By Jazib Frahim, Omar Santos, Andrew Ossipov
All-in-One Next-Generation Firewall, IPS, and VPN prone, 3rd Edition
Identify, mitigate, and reply to today’s highly-sophisticated community attacks.
Today, community attackers are way more subtle, relentless, and unsafe. In reaction, Cisco ASA: All-in-One Next-Generation Firewall, IPS, and VPN companies has been absolutely up to date to hide the most recent suggestions and Cisco applied sciences for maximizing end-to-end defense on your setting. 3 top Cisco protection specialists advisor you thru each step of making a whole safeguard plan with Cisco ASA, after which deploying, configuring, working, and troubleshooting your solution.
Fully up-to-date for today’s most up-to-date ASA releases, this variation provides new insurance of ASA 5500-X, ASA 5585-X, ASA providers Module, ASA next-generation firewall prone, EtherChannel, worldwide ACLs, clustering, IPv6 advancements, IKEv2, AnyConnect safe Mobility VPN consumers, and extra. The authors clarify major fresh licensing adjustments; introduce improvements to ASA IPS; and stroll you thru configuring IPsec, SSL VPN, and NAT/PAT.
You’ll how one can practice Cisco ASA adaptive identity and mitigation prone to systematically develop protection in community environments of all sizes and kinds. The authors current up to date pattern configurations, confirmed layout situations, and genuine debugs–
all designed that will help you utilize Cisco ASA on your quickly evolving network.
Jazib Frahim, CCIE® No. 5459 (Routing and Switching; Security), Principal Engineer within the international safety suggestions crew, publications top-tier Cisco consumers in security-focused community layout and implementation. He architects, develops, and launches new protection providers ideas. His books comprise Cisco SSL VPN suggestions and Cisco community Admission regulate, quantity II: NAC Deployment and Troubleshooting.
Omar Santos, CISSP No. 463598, Cisco Product safety Incident reaction crew (PSIRT) technical chief, leads and mentors engineers and incident managers in investigating and resolving vulnerabilities in Cisco items and maintaining Cisco shoppers. via 18 years in IT and cybersecurity, he has designed, carried out, and supported various safe networks for Fortune® 500 businesses and the U.S. executive. he's additionally the writer of a number of different books and various whitepapers and articles.
Andrew Ossipov, CCIE® No. 18483 and CISSP No. 344324, is a Cisco Technical advertising and marketing Engineer serious about firewalls, intrusion prevention, and information heart defense. Drawing on greater than sixteen years in networking, he works to resolve complicated shopper technical difficulties, architect new beneficial properties and items, and outline destiny instructions for Cisco’s product portfolio. He holds a number of pending patents.
Understand, set up, configure, license, continue, and troubleshoot the latest ASA devices
Efficiently enforce Authentication, Authorization, and Accounting (AAA) services
Control and provision community entry with packet filtering, context-aware Cisco ASA next-generation firewall prone, and new NAT/PAT concepts
Configure IP routing, program inspection, and QoS
Create firewall contexts with specified configurations, interfaces, guidelines, routing tables, and administration
Enable built-in defense opposed to many sorts of malware and complicated power threats (APTs) through Cisco Cloud net protection and Cisco safety Intelligence Operations (SIO)
Implement excessive availability with failover and elastic scalability with clustering
Deploy, troubleshoot, visual display unit, music, and deal with Intrusion Prevention process (IPS) features
Implement site-to-site IPsec VPNs and all different types of remote-access VPNs (IPsec, clientless SSL, and client-based SSL)
Configure and troubleshoot Public Key Infrastructure (PKI)
Use IKEv2 to extra successfully withstand assaults opposed to VPNs
Leverage IPv6 aid for IPS, packet inspection, obvious firewalls, and site-to-site IPsec VPNs