Aucun appareil Kindle n'est requis. Téléchargez l'une des applis Kindle gratuites et commencez à lire les livres Kindle sur votre smartphone, tablette ou ordinateur.

  • Apple
  • Android
  • Windows Phone
  • Android

Pour obtenir l'appli gratuite, saisissez votre adresse e-mail ou numéro de téléphone mobile.

Prix Kindle : EUR 25,84

EUR 38,87 (60%)

TVA incluse

Ces promotions seront appliquées à cet article :

Certaines promotions sont cumulables avec d'autres offres promotionnelles, d'autres non. Pour en savoir plus, veuillez vous référer aux conditions générales de ces promotions.

Envoyer sur votre Kindle ou un autre appareil

Envoyer sur votre Kindle ou un autre appareil

Repliez vers l'arrière Repliez vers l'avant
Narration Audible Lecture en cours... Interrompu   Vous écoutez un extrait de la narration Audible pour ce livre Kindle.
En savoir plus

Cisco Firewalls Format Kindle

5 étoiles sur 5 1 commentaire client

Voir les formats et éditions Masquer les autres formats et éditions
Prix Amazon
Neuf à partir de Occasion à partir de
Format Kindle
"Veuillez réessayer"
EUR 25,84

Longueur : 912 pages Composition améliorée: Activé Langue : Anglais
  • En raison de la taille importante du fichier, ce livre peut prendre plus de temps à télécharger

Ponts de mai 2016 Promo Ponts de mai 2016

Descriptions du produit

Revue de presse

Alexandre has worked with Cisco security technologies since the year 2000 and is a well recognized expert in the LATAM security community. He is a frequent speaker at Cisco Networkers and other security conferences and has helped in training partners and customers in Brazil. In this book, he proposes a totally different approach to the important subject of firewalls:  Instead of just presenting configuration models, he uses a set of carefully crafted examples to illustrate the theory in action. From the configuration fundamentals to advanced topics such as voice inspection, multicast, IPv6 and identity-based firewalls, the book unveils important details about the operations of Cisco firewall solutions, enabling the reader to better use this knowledge on security design.  A must-read !


--Luc Billot, Security Consulting Engineer at Cisco (Emerging Markets and European Market)


I think that Alexandre's book could have the alternative title 'Cisco Firewalls Illustrated.' The way in which he links theory and practice is really insightful and greatly helps in understanding individual features and making better use of them for security design. Definitely a reference work in the subject !


--Louis Senecal, CCIE 2198, Consulting Systems Engineer, Cisco (Canada)


In this fully illustrated tour of the world of Cisco Firewalls, Alexandre devotes a great deal of attention to data center-related topics. Network virtualization architecture and the protection of environments that include virtual machines figure among the important subjects covered in the book. For those that want to benefit from virtualization without compromising security, this work is highly recommended.


--David Gonzalez, CISSP #99462, Consulting Systems Engineer at Cisco ( LATAM)

Présentation de l'éditeur

Cisco Firewalls

Concepts, design and deployment for Cisco Stateful Firewall solutions


In this book, Alexandre proposes a totally different approach to the important subject of firewalls: Instead of just presenting configuration models, he uses a set of carefully crafted examples to illustrate the theory in action.¿A must read!—Luc Billot, Security Consulting Engineer at Cisco


Cisco Firewalls thoroughly explains each of the leading Cisco firewall products, features, and solutions, and shows how they can add value to any network security design or operation. The author tightly links theory with practice, demonstrating how to integrate Cisco firewalls into highly secure, self-defending networks. Cisco Firewalls shows you how to deploy Cisco firewalls as an essential component of every network infrastructure. The book takes the unique approach of illustrating complex configuration concepts through step-by-step examples that demonstrate the theory in action. This is the first book with detailed coverage of firewalling Unified Communications systems, network virtualization architectures, and environments that include virtual machines. The author also presents indispensable information about integrating firewalls with other security elements such as IPS, VPNs, and load balancers; as well as a complete introduction to firewalling IPv6 networks. Cisco Firewalls will be an indispensable resource for engineers and architects designing and implementing firewalls; security administrators, operators, and support professionals; and anyone preparing for the CCNA Security, CCNP Security, or CCIE Security certification exams.


Alexandre Matos da Silva Pires de Moraes, CCIE No. 6063, has worked as a Systems Engineer for Cisco Brazil since 1998 in projects that involve not only Security and VPN technologies but also Routing Protocol and Campus Design, IP Multicast Routing, and MPLS Networks Design. He coordinated a team of Security engineers in Brazil and holds the CISSP, CCSP, and three CCIE certifications (Routing/Switching, Security, and Service Provider). A frequent speaker at Cisco Live, he holds a degree in electronic engineering from the Instituto Tecnológico de Aeronáutica (ITA – Brazil).


·¿¿¿¿¿¿¿ Create advanced security designs utilizing the entire Cisco firewall product family

·¿¿¿¿¿¿¿ Choose the right firewalls based on your performance requirements

·¿¿¿¿¿¿¿ Learn firewall¿ configuration fundamentals and master the tools that provide insight about firewall operations

·¿¿¿¿¿¿¿ Properly insert firewalls in your network’s topology using Layer 3 or Layer 2 connectivity

·¿¿¿¿¿¿¿ Use Cisco firewalls as part of a robust, secure virtualization architecture

·¿¿¿¿¿¿¿ Deploy Cisco ASA firewalls with or without NAT

·¿¿¿¿¿¿¿ Take full advantage of the classic IOS firewall feature set (CBAC)

·¿¿¿¿¿¿¿ Implement flexible security policies with the Zone Policy Firewall (ZPF)

·¿¿¿¿¿¿¿ Strengthen stateful inspection with antispoofing, TCP normalization, connection limiting, and IP fragmentation handling

·¿¿¿¿¿¿¿ Use application-layer inspection capabilities built into Cisco firewalls

·¿¿¿¿¿¿¿ Inspect IP voice protocols, including SCCP, H.323, SIP, and MGCP

·¿¿¿¿¿¿¿ Utilize identity to provide user-based stateful functionality

·¿¿¿¿¿¿¿ Understand how multicast traffic is handled through firewalls

·¿¿¿¿¿¿¿ Use firewalls to protect your IPv6 deployments


This security book is part of the Cisco Press Networking Technology Series. Security titles from Cisco Press help networking professionals secure critical data and resources, prevent and mitigate network attacks, and build end-to-end, self-defending networks.

Détails sur le produit

  • Format : Format Kindle
  • Taille du fichier : 12143 KB
  • Nombre de pages de l'édition imprimée : 912 pages
  • Utilisation simultanée de l'appareil : Jusqu'à 5 appareils simultanés, selon les limites de l'éditeur
  • Editeur : Cisco Press; Édition : 1 (6 juin 2011)
  • Vendu par : Amazon Media EU S.à r.l.
  • Langue : Anglais
  • ASIN: B0055O2H5C
  • Synthèse vocale : Activée
  • X-Ray :
  • Word Wise: Non activé
  • Composition améliorée: Activé
  • Moyenne des commentaires client : 5.0 étoiles sur 5 1 commentaire client
  • Classement des meilleures ventes d'Amazon: n°675.231 dans la Boutique Kindle (Voir le Top 100 dans la Boutique Kindle)
  •  Voulez-vous faire un commentaire sur des images ou nous signaler un prix inférieur ?

Commentaires en ligne

5.0 étoiles sur 5
5 étoiles
4 étoiles
3 étoiles
2 étoiles
1 étoiles
Voir le commentaire client
Partagez votre opinion avec les autres clients

Meilleurs commentaires des clients

Format: Broché
Informations très utiles pour la compréhension, la configuration et la vie de tous les jours avec les pare-feux Cisco intégrés et en appliance. Mise en application très simple dans mon travail.
Remarque sur ce commentaire Avez-vous trouvé ce commentaire utile ? Oui Non Commentaire en cours d'envoi...
Merci pour votre commentaire.
Désolé, nous n'avons pas réussi à enregistrer votre vote. Veuillez réessayer
Signaler un abus

Commentaires client les plus utiles sur (beta) HASH(0x9867b684) étoiles sur 5 22 commentaires
14 internautes sur 14 ont trouvé ce commentaire utile 
HASH(0x986ac21c) étoiles sur 5 Firewall Functionality - Revisited!!! 3 août 2011
Par Ana - Publié sur
Format: Broché Achat vérifié
While reading the news on, I found a review that I believe may be useful to other readers (it really reflects my impressions of the book):

[...] (by Zeljka Zorz).

"There used to be a time when firewalls were considered a full proof solution for protecting networks, and that time is long gone. History has taught us there are no silver bullets
when it comes to computer and information security, but firewalls are still a great and versatile tool in the hands of those who know how to use them effectively. "Cisco Firewalls"
will tell you how.
The theory behind this book is that the reader should learn what every firewall feature brings to the table so that he could make an informed and correct decision when dealing with his own firewall situation.

In order to do that, the author covers both ASA-centric and IOS-based firewall deployments, and addresses the motivations for the use of features of each of those two types clearly.

The chapter on additional protection mechanisms is very interesting, and so are those that deal with application inspection and that of voice protocols.

It's helpful to point out at this point that advanced users are welcome to skip through chapters, but others should stick to the order given to them by the author, since many of the chapter build on the knowledge introduced in the previous one(s).

The most important thing about this book is that the it's chock full of meaningful and handy examples. This is not a simple handbook - it aims at making the reader think for himself, and make the connection between theory and practice easy and natural.

The last three chapters deal with how IP multicast tasks and the introduction of the IPv6 standard influence the choices on firewall features, and the book ends with a chapter that deals with security design. It is not overly comprehensive, and here is definitely where I could have enjoyed reading more about how new trends like mobility and cloud computing affect the notion of using firewall to protect the future borderless network. But, perhaps that is a subject for another book.

Final thoughts
This book is a must read for everyone who is charged with designing, implementing and deploying firewall solutions, and especially if they are Cisco's.
The author has had the interesting notion of using troubleshooting tools to help show how the various firewall features work, so that, in fact, troubleshooting is "performed"
throughout the book instead of at the end - and you'll be grateful for that"
15 internautes sur 16 ont trouvé ce commentaire utile 
HASH(0x986ac468) étoiles sur 5 An outstanding reference in firewalling 21 juin 2011
Par Rod - Publié sur
Format: Broché
If you are looking for a single reference on Cisco Firewalls that goes from design to deployment, this is the book for you.

It starts out with the basics of firewalling (the non-experts will appreciate), but gradually adds on new security aspects, with a lot of practical examples and configurations that provide a link with the theory. I didn't have a deep knowledge of Routing, Bridging, Multicast, VoIP or IPv6, but it was not a problem, as the author has included a good overview of those. The progression from example to example, chapter to chapter, is very logical and the book leads you from the basics to a very advanced level . Not a surprise since the author states that he has a passion for Mathematics.

Some chapters that deserve specific mention:

Chapter 4: Presents the tools that will be used in every chapter to illustrate the concepts

Chapter 5: Excellent introduction to IP Routing. Basic theory behind RIP, OSPF and EIGRP is covered. Not just a bunch of configuration commands.

Chapter 6: Network Virtualization is discussed at the architecture level with many of its typical components (VLANs, VRFs, virtual contexts) being assigned in very interesting use cases.

Chapter 8: ASA NAT (a difficult topic) is analyzed in detail. The way in which the author demonstrated the NAT precedence rules was very creative.

Chapter 9: Although CBAC is not anymore the recommend choice for IOS Firewalling, it is good to see it there. I still have some older routers that do not support ZFW.

Chapter 10: I like the way in which the building blocks of a Zone-based policy are put together. The examples are very instructive.

Chapter 11: Nice review of concepts such as Anti-spoofing, IP Options handling, IP Fragmentation and how they pertain to Firewalling

Chapter 12: Very good demonstration of Layer 7 inspection concepts (CBAC, ZFW, ASA)

Chapter 13: After presenting a quick taxonomy of the Voice Protocols, the author clearly shows why this set of protocols deserve special treatment. H.323, SIP, Skinny, MGCP are covered. And I finally understood TLS-Proxy and Phone-proxy features.

Chapter 14: Nice differentiation between "to the firewall" and "through the firewall" access control and good discussion about the appropriate authentication protocol for each case.

Chapter 15: Multicast. Good introduction. Interesting approach of using IOS and ASA and showing the perspective of each product.

Chapter 16: Good introduction to IPv6 and good summary of supported firewall features

Chapter 17: I do like this chapter. Very nice some to see recurring questions answered. How to take the most advantage of Firewall/IPS combination ? What are the filtering resources available for tunneled traffic ? Also presents design options for Firewall and SLB in a Data Center environment.

I found this book very insightful and I am sure it will soon become a reference. And I have no doubt I will be referring to it very often. Highly recommended.
11 internautes sur 12 ont trouvé ce commentaire utile 
HASH(0x986ac84c) étoiles sur 5 Review of book 4 juillet 2011
Par Teddy CCIE #7585 - Publié sur
Format: Broché Achat vérifié
I have been able to start reading the book and I can state that not only is this book written by a security specialist, but also by someone who truly understands the different contexts/environments in which a firewall can be placed. This is definitely a well-organized compendium with the foundations of network security and networking.

In my opinion, it has the following noteworthy points:

- Not just a collection of configuration recipes. This book is not simply about presenting configuration checklists and command explanations. The author presents the fundamental knowledge for each subject and he spices up each chapter with discussions over well-structured and realistic scenarios that will give the readers the capacity and tools to understand, recreate, design, troubleshoot and improve the networks they are in touch with.

- I am particularly fond of chapter 4. The idea of getting familiar with the firewall tools in an early chapter to illustrate "how stuff works" throughout the book, is really interesting. If you have this kind of knowledge it is certainly easier to employ each feature and avoid troubleshooting.

- Not one of those abstract and traditional what-a-firewall-is books. I found the author's approach to present the different purposes/roles that a firewall has really distinguishing. Surely, the reader will find the traditional subjects (e.g. packet filtering, stateful firewall) being covered, but the author takes these discussions to a higher level. With the hands-on labs presented in each chapter, it is possible to truly understand how things work. Moreover, the author talks about further features that firewalls have which are generally underrated. While reading this book, I have learned that a firewall can play important roles in voice, multicast and routing scenarios - with presented theory and discussed scenarios.

- Compendium with the foundations of network security and networking. Even though this is a Cisco labeled book, prospective buyers shouldn't think that its purpose is to just serve as a certification study guide or a configuration guide for Cisco Firewalls. This book dwells between the network security and computer networking realms. It presents valuable knowledge to those who either work with or are interested in either (or both) domains. Furthermore, readers don't need to be either a security specialist or a network guru to take full advantage of this book because the author makes it very easy and practical for anyone to follow the reading. Of course, the information presented is made concrete into Cisco Firewalls commands and how they work. But it could be easily extrapolated to other vendors. This must not be a negative aspect of this book.

- And for those who are dealing with PIX or ASA for a while, the chapters on NAT are a real treatise on the subject.

Very worth reading... Definitely !!!
12 internautes sur 14 ont trouvé ce commentaire utile 
HASH(0x986ac714) étoiles sur 5 A reader's review from Spain 26 juin 2011
Par Fernando Bitti Loureiro - Publié sur
Format: Broché Achat vérifié
This book is a precious finding, and honestly I find the title very modest for what it really is. It's much more than "Cisco Firewalls" in 2 aspects.

First, it's not ASA-centric, as there is a huge amount of IOS-related information in parallel with ASA related info, facilitating the understanding of differences between products therefore helping to select the most suited solution for each environment.

Second, I found it very useful as Security professionals must protect various important networking topics without having to read a book on each topic. After an initial study on Routing and bridging, IP telephony, multicast, IPv6, etc (each in its separate chapter), Alexandre (the author) always analyses how the firewalls fits into any of these environments. Instead of a boring explanation of line by line commands, Alexandre clearly explains how the firewall works in every scenario. Such vision is specially important for project designs and configuration but also for troubleshooting.

It's specially easy to read and very practical. I'd strongly recommend with a 5 stars rating.
6 internautes sur 6 ont trouvé ce commentaire utile 
HASH(0x986ac630) étoiles sur 5 Really helped me on my final sprint to Security CCIE ! 12 août 2011
Par Bruno CCIE #29869 - Publié sur
Format: Broché
Examples, Examples, Examples... But much more than configs !

It's very easy to perceive the author's commitment with illustrating the concepts and making

life easier with respect to understanding the operation of Firewall functionalities (doesn't matter

if you are dealing with CBAC, Zone-based Firewall or ASA).

Some remarkable points:

a) Chapter 4 is a must read for anyone that wants to understand Network Security

b) Chapter 6 goes far beyond Security Contexts and showcases the interactions between virtualization


c) Chapter 8 (NAT on ASA) and the appendix covering the NAT changes introduced by release 8.3 are indispensable.

ASA NAT has always been a challenge for any CCIE candidate and this book came to remove all the barriers.

d) Chapter 10: very organized way of teaching the Zone-based Firewall

e) Chapter 11: nice to see a review of topics such as IP Options, TTL, IP Fragmentation before getting into the discussion

about their security implications. Very creative use of Netflow to demonstrate what's going on.

f) Chapter 12: detailed coverage of Application Inspection capabilities (CBAC, Zone Firewall, ASA)

g) Chapter 13: impressive amount of Telephony protocols coverage. ASA "show" and "debug" commands are awesome and

provide very good visibility.

h) Chapter 17: Interesting discussions pertaining to Security design. First place where I found a good coverage of Firewall <> VPN

interactions. (How to protect traffic inside the tunnels, how NAT interferes with VPN, etc).

I have been working hard for quite a while on my prep to the lab, but the book made me much more confident that I could succeed.

Great work !!!
Ces commentaires ont-ils été utiles ? Dites-le-nous

Discussions entre clients