Muutke küpsiste eelistusi

E-raamat: Cisco Next-Generation Security Solutions: All-in-one Cisco ASA Firepower Services, NGIPS, and AMP

3.83/5 (12 hinnangut Goodreads-ist)
, ,
  • Formaat: 368 pages
  • Ilmumisaeg: 06-Jul-2016
  • Kirjastus: Cisco Press
  • Keel: eng
  • ISBN-13: 9780134213040
Teised raamatud teemal:
  • Formaat - EPUB+DRM
  • Hind: 49,13 €*
  • * hind on lõplik, st. muud allahindlused enam ei rakendu
  • Lisa ostukorvi
  • Lisa soovinimekirja
  • See e-raamat on mõeldud ainult isiklikuks kasutamiseks. E-raamatuid ei saa tagastada.
Cisco Next-Generation Security Solutions: All-in-one Cisco ASA Firepower Services, NGIPS, and AMPSuurem pilt
  • Formaat: 368 pages
  • Ilmumisaeg: 06-Jul-2016
  • Kirjastus: Cisco Press
  • Keel: eng
  • ISBN-13: 9780134213040
Teised raamatud teemal:

DRM piirangud

  • Kopeerimine (copy/paste):

    ei ole lubatud

  • Printimine:

    ei ole lubatud

  • Kasutamine:

    Digitaalõiguste kaitse (DRM)
    Kirjastus on väljastanud selle e-raamatu krüpteeritud kujul, mis tähendab, et selle lugemiseks peate installeerima spetsiaalse tarkvara. Samuti peate looma endale  Adobe ID Rohkem infot siin. E-raamatut saab lugeda 1 kasutaja ning alla laadida kuni 6'de seadmesse (kõik autoriseeritud sama Adobe ID-ga).

    Vajalik tarkvara
    Mobiilsetes seadmetes (telefon või tahvelarvuti) lugemiseks peate installeerima selle tasuta rakenduse: PocketBook Reader (iOS / Android)

    PC või Mac seadmes lugemiseks peate installima Adobe Digital Editionsi (Seeon tasuta rakendus spetsiaalselt e-raamatute lugemiseks. Seda ei tohi segamini ajada Adober Reader'iga, mis tõenäoliselt on juba teie arvutisse installeeritud )

    Seda e-raamatut ei saa lugeda Amazon Kindle's. 

Network threats are emerging and changing faster than ever before. Cisco Next-Generation Network Security technologies give you all the visibility and control you need to anticipate and meet tomorrows threats, wherever they appear. Now, three Cisco network security experts introduce these products and solutions, and offer expert guidance for planning, deploying, and operating them.

The authors present authoritative coverage of Cisco ASA with FirePOWER Services; Cisco Firepower Threat Defense (FTD); Cisco Next-Generation IPS appliances; the Cisco Web Security Appliance (WSA) with integrated Advanced Malware Protection (AMP); Cisco Email Security Appliance (ESA) with integrated Advanced Malware Protection (AMP); Cisco AMP ThreatGrid Malware Analysis and Threat Intelligence, and the Cisco Firepower Management Center (FMC).

Youll find everything you need to succeed: easy-to-follow configurations, application case studies, practical triage and troubleshooting methodologies, and much more.





Effectively respond to changing threat landscapes and attack continuums Design Cisco ASA with FirePOWER Services and Cisco Firepower Threat Defense (FTD) solutions Set up, configure, and troubleshoot the Cisco ASA FirePOWER Services module and Cisco Firepower Threat Defense Walk through installing AMP Private Clouds Deploy Cisco AMP for Networks, and configure malware and file policies Implement AMP for Content Security, and configure File Reputation and File Analysis Services Master Cisco AMP for Endpoints, including custom detection, application control, and policy management Make the most of the AMP ThreatGrid dynamic malware analysis engine Manage Next-Generation Security Devices with the Firepower Management Center (FMC) Plan, implement, and configure Cisco Next-Generation IPSincluding performance and redundancy Create Cisco Next-Generation IPS custom reports and analyses Quickly identify the root causes of security problems
Introduction xix
Chapter 1 Fundamentals of Cisco Next-Generation Security 1(26)
The New Threat Landscape and Attack Continuum
2(2)
The Attack Continuum
3(1)
Cisco ASA 5500-X Series Next-Generation Firewalls and the Cisco ASA with FirePOWER Services
4(3)
Cisco Firepower Threat Defense (FTD)
7(1)
Cisco Firepower 4100 Series
7(1)
Cisco Firepower 9300 Series
7(1)
Cisco FTD for Cisco Integrated Services Routers (ISRs)
8(1)
Next-Generation Intrusion Prevention Systems (NGIPS)
8(1)
Firepower Management Center
9(1)
AMP for Endpoints
9(3)
AMP for Networks
12(1)
AMP Threat Grid
12(1)
Email Security Overview
13(3)
Email Security Appliance
13(2)
Cloud Email Security
15(1)
Cisco Hybrid Email Security
16(1)
Web Security Overview
16(6)
Web Security Appliance
16(4)
Cisco Security Management Appliance
20(1)
Cisco Cloud Web Security (CWS)
21(1)
Cisco Identity Services Engine (ISE)
22(1)
Cisco Meraki Cloud-Managed MDM
23(1)
Cisco Meraki Cloud-Managed Security Appliances
24(1)
Cisco VPN Solutions
24(1)
Summary
25(2)
Chapter 2 Introduction to and Design of Cisco ASA with FirePOWER Services 27(38)
Introduction to Cisco ASA FirePOWER Services
28(1)
Inline versus Promiscuous Mode
29(2)
Inline Mode
29(1)
Promiscuous Monitor-Only Mode
30(1)
Cisco ASA FirePOWER Management Options
31(5)
Accessing the Cisco ASA FirePOWER Module Management Interface in Cisco ASA 5585-X Appliances
32(2)
Accessing the Cisco ASA FirePOWER Module Management Interface in Cisco ASA 5500-X Appliances
34(2)
Cisco ASA FirePOWER Services Sizing
36(1)
Cisco ASA FirePOWER Services Licensing
37(5)
The Protection License
37(1)
The Control License
38(1)
The URL Filtering License
38(1)
The Malware License
39(1)
Viewing the Installed Cisco ASA FirePOWER Module Licenses
39(2)
Adding a License to the Cisco ASA FirePOWER Module
41(1)
Cisco ASA FirePOWER Compatibility with Other Cisco ASA Features
42(1)
Cisco ASA FirePOWER Packet Processing Order of Operations
42(3)
Cisco ASA FirePOWER Services and Failover
45(4)
What Happens When the Cisco ASA FirePOWER Module Fails?
49(1)
Cisco ASA FirePOWER Services and Clustering
49(7)
Cluster Member Election
51(1)
How Connections Are Established and Tracked in a Cluster
52(1)
How a New TCP Connection Is Established and Tracked in a Cluster
52(1)
How a New UDP-Like Connection Is Established and Tracked in a Cluster
53(1)
Centralized Connections in a Cluster
54(1)
What Happens When the Flow Owner Fails
55(1)
Deploying the Cisco ASA FirePOWER Services in the Internet Edge
56(1)
Deploying the Cisco ASA FirePOWER Services in VPN Scenarios
56(2)
Deploying Cisco ASA FirePOWER Services in the Data Center
58(3)
Firepower Threat Defense (FTD)
61(2)
Summary
63(2)
Chapter 3 Configuring Cisco ASA with FirePOWER Services 65(54)
Setting Up the Cisco ASA FirePOWER Module in Cisco ASA 5585-X Appliances
65(4)
Installing the Boot Image and Firepower System Software in the Cisco ASA 5585-X SSP
67(2)
Setting Up the Cisco ASA FirePOWER Module in Cisco ASA 5500-X Appliances
69(18)
Installing the Boot Image and Firepower System Software in the SSD of Cisco ASA 5500-X Appliances
69(4)
Configuring of Cisco ASA 5506-X, 5508-X, and 5516-X Appliances
73(5)
Uploading ASDM
78(1)
Setting Up the Cisco ASA to Allow ASDM Access
79(1)
Accessing the ASDM
80(2)
Setting Up a Device Name and Passwords
82(1)
Configuring an Interface
83(4)
Configuring the Cisco ASA to Redirect Traffic to the Cisco ASA FirePOWER Module
87(4)
Configuring the Cisco ASA FirePOWER Module for the FMC
91(1)
Configuring the Cisco ASA FirePOWER Module Using the ASDM
92(22)
Configuring Access Control Policies
92(1)
Creating a New Access Control Policy
93(1)
Adding Rules to the Access Control Policy
94(4)
Security Intelligence
98(1)
HTTP Responses
98(2)
Access Control Policy Advanced Settings
100(2)
Configuring Intrusion Policies
102(2)
Custom Rules
104(4)
Configuring File Policies
108(3)
Reusable Object Management
111(1)
Keeping the Cisco FirePOWER Module Up-to-Date
111(3)
Firepower Threat Defense
114(4)
Installing FTD Boot Image and Software
115(1)
FTD Firewall Mode
116(1)
FTD Interface Types
116(1)
FTD Security Zones
117(1)
Static and Dynamic Routing in FTD
117(1)
Summary
118(1)
Chapter 4 Troubleshooting Cisco ASA with FirePOWER Services and Firepower Threat Defense (FTD) 119(22)
Useful show Commands
119(21)
Displaying the Access Control Policy Details
121(4)
Displaying the Network Configuration
125(3)
Monitoring Storage Usage
128(2)
Analyzing Running Processes
130(2)
Using the System Log (Syslog)
132(4)
Monitoring and Troubleshooting System Tasks
136(1)
Generating Advanced Troubleshooting Logs
136(4)
Useful ASA Debugging Commands
140(1)
Summary
140(1)
Chapter 5 Introduction to and Architecture of Cisco AMP 141(30)
Introduction to Advanced Malware Protection (AMP)
141(2)
Role of the AMP Cloud
143(1)
Doing Security Differently
144(5)
The Prevention Framework
144(1)
1-to-1 Signatures
145(1)
Ethos Engine
145(1)
Spero Engine
145(1)
Indicators of Compromise
146(1)
Device Flow Correlation
147(1)
Advanced Analytics
147(1)
Dynamic Analysis with Threat Grid
147(1)
The Retrospective Framework
148(1)
The Cloud
149(1)
Private Cloud
149(2)
Cloud Proxy Mode
150(1)
Air Gap Mode
151(1)
Installing the Cisco AMP Private Cloud
151(18)
Summary
169(2)
Chapter 6 Cisco AMP for Networks 171(12)
Introduction to Advanced Malware Protection (AMP) for Networks
171(10)
What Is That Manager Called, Anyway?
171(1)
Form Factors
172(1)
What Does AMP for Networks Do?
172(2)
Where Are the AMP Policies?
174(2)
File Rules
176(2)
Advanced File Policies
178(3)
Summary
181(2)
Chapter 7 Cisco AMP for Content Security 183(12)
Introduction to AMP for Content Security
183(1)
Content Security Connectors
184(1)
Configuring Cisco AMP for Content Security
185(7)
Configuring the Web Security Appliance (WSA) for AMP
185(4)
Configuring the Email Security Appliance (ESA) for AMP
189(3)
AMP Reports
192(2)
Summary
194(1)
Chapter 8 Cisco AMP for Endpoints 195(60)
Introduction to AMP for Endpoints
196(1)
What Is AMP for Endpoints?
197(1)
Connections to the AMP Cloud
198(1)
Firewalls, Destinations, and Ports, Oh My!
198(1)
Outbreak Control
199(13)
Custom Detections
199(1)
Simple Custom Detections
199(2)
Advanced Custom Detections
201(3)
Android Custom Detections
204(1)
IP Blacklists and Whitelists
205(2)
Application Control
207(2)
Exclusion Sets
209(3)
The Many Faces of AMP for Endpoints
212(1)
AMP for Windows
212(15)
Windows Policies
214(1)
General Tab
215(5)
File Tab
220(6)
Network Tab
226(1)
Known Incompatible Software
227(1)
AMP for Mac
227(6)
MAC Policies
228(1)
General Tab
229(2)
File Tab
231(2)
Network Tab
233(1)
AMP for Linux
233(2)
Linux Policies
234(1)
General Tab
234(1)
File Tab
235(1)
Network Tab
235(1)
AMP for Android
235(1)
Installing AMP for Endpoints
236(14)
Groups, Groups, and More Groups
236(2)
Download Connector
238(1)
Distributing via Cisco AnyConnect
238(1)
Installing AMP for Windows
239(3)
Installing AMP for Mac
242(3)
Installing AMP for Linux
245(2)
Installing AMP for Android
247(1)
Android Activation Codes
247(1)
Deploying the AMP for Android Connector
248(2)
Proxy Complications
250(1)
Proxy Server Autodetection
250(1)
Incompatible Proxy Security Configurations
251(1)
Using the Cloud Console
251(3)
Summary
254(1)
Chapter 9 AMP Threat Grid: Malware Analysis and Threat Intelligence 255(8)
Cisco AMP Threat Grid
255(3)
Cisco AMP Threat Grid Cloud Solution
258(1)
Cisco AMP Threat Grid On-Premises Appliance
259(2)
Default Users
260(1)
Network Segment Configuration
261(1)
Summary
261(2)
Chapter 10 Introduction to and Deployment of Cisco Next-Generation IPS 263(22)
NGIPS Basics
263(8)
Legacy IPS Versus NGIPS
264(1)
Cisco NGIPS Capabilities
265(3)
NGIPS Modes
268(2)
NGIPS Deployment Locations and Scenarios
270(1)
NGIPS Deployment Design Considerations
271(6)
Threat Management and System Capabilities
271(1)
Flow Handling
272(1)
Scale and Availability
273(3)
Management Platform Integration
276(1)
Licensing and Cost
276(1)
NGIPS Deployment Lifecycle
277(6)
Policy Definition
278(1)
Product Selection and Planning
279(2)
Implementation and Operation
281(1)
Evaluation and Control
282(1)
Summary
283(2)
Chapter 11 Configuring Cisco Next-Generation IPS 285(22)
Policy
286(6)
Policy Layers
286(1)
Variables
287(2)
Configuring a Cisco Firepower Intrusion Policy
289(2)
Committing a Policy
291(1)
Snort Rules
292(11)
Rule Anatomy
293(1)
Rule Headers
294(1)
Rule Body
295(2)
Writing a Rule
297(1)
Managing Snort Rules in FMC
298(1)
Cisco NGIPS Preprocessors
299(2)
Firepower Recommendations
301(2)
Performance Settings
303(2)
Stack/Cluster
305(1)
Summary
306(1)
Chapter 12 Reporting and Troubleshooting with Cisco Next-Generation IPS 307(22)
Analysis
307(17)
Intrusion Events
308(5)
Intrusion Event Workflows
313(2)
Reports
315(1)
Incidents
316(2)
Alerts
318(1)
SNMP Alerts
319(1)
Email Alerts
320(1)
Syslog Alerts
321(1)
Correlation Policies
322(2)
Troubleshooting
324(4)
Audit
324(1)
Health Monitoring
325(2)
Syslogs
327(1)
Summary
328(1)
Index 329
Omar Santos, CISSP No. 463598, Principal Engineer of the Cisco Product Security Incident Response Team (PSIRT), leads engineers and incident managers in investigating and resolving Cisco product vulnerabilities. He has held IT and cybersecurity positions for 20 years, and has designed, implemented, and supported secure networks for enterprises and the U.S. government. Formerly technical leader within the Cisco World Wide Security Practice and TAC, he has led industry-wide initiatives to harden critical infrastructure. He is the author of several books including Cisco ASA, CCNA Security, NetFlow, and many other cyber security topics.

Panos Kampanakis, CCIE No. 28561, CISSP No. 367831, is a Technical Marketing Engineer in the Cisco Security and Trust Organization (S&TO). Kampanakis has extensive experience with cryptography, security automation, vulnerability management and cyber security. He presents on security at Cisco Live, participates in standards bodies to provide interoperability for security information sharing, cryptography and PKI; and works with the Cisco PSIRT to mitigate vulnerabilities. His interests include next-generation and post-quantum cryptography, cryptographic interoperability, and IoT security.

Aaron Woland, CCIE No. 20113 , Principal Engineer in the Cisco Security Business Group, works with Ciscos largest customers. He specializes in secure access and identity deployments with ISE, solution enhancements, standards development, and futures. An inaugural member of Cisco Lives Hall of Fame for Distinguished Speakers, he is a Network World security columnist, and holds GHIC, GSEC, Certified Ethical Hacker, MCSE, VCP, CCSP, CCNP, and CCDP certifications. His books include Cisco ISE for BYOD and Secure Unified Access.
Lisainfo e-raamatute kohta Lisainfo e-raamatute kohta
Püsilink: https://www.kriso.ee/db/97801342130406e.html
Märksõnad: