CCNP Security SISAS 300-208 Official Cert Guide

Author: Aaron Woland

Publisher: Cisco Press

ISBN:

Category: Computers

Page: 600

View: 708

CCNP Security SISAS 300-208 Official Cert Guide from Cisco Press enables you to succeed on the exam the first time and is the only self-study resource approved by Cisco. Cisco security experts Aaron Woland and Kevin Redmon share preparation hints and test-taking tips, helping you identify areas of weakness and improve both your conceptual knowledge and hands-on skills. This complete study package includes A test-preparation routine proven to help you pass the exam “Do I Know This Already?” quizzes, which enable you to decide how much time you need to spend on each section The powerful Pearson IT Certification Practice Testsoftware, complete with hundreds of well-reviewed, exam-realistic questions, customization options, and detailed performance reports A final preparation chapter, which guides you through tools and resources to help you craft your review and test-taking strategies Study plan suggestions and templates to help you organize and optimize your study time Well regarded for its level of detail, study plans, assessment features, challenging review questions and exercises, video instruction, and hands-on labs, this official study guide helps you master the concepts and techniques that ensure your exam success. The official study guide helps you master topics on the CCNP Security SISAS 300-208 exam, including the following: Identity management/secure access Threat defense Troubleshooting, monitoring and reporting tools Threat defense architectures Identity management architectures

Integrated Security Technologies and Solutions - Volume II

Cisco Security Solutions for Network Access Control, Segmentation, Context Sharing, Secure Connectivity and Virtualization

Author: Aaron Woland

Publisher: Cisco Press

ISBN:

Category: Computers

Page: 2155

View: 351

The essential reference for security pros and CCIE Security candidates: identity, context sharing, encryption, secure connectivity and virtualization Integrated Security Technologies and Solutions – Volume II brings together more expert-level instruction in security design, deployment, integration, and support. It will help experienced security and network professionals manage complex solutions, succeed in their day-to-day jobs, and prepare for their CCIE Security written and lab exams. Volume II focuses on the Cisco Identity Services Engine, Context Sharing, TrustSec, Application Programming Interfaces (APIs), Secure Connectivity with VPNs, and the virtualization and automation sections of the CCIE v5 blueprint. Like Volume I, its strong focus on interproduct integration will help you combine formerly disparate systems into seamless, coherent, next-generation security solutions. Part of the Cisco CCIE Professional Development Series from Cisco Press, it is authored by a team of CCIEs who are world-class experts in their Cisco security disciplines, including co-creators of the CCIE Security v5 blueprint. Each chapter starts with relevant theory, presents configuration examples and applications, and concludes with practical troubleshooting. Review the essentials of Authentication, Authorization, and Accounting (AAA) Explore the RADIUS and TACACS+ AAA protocols, and administer devices with them Enforce basic network access control with the Cisco Identity Services Engine (ISE) Implement sophisticated ISE profiling, EzConnect, and Passive Identity features Extend network access with BYOD support, MDM integration, Posture Validation, and Guest Services Safely share context with ISE, and implement pxGrid and Rapid Threat Containment Integrate ISE with Cisco FMC, WSA, and other devices Leverage Cisco Security APIs to increase control and flexibility Review Virtual Private Network (VPN) concepts and types Understand and deploy Infrastructure VPNs and Remote Access VPNs Virtualize leading Cisco Security products Make the most of Virtual Security Gateway (VSG), Network Function Virtualization (NFV), and microsegmentation

Cisco ISE for BYOD and Secure Unified Access

Author: Aaron Woland

Publisher: Cisco Press

ISBN:

Category: Computers

Page: 912

View: 841

Fully updated: The complete guide to Cisco Identity Services Engine solutions Using Cisco Secure Access Architecture and Cisco Identity Services Engine, you can secure and gain control of access to your networks in a Bring Your Own Device (BYOD) world. This second edition of Cisco ISE for BYOD and Secure Unified Accesscontains more than eight brand-new chapters as well as extensively updated coverage of all the previous topics in the first edition book to reflect the latest technologies, features, and best practices of the ISE solution. It begins by reviewing today''s business case for identity solutions. Next, you walk through ISE foundational topics and ISE design. Then you explore how to build an access security policy using the building blocks of ISE. Next are the in-depth and advanced ISE configuration sections, followed by the troubleshooting and monitoring chapters. Finally, we go in depth on the new TACACS+ device administration solution that is new to ISE and to this second edition. With this book, you will gain an understanding of ISE configuration, such as identifying users, devices, and security posture; learn about Cisco Secure Access solutions; and master advanced techniques for securing access to networks, from dynamic segmentation to guest access and everything in between. Drawing on their cutting-edge experience supporting Cisco enterprise customers, the authors offer in-depth coverage of the complete lifecycle for all relevant ISE solutions, making this book a cornerstone resource whether you''re an architect, engineer, operator, or IT manager. � Review evolving security challenges associated with borderless networks, ubiquitous mobility, and consumerized IT � Understand Cisco Secure Access, the Identity Services Engine (ISE), and the building blocks of complete solutions � Design an ISE-enabled network, plan/distribute ISE functions, and prepare for rollout � Build context-aware security policies for network access, devices, accounting, and audit � Configure device profiles, visibility, endpoint posture assessments, and guest services � Implement secure guest lifecycle management, from WebAuth to sponsored guest access � Configure ISE, network access devices, and supplicants, step by step � Apply best practices to avoid the pitfalls of BYOD secure access � Set up efficient distributed ISE deployments � Provide remote access VPNs with ASA and Cisco ISE � Simplify administration with self-service onboarding and registration � Deploy security group access with Cisco TrustSec � Prepare for high availability and disaster scenarios � Implement passive identities via ISE-PIC and EZ Connect � Implement TACACS+ using ISE � Monitor, maintain, and troubleshoot ISE and your entire Secure Access system � Administer device AAA with Cisco IOS, WLC, and Nexus

Integrated Security Technologies and Solutions - Volume I

A Comprehensive All-In-One Reference for Cisco Security Solutions

Author: Aaron Woland

Publisher: Cisco Press

ISBN:

Category:

Page: 592

View: 827

The essential reference for security pros and CCIE Security candidates: policies, standards, infrastructure/perimeter and content security, and threat protection Integrated Security Technologies and Solutions - Volume I offers one-stop expert-level instruction in security design, deployment, integration, and support methodologies to help security professionals manage complex solutions and prepare for their CCIE exams. It will help security pros succeed in their day-to-day jobs and also get ready for their CCIE Security written and lab exams. Part of the Cisco CCIE Professional Development Series from Cisco Press, it is authored by a team of CCIEs who are world-class experts in their Cisco security disciplines, including co-creators of the CCIE Security v5 blueprint. Each chapter starts with relevant theory, presents configuration examples and applications, and concludes with practical troubleshooting. Volume 1 focuses on security policies and standards; infrastructure security; perimeter security (Next-Generation Firewall, Next-Generation Intrusion Prevention Systems, and Adaptive Security Appliance [ASA]), and the advanced threat protection and content security sections of the CCIE Security v5 blueprint. With a strong focus on interproduct integration, it also shows how to combine formerly disparate systems into a seamless, coherent next-generation security solution. Review security standards, create security policies, and organize security with Cisco SAFE architecture Understand and mitigate threats to network infrastructure, and protect the three planes of a network device Safeguard wireless networks, and mitigate risk on Cisco WLC and access points Secure the network perimeter with Cisco Adaptive Security Appliance (ASA) Configure Cisco Next-Generation Firewall Firepower Threat Defense (FTD) and operate security via Firepower Management Center (FMC) Detect and prevent intrusions with Cisco Next-Gen IPS, FTD, and FMC Configure and verify Cisco IOS firewall features such as ZBFW and address translation Deploy and configure the Cisco web and email security appliances to protect content and defend against advanced threats Implement Cisco Umbrella Secure Internet Gateway in the cloud as your first line of defense against internet threats Protect against new malware with Cisco Advanced Malware Protection and Cisco ThreatGrid