

Introduction

Part I: Perimeter Security
Chapter 1: Overview of Network Security
Chapter 2: Access Control
Chapter 3: Device Security
Chapter 4: Security Features on Switches
Chapter 5: Cisco IOS Firewall
Chapter 6: Cisco Firewalls - Appliance and Module
Chapter 7: Attack Vectors and Mitigation Techniques

Part 2: Identity Security and Access Management
Chapter 8: Securing Management Access
Chapter 9: Cisco Secure ACS
Chapter 10: Multi-Factor Authentication
Chapter 11: Layer 2 Access Control
Chapter 12: Wireless LAN (WLAN) Security
Chapter 13: Network Admission Control (NAC)

Part 3: Data Privacy
Chapter 14: Cryptography
Chapter 15: IPSec VPN
Chapter 16: Dynamic Multipoint VPN (DMVPN)
Chapter 17: Group Encrypted Transport VPN (GET VPN)
Chapter 18: Secure Sockets Layer VPN (SSL VPN)
Chapter 19: MPLS VPN

Part 4: Security Monitoring
Chapter 20: Network Intrusion Prevention
Chapter 21: Host Intrusion Prevention
Chapter 22: Anomaly Detection
Chapter 23: Security Monitoring, Analysis, and Response System using CS-MARS

Part 5: Policy and Security Management
Chapter 24: Cisco Security Management Applications
Chapter 25: Business Governance / Regulatory Compliance
Appendices

Errata

Download the errata