By Jazib Frahim, Omar Santos, Andrew Ossipov
All-in-One Next-Generation Firewall, IPS, and VPN providers, 3rd Edition
Identify, mitigate, and reply to today’s highly-sophisticated community attacks.
Today, community attackers are way more subtle, relentless, and unsafe. In reaction, Cisco ASA: All-in-One Next-Generation Firewall, IPS, and VPN companies has been absolutely up to date to hide the most recent innovations and Cisco applied sciences for maximizing end-to-end safety on your surroundings. 3 major Cisco defense specialists consultant you thru each step of making an entire protection plan with Cisco ASA, after which deploying, configuring, working, and troubleshooting your solution.
Fully up-to-date for today’s latest ASA releases, this variation provides new insurance of ASA 5500-X, ASA 5585-X, ASA providers Module, ASA next-generation firewall companies, EtherChannel, international ACLs, clustering, IPv6 advancements, IKEv2, AnyConnect safe Mobility VPN consumers, and extra. The authors clarify major fresh licensing adjustments; introduce improvements to ASA IPS; and stroll you thru configuring IPsec, SSL VPN, and NAT/PAT.
You’ll tips on how to observe Cisco ASA adaptive identity and mitigation prone to systematically improve safety in community environments of all sizes and kinds. The authors current up to date pattern configurations, confirmed layout situations, and genuine debugs–
all designed that will help you utilize Cisco ASA on your speedily evolving network.
Jazib Frahim, CCIE® No. 5459 (Routing and Switching; Security), crucial Engineer within the international protection suggestions workforce, publications top-tier Cisco clients in security-focused community layout and implementation. He architects, develops, and launches new protection prone thoughts. His books comprise Cisco SSL VPN options and Cisco community Admission regulate, quantity II: NAC Deployment and Troubleshooting.
Omar Santos, CISSP No. 463598, Cisco Product safeguard Incident reaction group (PSIRT) technical chief, leads and mentors engineers and incident managers in investigating and resolving vulnerabilities in Cisco items and keeping Cisco buyers. via 18 years in IT and cybersecurity, he has designed, carried out, and supported quite a few safe networks for Fortune® 500 businesses and the U.S. executive. he's additionally the writer of a number of different books and various whitepapers and articles.
Andrew Ossipov, CCIE® No. 18483 and CISSP No. 344324, is a Cisco Technical advertising Engineer all for firewalls, intrusion prevention, and information heart protection. Drawing on greater than sixteen years in networking, he works to resolve complicated client technical difficulties, architect new beneficial properties and items, and outline destiny instructions for Cisco’s product portfolio. He holds numerous pending patents.
Understand, set up, configure, license, hold, and troubleshoot the most recent ASA devices
Efficiently enforce Authentication, Authorization, and Accounting (AAA) services
Control and provision community entry with packet filtering, context-aware Cisco ASA next-generation firewall providers, and new NAT/PAT concepts
Configure IP routing, software inspection, and QoS
Create firewall contexts with precise configurations, interfaces, rules, routing tables, and administration
Enable built-in defense opposed to many varieties of malware and complicated power threats (APTs) through Cisco Cloud internet protection and Cisco defense Intelligence Operations (SIO)
Implement excessive availability with failover and elastic scalability with clustering
Deploy, troubleshoot, computer screen, song, and deal with Intrusion Prevention method (IPS) features
Implement site-to-site IPsec VPNs and all sorts of remote-access VPNs (IPsec, clientless SSL, and client-based SSL)
Configure and troubleshoot Public Key Infrastructure (PKI)
Use IKEv2 to extra successfully withstand assaults opposed to VPNs
Leverage IPv6 help for IPS, packet inspection, obvious firewalls, and site-to-site IPsec VPNs