Securing Your Business with Cisco ASA and PIX Firewalls

Product Description

Protect critical data and maintain uptime with Cisco ASDM and Cisco Security Agent 

• Understand how attacks can impact your business and the different ways attacks can occur
• Learn about the defense-in-depth model for deploying firewall and host protection
• Examine navigation methods and features of Cisco ASDM
• Set up Cisco ASA, PIX Firewall, and ASDM hardware and software
• Use the Cisco ASDM startup wizard to safely connect your network to the Internet and securely add public devices such as mail and web servers to your network
• Authenticate firewall users and users of public web servers
• Filter traffic and protect your network from perimeter attacks
• Deploy Cisco Intrusion Prevention System (IPS) to provide more granular traffic inspection and proactive threat response
• Stop attacks launched at the desktop by deploying Cisco Security Agent
• Extend the defense-in-depth model to remote users through IPSec virtual private networks (VPN)
• Enhance your security posture through proper security management
• Understand the advanced features available in the Cisco PIX version 7 operating system
• Recover from software failure with Cisco PIX version 7

Many people view security as a “black-box-voodoo” technology that is very sophisticated and intimidating. While that might have been true a few years ago, vendors have been successful in reducing the complexity and bringing security to a point where almost anyone with a good understanding of technology can deploy network security.

Securing Your Business with Cisco ASA and PIX Firewalls is an extension of the work to simplify security deployment. This easy-to-use guide helps you craft and deploy a defense-in-depth solution featuring the newly released Cisco® ASA and PIX® version 7 as well as Cisco Security Agent host intrusion prevention software. The book simplifies configuration and management of these powerful security devices by discussing how to use Cisco Adaptive Security Device Manager (ASDM), which provides security management and monitoring services through an intuitive GUI with integrated online help and intelligent wizards to simplify setup and ongoing management. In addition, informative, real-time, and historical reports provide critical insight into usage trends, performance baselines, and security events. Complete with real-world security design and implementation advice, this book contains everything you need to know to deploy the latest security technology in your network.

Securing Your Business with Cisco ASA and PIX Firewalls provides you with complete step-by-step processes for using Cisco ASDM in conjunction with Cisco Security Agent to ensure that your security posture is strong enough to stand up against any network or host attack whether sourced from the Internet or from inside your own network.

"Firewalls are a critical part of any integrated network security strategy, and books such as this will help raise awareness of both the threats inherent in today’s open, heterogeneous internetworking environments and the solutions that can be applied to make the Internet a safer place."

—Martin E. Hellman, professor emeritus of Electrical Engineering,

Stanford University and co-inventor of public key cryptography

This security book is part of the Cisco Press® Networking Technology Series. Security titles from Cisco Press help networking professionals secure critical data and resources, prevent and mitigate network attacks, and build end-to-end self-defending networks. 

Links

Download related content from TechRepublic.com

Cisco PIX Firewall: Lock it down in 10 steps

Firewall failure plan checklist

Design the best network security topology for your firewall using these diagrams

Index

Download - 58 KB -- Index

Table of Contents

Installing the ASA/PIX Software

Manual ASA/PIX Version 7 Installation

ASA/PIX Licenses

Installing the PIX License Key

Summary

Chapter 4   Exploring the Adaptive Security Device Manager

Exploring the GUI

Exploring the Pull-Down Menus

Exploring the Navigation Bar

Summary

Part II   Securing Network Infrastructures with ASDM

Chapter 5   Deploying Secure Internet Connectivity

Introducing the ASDM Startup Wizard

Basic Network Topology

Understanding the Elements of Your Network

Using the ASDM Startup Wizard

Connecting to the ASA/PIX Security Appliance with ASDM

Using the ASDM Startup Wizard to Configure the ASA/PIX
Security Appliance

Summary

Chapter 6   Deploying Web and Mail Services

Review of Your Current Network Topology

Designing the Network Topology to Include Web and Mail Services

Logical Placement of the Servers

Defining Inside and Outside Server Addresses

Defining Services

New Topology

Use the ASDM Startup Wizard to Deploy Web and Mail Services

Connect the New Servers to the ASA/PIX Security Appliance

Configure Your ASA/PIX Security Using ASDM

Summary

Chapter 7   Deploying Authentication

Defining Authentication

The Purpose of Authentication

Implementing Authentication

Securing Access to the Security Appliance

Monitoring Security Appliance Access

AAA Authentication Access

Authentication for Inbound and Outbound Services

Outbound URL Filtering for Public Services

VPN Authentication

Summary

Chapter 8   Deploying Perimeter Protection

Perimeter Protocol Enforcement

Customizing Protocol Inspections

Perimeter Traffic Filtering

Perimeter Denial-of-Service Protection

Mitigating Network Bandwidth DoS Attacks

Mitigating Resource-Intensive DoS Attacks

Summary

Chapter 9   Deploying Network Intrusion Prevention

What Is Intrusion Prevention?

Why Use IPS and IP Audit?

What Are the ASA/PIX IPS and IP Audit Signatures?

Deploying Intrusion Prevention on the ASA/PIX

Viewing and Changing ASA/PIX IP Audit Signatures

Summary

Chapter 10   Deploying Host Intrusion Prevention

Why Use Host Intrusion Prevention

Anatomy of a Host or Server Attack

CSA Internals

CSA in Action

Implementing Host Intrusion Prevention

CSA Deployment Suggestions

Virus Scanners and CSA: The Complete Solution

Summary

Chapter 11   Deploying VPNs

Understanding Virtual Private Networks

Implementing VPN Using ASDM

Downloading and Installing the Cisco VPN Client

Configure VPN on the ASA/PIX Security Appliance

Configure and Connect Using the VPN Client

Using the VPN Client with NAT

Monitoring VPN Usage with ASDM

VPN Client | Statistics Panel

Monitor VPN Statistics from ASDM

Summary

Part III   Appendixes

Appendix A   Deploying Effective Security Management

Appendix B   ASA/PIX Version 7 Advanced Features

Appendix C   ASA/PIX Version 7 and ASDM Software Recovery

Index

Downloadable Sample Chapter

Download - 493 KB -- Chapter 5: Deploying Secure Internet Connectivity