Download cisco press ccie professional development network security principles and practices EBooks | Read online cisco press ccie professional development network security principles and practices EBooks
Network Security Principles and Practices,
Expert solutions for securing network infrastructures and VPNs Build security into the network by defining zones, implementing secure routing protocol designs, and building safe LAN switching environments Understand the inner workings of the Cisco PIX Firewall and analyze in-depth Cisco PIX Firewall and Cisco IOS Firewall features and concepts Understand what VPNs are and how they are implemented with protocols such as GRE, L2TP, and IPSec Gain a packet-level understanding of the IPSec suite of protocols, its associated encryption and hashing functions, and authentication techniques Learn how network attacks can be categorized and how the Cisco IDS is designed and can be set upto protect against them Control network access by learning how AAA fits into the Cisco security model and by implementing RADIUS and TACACS+ protocols Provision service provider security using ACLs, NBAR, and CAR to identify and control attacks Identify and resolve common implementation failures by evaluating real-world troubleshooting scenarios As organizations increase their dependence on networks for core business processes and increase access to remote sites and mobile workers via virtual private networks (VPNs), network security becomes more and more critical. In today's networked era, information is an organization's most valuable resource. Lack of customer, partner, and employee access to e-commerce and data servers can impact both revenue and productivity. Even so, most networks do not have the proper degree of security. Network Security Principles and Practices provides an in-depth understanding of the policies, products, and expertise that brings organization to this extremely complex topic and boosts your confidence in the performance and integrity of your network systems and services. Written by the CCIE engineer who wrote the CCIE Security lab exam and who helped develop the CCIE Security written exam, Network Security Principles and Practices is the first book to help prepare candidates for the CCIE Security exams. Network Security Principles and Practices is a comprehensive guide to network security threats and the policies and tools developed specifically to combat those threats. Taking a practical, applied approach to building security into networks, the book shows you how to build secure network architectures from the ground up. Security aspects of routing protocols, Layer 2 threats, and switch security features are all analyzed. A comprehensive treatment of VPNs and IPSec is presented in extensive packet-by-packet detail. The book takes a behind-the-scenes look at how the Cisco PIX(r) Firewall actually works, presenting many difficult-to-understand and new Cisco PIX Firewall and Cisco IOS(r) Firewall concepts. The book launches into a discussion of intrusion detection systems (IDS) by analyzing and breaking down modern-day network attacks, describing how an IDS deals with those threats in general, and elaborating on the Cisco implementation of IDS. The book also discusses AAA, RADIUS, and TACACS+ and their usage with some of the newer security implementations such as VPNs and proxy authentication. A complete section devoted to service provider techniques for enhancing customer security and providing support in the event of an attack is also included. Finally, the book concludes with a section dedicated to discussing tried-and-tested troubleshooting tools and techniques that are not only invaluable to candidates working toward their CCIE Security lab exam but also to the security network administrator running the operations of a network on a daily basis.
by Saadat Malik
View | |Buy/Download
Definitive MPLS Network Designs,
Field-proven MPLS designs covering MPLS VPNs, pseudowire, QoS, traffic engineering, IPv6, network recovery, and multicast Understand technology applications in various service provider and enterprise topologies via detailed design studies Benefit from the authors’ vast experience in MPLS network deployment and protocol design Visualize real-world solutions through clear, detailed illustrations Design studies cover various operator profiles including an interexchange carrier (IXC), a national telco deploying a multiservice backbone carrying Internet and IP VPN services as well as national telephony traffic, an international service provider with many POPs all around the globe, and a large enterprise relying on Layer-3 VPN services to control communications within and across subsidiaries Design studies are thoroughly explained through detailed text, sample configurations, and network diagrams Definitive MPLS Network Designs provides examples of how to combine key technologies at the heart of IP/MPLS networks. Techniques are presented through a set of comprehensive design studies. Each design study is based on characteristics and objectives common to a given profile of network operators having deployed MPLS and discusses all the corresponding design aspects. The book starts with a technology refresher for each of the technologies involved in the design studies. Next, a series of design studies is presented, each based on a specific hypothetical network representative of service provider and enterprise networks running MPLS. Each design study chapter delivers four elements. They open with a description of the network environment, including the set of supported services, the network topology, the POP structure, the transmission facilities, the basic IP routing design, and possible constraints. Then the chapters present design objectives, such as optimizing bandwidth usage. Following these are details of all aspects of the network design, covering VPN, QoS, TE, network recovery, and—where applicable—multicast, IPv6, and pseudowire. The chapters conclude with a summary of the lessons that can be drawn from the design study so that all types of service providers and large enterprise MPLS architects can adapt aspects of the design solution to their unique network environment and objectives. Although network architects have many resources for seeking information on the concepts and protocols involved with MPLS, there is no single resource that illustrates how to design a network that optimizes their benefits for a specific operating environment. The variety of network environments and requirements makes it difficult to provide a one-size-fits-all design recommendation. Definitive MPLS Network Designs fills this void. “This book comes as a boon to professionals who want to understand the power of MPLS and make full use of it.†-Parantap Lahiri, Manager, IP Network Infrastructure Engineering, MCI Includes a FREE 45-Day Online Edition This book is part of the Networking Technology Series from Cisco Press®, which offers networking professionals valuable information for constructing efficient networks, understanding new technologies, and building successful careers.
by Jim Guichard
View | |Buy/Download
CCSP Cisco Secure VPN Exam Certification Guide,
The official study guide for the Cisco Secure VPN exam #9E0-121 The only Cisco authorized exam certification guide for the new CSVPN exam Pre- and post-chapter quizzes help assess knowledge and identify areas of weakness Overviews and Foundation Summaries present complete and quick review of all CSVPN exam topics CD-ROM test engine provides practice with more than 200 questions As security demands continue to increase for enterprise and service provider networks, the number of employees working from remote locations requiring an efficient and rapid virtual private network connection grows as well. The Cisco Secure line of products and services are focused on providing the seamless operation of these remote networks with the maximum level of security available. Organizations using this suite of products and services need networking professionals with proven skills at getting the highest levels of both security and network operability. This need has created a booming demand for the Cisco Systems security certifications that verify those skills and abilities. The CSVPN exam is one of the components of the Cisco Systems security designation. "CSS-1 Cisco Secure VPN Exam Certification Guide" provides CSVPN exam candidates with a comprehensive preparation tool for testing success. With pre- and post-chapter tests, a CD-ROM-based testing engine with more than 200 questions, and comprehensive training on all exam topics, this title brings the proven exam preparation tools from the popular Cisco Press Exam Certification Guide series to the CSVPN candidate. John Roland, CCNP, CCDP, CSS-1, is a security specialist for Ajilon Consulting and has worked in the IT field for more than 22years--from COBOL programming on IBM mainframes, to LAN/WAN implementation on military networks, to developing Cisco certification training materials. Mark J. Newcomb is the owner and lead Security Engineer for Secure Networks in Spokane, Washington. Mark has more than 20 years experience in the networking industry, focusing on the financial and medical industries.
by John F. Roland
View | |Buy/Download
Cisco Callmanager Best Practices,A Cisco Avvid Solution
Delivers the proven solutions that make a difference in your Cisco IP Telephony deployment * Learn dial plan best practices that help you configure features such as intercom, group speed dials, music on hold, extension mobility, and more * Understand how to manage and monitor your system proactively for maximum uptime * Use dial plan components to reduce your exposure to toll fraud * Take advantage of call detail records for call tracing and accounting, as well as troubleshooting * Utilize the many Cisco IP Telephony features to enable branch site deployments * Discover the best ways to install, upgrade, patch, and back up CallManager * Learn how backing up to remote media provides both configuration recovery and failure survivability IP telephony represents the future of telecommunications: a converged data and voice infrastructure boasting greater flexibility and more cost-effective scalability than traditional telephony. Having access to proven best practices, developed in the field by Cisco(r) IP Telephony experts, helps you ensure a solid, successful deployment.Cisco CallManager Best Practices offers best practice solutions for CallManager and related IP telephony components such as IP phones, gateways, and applications. Written in short, to-the-point sections, this book lets you explore the tips, tricks, and lessons learned that will help you plan, install, configure, back up, restore, upgrade, patch, and secure Cisco CallManager, the core call processing component in a Cisco IP Telephony deployment. You'll also discover the best ways to use services and parameters, directory integration, call detail records, management and monitoring applications, and more. Customers inspired this book by asking the same questions time after time: How do I configure intercom? What's the best way to use partitions and calling search spaces? How do I deploy CallManager regionally on my WAN? What do all those services really do? How do I know how many calls are active? How do I integrate CallManager with Active Directory? Years of expert experiences condensed for you in this book enable you to run a top-notch system while enhancing the performance and functionality of your IP telephony deployment.
by Salvatore Collora
View | |Buy/Download
CCSP SECUR Exam Cram 2 (642-501),
SECUR is the first and most important of the 5 required exams to obtain a CCSP. Maps directly to exam objectives for easy review of the requirements. Author holds 8 certificates, has extensive experience with Cisco networks and security, and is an experienced trainer of Cisco exam topics.
by Raman Sud
View | |Buy/Download
Integrating Voice and Data Networks,
Voice/Data Integration on Cisco Networks is both a conceptual reference and a practical how-to book that bridges the gap between existing telephony networks and the new world of packetized voice over data networks. Technologies are explained in a context that gives the reader a holistic understanding of voice/data integration. Reader can then follow a complete process to design and implement a variety of network scenarios, leveraging the author's experience with real voice/data networks. The audio accompaniment on CD-ROM will be an excellent companion to demonstrate the expected voice quality using different voice/data networking scenarios. This will allow professionals in the field to demonstrate different sound quality levels to customers.
by Scott Keagy
View | |Buy/Download
Advanced Host Intrusion Prevention with CSA,
Protecting systems within an enterprise has proven as important to overall security as securing the enterprise perimeter. Over the past few years, the number of vulnerabilities stemming from weaknesses in applications and operating systems has grown dramatically. In direct correlation with the number of weaknesses discovered, the number of viruses, worms, and security attacks has also exploded across the Internet. To add to the typical virus issues that businesses have had to confront, there are also malicious programs infiltrating organizations today in the form of spyware and adware. Prevent day-zero attacks Enforce acceptable-use policies Develop host-IPS project implementation plans Evaluate management hierarchy installation options, including single-server, multiserver, and built-in database usage Learn about CSA agents and manual and scripted installation options Understand policy components and custom policy creation Use and filter information from CSA event logs Troubleshoot CSA deployments with agent and management server logs and built-in troubleshooting tools Protecting systems where the private data and intellectual property resides is no longer considered a function of perimeter defense systems but has instead become the domain of endpoint protection software, such as host Intrusion Prevention Systems (IPS). Cisco® Security Agent (CSA) is the Cisco Systems® host-IPS solution. CSA provides the security controls that corporations need to deal with threats to host and desktop computing resources. Advanced Host Intrusion Prevention with CSAis a practical guide to getting the most out of CSA deployments. Through methodical explanation of advanced CSA features and concepts, this book helps ease the fears of security administrators seeking to install and configure a host IPS. This book explains in detail such topics as installation of the management servers, installation of the agents for mass deployment, granular agent policy creation, advanced policy creation, real-world troubleshooting techniques, and best practices in implementation methodology. This guide also provides a practical installation framework taken from the actual installation and support experience of the authors. This book helps you implement host IPS appropriately, giving your organization better protection from the various threats that are impacting your business while at the same time enabling you to comply with various legal requirements put forth in such legislation as HIPAA, SOX, SB1386, and VISA PCI.
by Chad Sullivan
View | |Buy/Download
Voice Over IP Fundamentals,
A systematic approach to understanding the basics of voice over IP Understand the basics of enterprise and public telephony networking, IP networking, and how voice is transported over IP networks Learn the various caveats of converging voice and data networks Examine the basic VoIP signaling protocols (H.323, MGCP/H.248, SIP) and primary legacy voice signaling protocols (ISDN, C7/SS7) Explore how VoIP can run the same applications as the existing telephony system but in a more cost-efficient and scalable manner Delve into such VoIP topics as jitter, latency, packet loss, codecs, QoS tools, and security Voice over IP (VoIP) has become an important factor in network communications, promising lower operational costs, greater flexibility, and a variety of enhanced applications. To help you understand VoIP networks, Voice over IP Fundamentals provides a thorough introduction to the basics of VoIP. Voice over IP Fundamentals explains how a basic IP telephony infrastructure is built and works today, major concepts concerning voice and data networking, and transmission of voice over data networks. You'll learn how voice is signaled through legacy telephone networks, how IP signaling protocols are used to interoperate with current telephony systems, and how to ensure good voice quality using quality of service (QoS). Even though Voice over IP Fundamentals is written for anyone seeking to understand how to use IP to transport voice, its target audience comprises both voice and data networking professionals. In the past, professionals working in voice and data networking did not have to understand each other's roles. However, in this world of time-division multiplexing (TDM) and IP convergence, it is important to understand how these technologies work together. Voice over IP Fundamentals explains all the details so that voice experts can understand data networking and data experts can understand voice networking. The second edition of this best-selling book includes new chapters on the importance of billing and mediation in a VoIP network, security, and the common types of threats inherent when packet voice environments, public switched telephone networks (PSTN), and VoIP interoperate. It also explains enterprise and service-provider applications and services.
by
View | |Buy/Download
TCP/IP First-Step,
Your first step into the world of TCP/IP networking!
by Mark A. Sportack
View | |Buy/Download
Storage Networking Protocol Fundamentals,
A comparative analysis of Ethernet, TCP/IP, and Fibre Channel in the context of SCSI Introduces network administrators to the requirements of storage protocols Explains the operation of network protocols to storage administrators Compares and contrasts the functionality of Ethernet, TCP/IP, and Fibre Channel Documents the details of the major protocol suites, explains how they operate, and identifies common misunderstandings References the original standards and specifications so you can get a complete understanding of each protocol Helps you understand the implications of network design choices Discusses advanced network functionality such as QoS, security, management, and protocol analysis Corporations increasingly depend on computer and communication technologies to remain competitive in the global economy. Customer relationship management, enterprise resource planning, and e-mail are a few of the many applications that generate new data every day. Effectively storing, managing, and accessing that data is a primary business challenge in the information age. Storage networking is a crucial component of the solution to meet that challenge. Written for both storage administrators who need to learn more about networking and network administrators who need to learn more about storage, Storage Networking Protocol Fundamentals is a concise introduction to storage networking protocols. The book picks up where Storage Networking Fundamentals left off by focusing on the networking protocols that underlie modern open systems: block-oriented storage networks. The first part of the book introduces you to the field of storage networking and the Open Systems Interconnection (OSI) reference model. The second part compares networked storage technologies, including iSCSI (Small Computer Systems Interface over IP) and Fibre Channel. It also examines in detail each of the major protocol suites layer-by-layer within the OSI reference model. The third part discusses advanced functionalities of these technologies, such as quality of service (QoS), load-balancing functions, security, management, and protocol analysis. You can read this book cover to cover or use it as a reference, directly accessing the particular topics of interest to you. “Storage networking is a critical concept for today’s businesses, and this book provides a unique and helpful way to better understand it. Storage networking is also continuously evolving, and as such this book may be seen as an introduction to the information technology infrastructures of the future.†—from the foreword by Claudio DeSanti, vice-chairman of the ANSI INCITS T11 Technical Committee
by James Long
View | |Buy/Download
QoS for IP/MPLS Networks,
A comprehensive guide to implementing QoS in IP/MPLS networks using Cisco IOS and Cisco IOS XR Software Understand IP QoS architectures and how they apply to MPLS Take a detailed look at traffic management using policing, shaping, scheduling, and active queue management Study Cisco QoS behavioral model and the modular QoS command-line interface (MQC) Learn the operation of MPLS TE with its DiffServ extensions and applicability as a traffic-protection alternative Find multiple configuration and verification examples illustrating the implementation of MPLS TE, DS-TE, and FRR Review the different designs, ranging from a best-effort backbone to the most elaborate scenarios combining DiffServ, DS-TE, and FRR Quality of service (QoS) plays a key role in the implementation of IP and MPLS networks today. However, QoS can be one of the most complex aspects of networking. The industry efforts to achieve convergence have generated a need for increased levels of traffic differentiation. Today's networks need to meet an array of QoS requirements to support distinct applications (such as voice, video, and data) and multiple network services (such as IP, Ethernet, and ATM) on a single converged, multiservice network. QoS has therefore has become an integral part of network design, implementation, and operation. QoS for IP/MPLS Networks is a practical guide that will help you facilitate the design, deployment, and operation of QoS using Cisco® IOS® Software and Cisco IOS XR Software. The book provides a thorough explanation of the technology behind MPLS QoS and related technologies, including the different design options you can use to build an MPLS network with strict performance requirements. This book discusses MPLS Traffic Engineering (MPLS TE) as a tool to complement MPLS QoS and enhance the performance characteristics of the network. You'll learn technology, configuration, and operational details, including the essentials facts about the behavior and configuration of the rich MPLS QoS and related MPLS TE functionality. To get the most out of this book, you should have a basic understanding of both IP and MPLS, including the basics of IP addressing and routing and the basics of MPLS forwarding.
by Santiago Alvarez
View | |Buy/Download
Cisco Express Forwarding,
Cisco Express Forwarding Understanding and troubleshooting CEF in Cisco routers and switches Nakia Stringfield, CCIE® No. 13451 Russ White, CCIE No. 2635 Stacia McKee How does a router switch a packet? What is the difference between routing a packet, switching a frame, and packet switching? What is the Cisco® Express Forwarding (CEF) feature referred to in Cisco documentation and commonly found in Cisco IOS® commands? CEF is a general term that describes the mechanism by which Cisco routers and Catalyst® switches packet-switch (route) frames. CEF is found in almost all Cisco routers and Catalyst switches, and understanding how CEF operates can improve the performance, scalability, and efficiency of your network. Cisco Express Forwarding demystifies the internal workings of Cisco routers and switches, making it easier for you to optimize performance and troubleshoot issues that arise in Cisco network environments. This book addresses common misconceptions about CEF and packet switching across various platforms, helping you to improve your troubleshooting skills for CEF- and non-CEF-related problems. The first part of the book provides an overview of packet-switching architectures and CEF operation and advanced features. It also covers the enhanced CEF structure and general troubleshooting. The second part of the book provides case studies that focus on the common topics that have been problematic for customers and those supporting Cisco networks. Full of practical examples and configurations, this book draws on years of experience to help you keep your Cisco networks running efficiently. Nakia Stringfield, CCIE® No. 13451, is a network consulting engineer for Advanced Services at Cisco, supporting top financial customers with network design and applying best practices. She was formerly a senior customer support engineer for the Routing Protocols Technical Assistance Center (TAC) team troubleshooting issues related to CEF and routing protocols. Nakia has been with Cisco for more than six years, previously serving as a technical leader for the Architecture TAC team. Russ White, CCIE No. 2635, is a Principle Engineer in the Routing Protocol Design and Architecture team at Cisco. He is a member of the IETF Routing Area Directorate, co-chair of the Routing Protocols Security Working Group in the IETF, a regular speaker at Cisco Networkers, a member of the CCIE Content Advisory Group, and the coauthor of six other books about routing and routing protocols, including Optimal Routing Design from Cisco Press. Russ primarily works in the development of new features and design architectures for routing protocols. Stacia McKee is a customer support engineer and technical leader of the Routing Protocols Technical Assistance Center (TAC) team. This team focuses on providing post-sales support of IP routing protocols, MPLS, QoS, IP multicast, and many other Layer 3 technologies. Stacia has been with Cisco for more than six years, previously serving as a technical leader of the Architecture TAC team and a member of the WAN/Access TAC team. Learn the key features of packet-switching architectures Understand the basics of the CEF architecture and operation Examine the enhanced CEF structure, which improves scalability Learn how to troubleshoot in software-switching environments Understand the effect of CEF on a Cisco Catalyst 6500 Supervisor 720 Configure and troubleshoot load sharing with CEF Evaluate the effect of CEF in an MPLS VPN environment Review CEF design considerations that impact scalability Part I Understanding, Configuring, and Troubleshooting CEF Chapter 1 Introduction to Packet-Switching Architectures Chapter 2 Understanding Cisco Express Forwarding Chapter 3 CEF Enhanced Scalability Chapter 4 Basic IP Connectivity and CEF Troubleshooting Part II CEF Case Studies Chapter 5 Understanding Packet Switching on the Cisco Catalyst 6500 Supervisor 720 Chapter 6 Load Sharing with CEF Chapter 7 Understanding CEF in an MPLS VPN Environment Part III Appendix Appendix A Scalability This book is part of the Networking Technology Series from Cisco Press®, which offers networking professionals valuable information for constructing efficient networks, understanding new technologies, and building successful careers. Category: Networking Covers: Routing and Switching 1587052369
by Nakia Stringfield
View | |Buy/Download
MPLS and VPN Architectures,
Master the latest MPLS VPN solutions to design, deploy, and troubleshoot advanced or large-scale networks With MPLS and VPN Architectures, Volume II, you'll learn: How to integrate various remote access technologies into the backbone providing VPN service to many different types of customers The new PE-CE routing options as well as other advanced features, including per-VPN Network Address Translation (PE-NAT) How VRFs can be extended into a customer site to provide separation inside the customer network The latest MPLS VPN security features and designs aimed at protecting the MPLS VPN backbone How to carry customer multicast traffic inside a VPN The latest inter-carrier enhancements to allow for easier and more scalable deployment of inter-carrier MPLS VPN services Advanced troubleshooting techniques including router outputs to ensure high availability MPLS and VPN Architectures, Volume II, builds on the best-selling MPLS and VPN Architectures, Volume I (1-58705-002-1), from Cisco Press. Extending into more advanced topics and deployment architectures, Volume II provides readers with the necessary tools they need to deploy and maintain a secure, highly available VPN. MPLS and VPN Architectures, Volume II, begins with a brief refresher of the MPLS VPN Architecture. Part II describes advanced MPLS VPN connectivity including the integration of service provider access technologies (dial, DSL, cable, Ethernet) and a variety of routing protocols (IS-IS, EIGRP, and OSPF), arming the reader with the knowledge of how to integrate these features into the VPN backbone. Part III details advanced deployment issues including security, outlining the necessary steps the service provider must take to protect the backbone and any attached VPN sites, and also detailing the latest security features to allow more advanced topologies and filtering. This part also covers multi-carrier MPLS VPN deployments. Finally, Part IV provides a methodology for advanced MPLS VPN troubleshooting. MPLS and VPN Architectures, Volume II, also introduces the latest advances in customer integration, security, and troubleshooting features essential to providing the advanced services based on MPLS VPN technology in a secure and scalable way. This book is part of the Networking Technology Series from Cisco Press(r), which offers networking professionals valuable information for constructing efficient networks, understanding new technologies, and building successful careers.
by Ivan Pepelnjak
View | |Buy/Download
Comparing, Designing, and Deploying VPNs,
A detailed guide for deploying PPTP, L2TPv2, L2TPv3, MPLS Layer-3, AToM, VPLS and IPSec virtual private networks.
by Mark Lewis (CCIE.)
View | |Buy/Download
Network Security Fundamentals,
Written for those IT professionals who have some networking background but are new to the security field, this handbook is divided into three parts: first the basics, presenting terms and concepts; second, the two components of security--cryptography and security policies--and finally the various security components, such as router security, firewalls, remote access security, wireless security and VPNs. Original. (Intermediate)
by Gert De Laet
View | |Buy/Download
Amazon.com Widgets