Résumé
Harden perimeter routers with Cisco firewall functionality and features to ensure network security
- Detect and prevent denial of service (DoS) attacks with TCP Intercept, Context-Based Access Control (CBAC), and rate-limiting techniques
- Use Network-Based Application Recognition (NBAR) to detect and filter unwanted and malicious traffic
- Use router authentication to prevent spoofing and routing attacks
- Activate basic Cisco IOS filtering features like standard, extended, timed, lock-and-key, and reflexive ACLs to block various types of security threats and attacks, such as spoofing, DoS, Trojan horses, and worms
- Use black hole routing, policy routing, and Reverse Path Forwarding (RPF) to protect against spoofing attacks
- Apply stateful filtering of traffic with CBAC, including dynamic port mapping
- Use Authentication Proxy (AP) for user authentication
- Perform address translation with NAT, PAT, load distribution, and other methods
- Implement stateful NAT (SNAT) for redundancy
- Use Intrusion Detection System (IDS) to protect against basic types of attacks
- Obtain how-to instructions on basic logging and learn to easily interpret results
- Apply IPSec to provide secure connectivity for site-to-site and remote access connections
- Read about many, many more features of the IOS firewall for mastery of router security
The Cisco IOS firewall offers you the feature-rich functionality that you've come to expect from best-of-breed firewalls: address translation, authentication, encryption, stateful filtering, failover, URL content filtering, ACLs, NBAR, and many others. Cisco Router Firewall Security teaches you how to use the Cisco IOS firewall to enhance the security of your perimeter routers and, along the way, take advantage of the flexibility and scalability that is part of the Cisco IOS Software package.
Each chapter in Cisco Router Firewall Security addresses an important component of perimeter router security. Author Richard Deal explains the advantages and disadvantages of all key security features to help you understand when they should be used and includes examples from his personal consulting experience to illustrate critical issues and security pitfalls. A detailed case study is included at the end of the book, which illustrates best practices and specific information on how to implement Cisco router security features.
Whether you are looking to learn about firewall security or seeking how-to techniques to enhance security in your Cisco routers, Cisco Router Firewall Security is your complete reference for securing the perimeter of your network.
This book is part of the Networking Technology Series from Cisco Press which offers networking professionals valuable information for constructing efficient networks, understanding new technologies, and building successful careers.
L'auteur - Richard A. Deal
Richard A. Deal operates his own company, The Deal Group Inc., recently relocated to Orlando, FL. He has almost 15 years experience in the computing and networking industry including networking, training, systems administration, and programming. In addition to a BS in Mathematics and Literature from Grove City College, Richard has certifications from Cisco: Cisco instructor, Cisco Certified Network Associate (CCNA), Cisco Certified Design Associate (CCDA), Cisco Certified Network Professional (CCNP), and Cisco Certified Design Professional (CCDP). As a Cisco instructor, Richard teaches 9 different Cisco classes.
Sommaire
- I Security Overview And Firewalls
- Security Threats
- Introduction to Firewalls
- II Managing Access To Routers
- Accessing a Router
- Disabling Unnecessary Services
- Authentication, Authorization, and Accounting
- III Nonstateful Filtering Technologies
- Access List Introduction
- Basic Access Lists
- IV Stateful and advanced filtering technologies
- Reflexive Access Lists
- Context-Based Access Control
- Filtering Web and Application Traffic
- V Address Translation And Firewalls
- Address Translation
- Address Translation Issues
- VI Managing access through routers
- Lock-and-Key Access Lists
- Authentication Proxy
- Routing Protocol Protection
- VII Detecting And Preventing Attacks
- Intrusion-Detection System
- DoS Protection
- Logging Events
- VIII Virtual Private Networks
- IPSec Site-to-Site Connections
- IPSec Remote-Access Connections
- IX Case study
- Case Study
Caractéristiques techniques
| PAPIER | |
| Éditeur(s) | Cisco Press |
| Auteur(s) | Richard A. Deal |
| Parution | 22/09/2004 |
| Nb. de pages | 875 |
| Format | 18,5 x 23 |
| Couverture | Broché |
| Poids | 1500g |
| Intérieur | Noir et Blanc |
| EAN13 | 9781587051753 |
| ISBN13 | 978-1-58705-175-3 |
Avantages Eyrolles.com
Consultez aussi
- Les meilleures ventes en Graphisme & Photo
- Les meilleures ventes en Informatique
- Les meilleures ventes en Construction
- Les meilleures ventes en Entreprise & Droit
- Les meilleures ventes en Sciences
- Les meilleures ventes en Littérature
- Les meilleures ventes en Arts & Loisirs
- Les meilleures ventes en Vie pratique
- Les meilleures ventes en Voyage et Tourisme
- Les meilleures ventes en BD et Jeunesse
- Informatique Informatique d'entreprise Sécurité
- Informatique Réseaux et télecommunications Ouvrages généraux
- Informatique Réseaux et télecommunications Protocoles et standards
- Informatique Réseaux et télecommunications Conception et architectures réseau
- Informatique Réseaux et télecommunications Administration réseau
- Informatique Réseaux et télecommunications Sécurité réseau
- Informatique Réseaux et télecommunications Sécurité réseau Sécurité internet
- Informatique Réseaux et télecommunications Equipements réseaux Routeurs Routeurs Cisco
- Informatique Certifications Cisco
