73,80 €*
Versandkostenfrei per Post / DHL
auf Lager, Lieferzeit 1-2 Werktage
Nazmul Rajib is a senior product marketing manager of Cisco Systems, Inc. He leads Cisco's global initiatives on cybersecurity enablement, focusing on the firewall and intrusion prevention technologies. As a senior member of the Security Business Group (SBG), Nazmul regularly advises Cisco on security product roadmaps, content strategies, and technical communications. He develops training programs for the Global Security Sales Organization (GSSO) and worldwide channel partners. Nazmul also worked as a technical marketing engineer in the product management organization, where he was responsible for validating security designs, researching best practices, publishing white papers, and presenting new security capabilities.
Prior to joining Cisco's core business group, Nazmul served as a senior information security consultant in the Cisco advanced services organization. With more than a decade of experience, Nazmul assisted many Fortune 500 companies, government agencies, and international organizations. He frequently met Cisco customers to address their critical security concerns and to run workshops.
Previously, Nazmul was a technical lead in the Cisco Customer Experiences (CX) organization, where he consistently assisted the security engineers, and spearheaded the engineering efforts to solve business-critical escalations. He developed several training programs and taught many Cisco engineers worldwide. Nazmul published numerous articles on the Cisco website. In addition to this book, he has authored the best-selling security book Cisco Firepower Threat Defense (ISBN: 9781587144806).
Nazmul is a veteran of Sourcefire, Inc., which developed the world's greatest open-source intrusion prevention system. At Sourcefire, Nazmul created and managed the customer knowledge base, new hire onboarding process, and partner certification program. He routinely trained Sourcefire's security engineers and managed security service providers (MSSP) in the United States.
Nazmul has a master of science degree in Internetworking. He also holds many certifications in the areas of cybersecurity, information technology, technical communication, and product marketing. He is a Sourcefire Certified Expert and Sourcefire Certified Security Engineer.Introduction xxv
Part I General Deployment
Chapter 1 Introduction to Cisco Secure Firewall and IPS 2
Do I Know This Already? Quiz 3
Foundation Topics 4
Evolution of Next-Generation Firewall 4
Cisco Secure Firewall Solutions 8
Product Evolution and Lifecycle 11
Software and Hardware Architecture 14
Scalability and Resiliency 18
Clustering 18
Multi-Instance 19
High Availability 20
Resiliency in Connectivity 21
Summary 22
Exam Preparation Tasks 22
Chapter 2 Deployment of Secure Firewall Virtual 24
Do I Know This Already? Quiz 24
Foundation Topics 26
Cisco Secure Firewall on a Virtual Platform 26
Hosting Environment Settings 27
Virtual Resource Allocation 28
Software Package Selection 28
Best Practices 30
Configuration 31
Virtual Network for Management Traffic 32
Virtual Network for Data Traffic 33
Virtual Machine Creation for Secure Firewall 35
System Initialization and Validation 41
Summary 45
Exam Preparation Tasks 46
Chapter 3 Licensing and Registration 48
Do I Know This Already? 48
Foundation Topics 50
Cisco Licensing Architecture 50
Direct Cloud Access 52
On-Premises Server 52
Offline Access 53
Cisco Secure Firewall Licenses 54
Feature License 54
Export-Controlled License 55
Evaluation License 56
Validation of Licensing 59
Device Registration 61
Best Practices for Registration 61
Configurations on Threat Defense 62
Configurations on Management Center 63
Management Communication over the Internet 65
Validation of Registration 67
Summary 68
Exam Preparation Tasks 69
Chapter 4 Firewall Deployment in Routed Mode 70
Do I Know This Already? Quiz 70
Foundation Topics 72
Routed Mode Essentials 72
Best Practices for Routed Mode Configuration 73
Fulfilling Prerequisites 73
Enabling the Routed Firewall Mode 75
Configuration of the Routed Interface 75
Configuring Interfaces with Static IP Addresses 76
Configuring Interfaces with Automatic IP Addresses 80
Validation of Interface Configuration 82
Summary 88
Exam Preparation Tasks 89
Chapter 5 Firewall Deployment in Transparent Mode 90
Do I Know This Already? Quiz 90
Foundation Topics 92
Transparent Mode Essentials 92
Best Practices for Transparent Mode Configuration 93
Fulfilling Prerequisites 94
Enabling the Transparent Firewall Mode 95
Configuring Transparent Mode in a Layer 2 Network 96
Configuring the Physical and Virtual Interfaces 96
Verifying the Interface Status 103
Verifying Basic Connectivity and Operations 104
Deploying a Threat Defense Between Layer 3 Networks 108
Selecting a Default Action 108
Adding an Access Control Rule for a Routing Protocol 111
Creating an Access Control Rule for the SSH Protocol 113
Verifying Access Control Lists 115
Integrated Routing and Bridging (IRB) 118
Summary 118
Exam Preparation Tasks 118
Chapter 6 IPS-Only Deployment in Inline Mode 120
Do I Know This Already? Quiz 120
Foundation Topics 122
Inline Mode Essentials
Inline Mode Versus Passive Mode 123
Inline Mode Versus Transparent Mode 125
Best Practices for Inline Mode 125
Inline Mode Configuration 126
Fulfilling Prerequisites 126
Interface Setup 127
Inline Set Configuration 129
Verification 132
Event Analysis in IPS-Only Mode 135
Summary 136
Exam Preparation Tasks 136
Chapter 7 Deployment in Detection-Only Mode 138
Do I Know This Already? Quiz 139
Foundation Topics 141
Detection-Only Mode Essentials 141
Passive Monitoring Technology 141
Interface Modes: Inline, Inline Tap, and Passive 142
Best Practices for Detection-Only Deployment 143
Inline Tap Mode 145
Configuration of Inline Tap Mode 145
Verification of Inline Tap Configuration 147
Passive Interface Mode 149
Configuration of Passive Interface Mode 149
Configuring Passive Interface Mode on a Threat Defense 150
Configuring a SPAN Port on a Switch 151
Verification of Passive Interface Configuration 152
Event Analysis in Detection-Only Mode 153
Summary 154
Exam Preparation Tasks 154
Part II Basic Security Operations
Chapter 8 Capturing Traffic for Advanced Analysis 156
Do I Know This Already? Quiz 157
Foundation Topics 158
Packet Capture Essentials 158
Best Practices for Capturing Traffic 160
Capturing of Packets Using Secure Firewall 162
Configuration 162
Verification 165
Packet Capture versus Packet Tracer 169
Summary 170
Exam Preparation Tasks 170
Chapter 9 Network Discovery Policy 172
Do I Know This Already? Quiz 172
Foundation Topics 174
Network Discovery Essentials 174
Application Detectors 175
Network Discovery Operations 176
Best Practices for Network Discovery 178
Fulfilling Prerequisites 179
Configurations 180
Reusable Objects 181
Network Discovery Policy 183
Verification 186
Analyzing Application Discovery 186
Analyzing Host Discovery 186
Undiscovered New Hosts 188
Summary 191
Exam Preparation Tasks 191
Chapter 10 Access Control Policy 194
Do I Know This Already? Quiz 194
Foundation Topics 196
Access Control Policy Essentials 196
Policy Editor 196
Rule Editor 198
Best Practices for Access Control Policy 199
Access Control Policy Configuration 200
Fulfilling Prerequisites 201
Creating Rules 202
Verification 208
Summary 222
Exam Preparation Tasks 222
Chapter 11 Prefilter Policy 224
Do I Know This Already? Quiz 224
Foundation Topics 226
Prefilter Policy Essentials 226
Prefilter Policy: Rules and Actions 226
Bypassing Deep Packet Inspection 227
Best Practices for a Prefilter Policy 230
Enabling Bypass Through a Prefilter Policy 230
Fulfilling Prerequisites 230
Configuring a Rule in a Prefilter Policy 230
Invoking a Prefilter Policy into an Access Control Policy 235
Establishing Trust Through an Access Control Policy 237
Verification 240
Managing Encapsulated Traffic Inspection 242
Summary 245
Exam Preparation Tasks 245
Chapter 12 Security Intelligence 248
Do I Know This Already? Quiz 249
Foundation Topics 251
Security Intelligence Essentials 251
Best Practices for Security Intelligence 256
Fulfilling Prerequisites 257
Automatic Blocking Using Cisco Intelligence Feed 259
Verifying the Action of Cisco Intelligence Feed 262
Overriding the Cisco Intelligence Feed Outcome 265
Instant Blocking Using Context Menu 267
Adding an Address to the Block List 267
Deleting an Address from the Block List 268
Manual Blocking Using Custom List 269
Enabling Security Intelligence in Monitor-Only Mode 272
Threat Intelligence Director 274
Enabling Threat Intelligence Director 276
Adding Sources and Importing Indicators 277
Summary 280
Exam Preparation Tasks 281
Chapter 13 Domain Name System (DNS) Policy 282
Do I Know This Already? Quiz 282
Foundation Topics 284
DNS Policy Essentials 284
Domain Name System (DNS) 284
Blocking of a DNS Query Using a Secure Firewall 285
DNS Rule Actions 287
Actions That Can Interrupt DNS Queries 288
Actions That Allow DNS Queries 292
Sources of Intelligence 293
Best Practices for Blocking DNS Queries 295
Fulfilling Prerequisites 296
Configuring DNS Policy 297
Add a New Rule to a DNS Policy 298
Invoke the DNS Policy 301
Verification 302
Summary 307
Exam Preparation Tasks 307
Chapter 14 URL Filtering 310
Do I Know This Already? Quiz 310
Foundation Topics 312
URL Filtering Essentials 312
Category and Reputation 312
URL Database 314
Fulfilling Prerequisites 315
Best Practices for URL Filtering Configuration 317
Enabling URL Filtering 322
Blocking URLs of a Certain Category 323
Verifying the Operation of a URL Filtering Rule 325
Allowing a Specific URL 329
Analyzing the Default Category Override 331
Handling Uncategorized URLs 335
Investigating the Uncategorized URLs 338
Summary 340
Exam Preparation Tasks 341
Part III Advanced Configurations
Chapter 15 Network Analysis and Intrusion Policies 342
Do I Know This Already? Quiz 343
Foundation Topics 345
Intrusion Prevention System Essentials 345
Network Analysis Policy 346
Intrusion Policy 346
System-Provided Variable Sets 352
System-Provided Base Policies 353
Best Practices for Intrusion Policy Deployment 356
Configuring a Network Analysis Policy 359
Configuring an Intrusion Policy 364
Creating a Policy with a Default Ruleset 364
Incorporating Intrusion Rule Recommendations 365
Enabling or Disabling an Intrusion Rule 368
Setting Up a Variable Set 369
Policy Deployment 371
Verification 373
Summary 379
Exam Preparation Tasks 379
Chapter 16 Malware and File Policy 380
Do I Know This Already? Quiz 380
Foundation Topics 382
File Policy Essentials 382
File Type Detection 382
Malware Analysis 382
Best Practices for File Policy Configuration 386
Fulfilling Prerequisites 387
Configuring a File Policy 390
Creating a File Policy 390
Deploying a File Policy 396
Verification 398
Analyzing File Events 399
Analyzing Malware Events 404
The Management Center Is Unable to Communicate with the Cloud 404
The Management Center Performs a Cloud Lookup...
| Erscheinungsjahr: | 2022 |
|---|---|
| Fachbereich: | EDV |
| Genre: | Importe, Informatik |
| Rubrik: | Naturwissenschaften & Technik |
| Thema: | Lexika |
| Medium: | Taschenbuch |
| ISBN-13: | 9780136589709 |
| ISBN-10: | 0136589707 |
| Sprache: | Englisch |
| Einband: | Kartoniert / Broschiert |
| Autor: | Rajib, Nazmul |
| Hersteller: | Pearson Education |
| Verantwortliche Person für die EU: | Libri GmbH, Europaallee 1, D-36244 Bad Hersfeld, gpsr@libri.de |
| Maße: | 237 x 195 x 45 mm |
| Von/Mit: | Nazmul Rajib |
| Erscheinungsdatum: | 25.06.2022 |
| Gewicht: | 1,272 kg |
Nazmul Rajib is a senior product marketing manager of Cisco Systems, Inc. He leads Cisco's global initiatives on cybersecurity enablement, focusing on the firewall and intrusion prevention technologies. As a senior member of the Security Business Group (SBG), Nazmul regularly advises Cisco on security product roadmaps, content strategies, and technical communications. He develops training programs for the Global Security Sales Organization (GSSO) and worldwide channel partners. Nazmul also worked as a technical marketing engineer in the product management organization, where he was responsible for validating security designs, researching best practices, publishing white papers, and presenting new security capabilities.
Prior to joining Cisco's core business group, Nazmul served as a senior information security consultant in the Cisco advanced services organization. With more than a decade of experience, Nazmul assisted many Fortune 500 companies, government agencies, and international organizations. He frequently met Cisco customers to address their critical security concerns and to run workshops.
Previously, Nazmul was a technical lead in the Cisco Customer Experiences (CX) organization, where he consistently assisted the security engineers, and spearheaded the engineering efforts to solve business-critical escalations. He developed several training programs and taught many Cisco engineers worldwide. Nazmul published numerous articles on the Cisco website. In addition to this book, he has authored the best-selling security book Cisco Firepower Threat Defense (ISBN: 9781587144806).
Nazmul is a veteran of Sourcefire, Inc., which developed the world's greatest open-source intrusion prevention system. At Sourcefire, Nazmul created and managed the customer knowledge base, new hire onboarding process, and partner certification program. He routinely trained Sourcefire's security engineers and managed security service providers (MSSP) in the United States.
Nazmul has a master of science degree in Internetworking. He also holds many certifications in the areas of cybersecurity, information technology, technical communication, and product marketing. He is a Sourcefire Certified Expert and Sourcefire Certified Security Engineer.Introduction xxv
Part I General Deployment
Chapter 1 Introduction to Cisco Secure Firewall and IPS 2
Do I Know This Already? Quiz 3
Foundation Topics 4
Evolution of Next-Generation Firewall 4
Cisco Secure Firewall Solutions 8
Product Evolution and Lifecycle 11
Software and Hardware Architecture 14
Scalability and Resiliency 18
Clustering 18
Multi-Instance 19
High Availability 20
Resiliency in Connectivity 21
Summary 22
Exam Preparation Tasks 22
Chapter 2 Deployment of Secure Firewall Virtual 24
Do I Know This Already? Quiz 24
Foundation Topics 26
Cisco Secure Firewall on a Virtual Platform 26
Hosting Environment Settings 27
Virtual Resource Allocation 28
Software Package Selection 28
Best Practices 30
Configuration 31
Virtual Network for Management Traffic 32
Virtual Network for Data Traffic 33
Virtual Machine Creation for Secure Firewall 35
System Initialization and Validation 41
Summary 45
Exam Preparation Tasks 46
Chapter 3 Licensing and Registration 48
Do I Know This Already? 48
Foundation Topics 50
Cisco Licensing Architecture 50
Direct Cloud Access 52
On-Premises Server 52
Offline Access 53
Cisco Secure Firewall Licenses 54
Feature License 54
Export-Controlled License 55
Evaluation License 56
Validation of Licensing 59
Device Registration 61
Best Practices for Registration 61
Configurations on Threat Defense 62
Configurations on Management Center 63
Management Communication over the Internet 65
Validation of Registration 67
Summary 68
Exam Preparation Tasks 69
Chapter 4 Firewall Deployment in Routed Mode 70
Do I Know This Already? Quiz 70
Foundation Topics 72
Routed Mode Essentials 72
Best Practices for Routed Mode Configuration 73
Fulfilling Prerequisites 73
Enabling the Routed Firewall Mode 75
Configuration of the Routed Interface 75
Configuring Interfaces with Static IP Addresses 76
Configuring Interfaces with Automatic IP Addresses 80
Validation of Interface Configuration 82
Summary 88
Exam Preparation Tasks 89
Chapter 5 Firewall Deployment in Transparent Mode 90
Do I Know This Already? Quiz 90
Foundation Topics 92
Transparent Mode Essentials 92
Best Practices for Transparent Mode Configuration 93
Fulfilling Prerequisites 94
Enabling the Transparent Firewall Mode 95
Configuring Transparent Mode in a Layer 2 Network 96
Configuring the Physical and Virtual Interfaces 96
Verifying the Interface Status 103
Verifying Basic Connectivity and Operations 104
Deploying a Threat Defense Between Layer 3 Networks 108
Selecting a Default Action 108
Adding an Access Control Rule for a Routing Protocol 111
Creating an Access Control Rule for the SSH Protocol 113
Verifying Access Control Lists 115
Integrated Routing and Bridging (IRB) 118
Summary 118
Exam Preparation Tasks 118
Chapter 6 IPS-Only Deployment in Inline Mode 120
Do I Know This Already? Quiz 120
Foundation Topics 122
Inline Mode Essentials
Inline Mode Versus Passive Mode 123
Inline Mode Versus Transparent Mode 125
Best Practices for Inline Mode 125
Inline Mode Configuration 126
Fulfilling Prerequisites 126
Interface Setup 127
Inline Set Configuration 129
Verification 132
Event Analysis in IPS-Only Mode 135
Summary 136
Exam Preparation Tasks 136
Chapter 7 Deployment in Detection-Only Mode 138
Do I Know This Already? Quiz 139
Foundation Topics 141
Detection-Only Mode Essentials 141
Passive Monitoring Technology 141
Interface Modes: Inline, Inline Tap, and Passive 142
Best Practices for Detection-Only Deployment 143
Inline Tap Mode 145
Configuration of Inline Tap Mode 145
Verification of Inline Tap Configuration 147
Passive Interface Mode 149
Configuration of Passive Interface Mode 149
Configuring Passive Interface Mode on a Threat Defense 150
Configuring a SPAN Port on a Switch 151
Verification of Passive Interface Configuration 152
Event Analysis in Detection-Only Mode 153
Summary 154
Exam Preparation Tasks 154
Part II Basic Security Operations
Chapter 8 Capturing Traffic for Advanced Analysis 156
Do I Know This Already? Quiz 157
Foundation Topics 158
Packet Capture Essentials 158
Best Practices for Capturing Traffic 160
Capturing of Packets Using Secure Firewall 162
Configuration 162
Verification 165
Packet Capture versus Packet Tracer 169
Summary 170
Exam Preparation Tasks 170
Chapter 9 Network Discovery Policy 172
Do I Know This Already? Quiz 172
Foundation Topics 174
Network Discovery Essentials 174
Application Detectors 175
Network Discovery Operations 176
Best Practices for Network Discovery 178
Fulfilling Prerequisites 179
Configurations 180
Reusable Objects 181
Network Discovery Policy 183
Verification 186
Analyzing Application Discovery 186
Analyzing Host Discovery 186
Undiscovered New Hosts 188
Summary 191
Exam Preparation Tasks 191
Chapter 10 Access Control Policy 194
Do I Know This Already? Quiz 194
Foundation Topics 196
Access Control Policy Essentials 196
Policy Editor 196
Rule Editor 198
Best Practices for Access Control Policy 199
Access Control Policy Configuration 200
Fulfilling Prerequisites 201
Creating Rules 202
Verification 208
Summary 222
Exam Preparation Tasks 222
Chapter 11 Prefilter Policy 224
Do I Know This Already? Quiz 224
Foundation Topics 226
Prefilter Policy Essentials 226
Prefilter Policy: Rules and Actions 226
Bypassing Deep Packet Inspection 227
Best Practices for a Prefilter Policy 230
Enabling Bypass Through a Prefilter Policy 230
Fulfilling Prerequisites 230
Configuring a Rule in a Prefilter Policy 230
Invoking a Prefilter Policy into an Access Control Policy 235
Establishing Trust Through an Access Control Policy 237
Verification 240
Managing Encapsulated Traffic Inspection 242
Summary 245
Exam Preparation Tasks 245
Chapter 12 Security Intelligence 248
Do I Know This Already? Quiz 249
Foundation Topics 251
Security Intelligence Essentials 251
Best Practices for Security Intelligence 256
Fulfilling Prerequisites 257
Automatic Blocking Using Cisco Intelligence Feed 259
Verifying the Action of Cisco Intelligence Feed 262
Overriding the Cisco Intelligence Feed Outcome 265
Instant Blocking Using Context Menu 267
Adding an Address to the Block List 267
Deleting an Address from the Block List 268
Manual Blocking Using Custom List 269
Enabling Security Intelligence in Monitor-Only Mode 272
Threat Intelligence Director 274
Enabling Threat Intelligence Director 276
Adding Sources and Importing Indicators 277
Summary 280
Exam Preparation Tasks 281
Chapter 13 Domain Name System (DNS) Policy 282
Do I Know This Already? Quiz 282
Foundation Topics 284
DNS Policy Essentials 284
Domain Name System (DNS) 284
Blocking of a DNS Query Using a Secure Firewall 285
DNS Rule Actions 287
Actions That Can Interrupt DNS Queries 288
Actions That Allow DNS Queries 292
Sources of Intelligence 293
Best Practices for Blocking DNS Queries 295
Fulfilling Prerequisites 296
Configuring DNS Policy 297
Add a New Rule to a DNS Policy 298
Invoke the DNS Policy 301
Verification 302
Summary 307
Exam Preparation Tasks 307
Chapter 14 URL Filtering 310
Do I Know This Already? Quiz 310
Foundation Topics 312
URL Filtering Essentials 312
Category and Reputation 312
URL Database 314
Fulfilling Prerequisites 315
Best Practices for URL Filtering Configuration 317
Enabling URL Filtering 322
Blocking URLs of a Certain Category 323
Verifying the Operation of a URL Filtering Rule 325
Allowing a Specific URL 329
Analyzing the Default Category Override 331
Handling Uncategorized URLs 335
Investigating the Uncategorized URLs 338
Summary 340
Exam Preparation Tasks 341
Part III Advanced Configurations
Chapter 15 Network Analysis and Intrusion Policies 342
Do I Know This Already? Quiz 343
Foundation Topics 345
Intrusion Prevention System Essentials 345
Network Analysis Policy 346
Intrusion Policy 346
System-Provided Variable Sets 352
System-Provided Base Policies 353
Best Practices for Intrusion Policy Deployment 356
Configuring a Network Analysis Policy 359
Configuring an Intrusion Policy 364
Creating a Policy with a Default Ruleset 364
Incorporating Intrusion Rule Recommendations 365
Enabling or Disabling an Intrusion Rule 368
Setting Up a Variable Set 369
Policy Deployment 371
Verification 373
Summary 379
Exam Preparation Tasks 379
Chapter 16 Malware and File Policy 380
Do I Know This Already? Quiz 380
Foundation Topics 382
File Policy Essentials 382
File Type Detection 382
Malware Analysis 382
Best Practices for File Policy Configuration 386
Fulfilling Prerequisites 387
Configuring a File Policy 390
Creating a File Policy 390
Deploying a File Policy 396
Verification 398
Analyzing File Events 399
Analyzing Malware Events 404
The Management Center Is Unable to Communicate with the Cloud 404
The Management Center Performs a Cloud Lookup...
| Erscheinungsjahr: | 2022 |
|---|---|
| Fachbereich: | EDV |
| Genre: | Importe, Informatik |
| Rubrik: | Naturwissenschaften & Technik |
| Thema: | Lexika |
| Medium: | Taschenbuch |
| ISBN-13: | 9780136589709 |
| ISBN-10: | 0136589707 |
| Sprache: | Englisch |
| Einband: | Kartoniert / Broschiert |
| Autor: | Rajib, Nazmul |
| Hersteller: | Pearson Education |
| Verantwortliche Person für die EU: | Libri GmbH, Europaallee 1, D-36244 Bad Hersfeld, gpsr@libri.de |
| Maße: | 237 x 195 x 45 mm |
| Von/Mit: | Nazmul Rajib |
| Erscheinungsdatum: | 25.06.2022 |
| Gewicht: | 1,272 kg |
Ähnliche Produkte
Lieferzeit 1-2 Wochen
Lieferzeit 1-2 Werktage
Lieferzeit 1-2 Wochen
Lieferzeit 1-2 Wochen
Lieferzeit 2-4 Werktage
Lieferzeit 1-2 Wochen
Lieferzeit 1-2 Wochen