Commencez à lire Cisco Secure Firewall Services Module (FWSM) sur votre Kindle dans moins d'une minute. Vous n'avez pas encore de Kindle ? Achetez-le ici Ou commencez à lire dès maintenant avec l'une de nos applications de lecture Kindle gratuites.

Envoyer sur votre Kindle ou un autre appareil

 
 
 

Essai gratuit

Découvrez gratuitement un extrait de ce titre

Envoyer sur votre Kindle ou un autre appareil

Cisco Secure Firewall Services Module (FWSM)
 
Agrandissez cette image
 

Cisco Secure Firewall Services Module (FWSM) [Format Kindle]

Ray Blair , Arvind Durai

Prix conseillé : EUR 33,98 De quoi s'agit-il ?
Prix éditeur - format imprimé : EUR 55,84
Prix Kindle : EUR 23,79 TTC & envoi gratuit via réseau sans fil par Amazon Whispernet
Économisez : EUR 32,05 (57%)

App de lecture Kindle gratuite Tout le monde peut lire les livres Kindle, même sans un appareil Kindle, grâce à l'appli Kindle GRATUITE pour les smartphones, les tablettes et les ordinateurs.

Pour obtenir l'appli gratuite, saisissez votre adresse e-mail ou numéro de téléphone mobile.

Formats

Prix Amazon Neuf à partir de Occasion à partir de
Format Kindle EUR 23,79  
Broché EUR 55,93  




Descriptions du produit

Présentation de l'éditeur

Cisco Secure Firewall Services Module (FWSM)

 

Best practices for securing networks with FWSM

 

Ray Blair, CCIE® No. 7050

Arvind Durai, CCIE No. 7016

 

The Firewall Services Module (FWSM) is a high-performance stateful-inspection firewall that integrates into the Cisco® 6500 switch and 7600 router chassis. The FWSM monitors traffic flows using application inspection engines to provide a strong level of network security. The FWSM defines the security parameter and enables the enforcement of security policies through authentication, access control lists, and protocol inspection. The FWSM is a key component to anyone deploying network security.

 

Cisco Secure Firewall Services Module (FWSM) covers all aspects of the FWSM. The book provides a detailed look at how the FWSM processes information, as well as installation advice, configuration details, recommendations for network integration, and reviews of operation and management. This book provides you with a single source that comprehensively answers how and why the FWSM functions as it does. This information enables you to successfully deploy the FWSM and gain the greatest functional benefit from your deployment. Practical examples throughout show you how other customers have successfully deployed the FWSM.

 

By reading this book, you will learn how the FWSM functions, the differences between the FWSM and the ASA Security Appliance, how to implement and maintain the FWSM, the latest features of the FWSM, and how to configure common installations.

 

Ray Blair, CCIE® No. 7050, is a consulting systems architect who has been with Cisco for more than 8 years, working primarily on security and large network designs. He has 20 years of experience in designing, implementing, and maintaining networks that have included nearly all networking technologies. Mr. Blair maintains three CCIE certifications in Routing and Switching, Security, and Service Provider. He is also a CNE and a CISSP.

 

Arvind Durai, CCIE No. 7016, is an advanced services technical leader for Cisco. His primary responsibility has been in supporting major Cisco customers in the enterprise sector. One of his focuses has been on security, and he has authored several white papers and design guides in various technologies. Mr. Durai maintains two CCIE certifications, in Routing and Switching and Security.

 

  • Understand modes of operation, security levels, and contexts for the FWSM
  • Configure routing protocols and the host-chassis to support the FWSM
  • Deploy ACLs and Authentication, Authorization, and Accounting (AAA)
  • Apply class and policy maps
  • Configure multiple FWSMs for failover support
  • Configure application and protocol inspection
  • Filter traffic using filter servers, ActiveX, and Java filtering functions
  • Learn how IP multicast and the FWSM interact
  • Increase performance with firewall load balancing
  • Configure IPv6 and asymmetric routing
  • Mitigate network attacks using shunning, anti-spoofing, connection limits, and timeouts
  • Examine network design, management, and troubleshooting best practices

 

This security book is part of the Cisco Press® Networking Technology series. Security titles from Cisco Press help networking professionals secure critical data and resources, prevent and mitigate network attacks, and build end-to-end self-defending networks.

 

Category: Networking: Security

Covers: Firewall security

Quatrième de couverture

Cisco Secure Firewall Services Module (FWSM)

 

Best practices for securing networks with FWSM

 

Ray Blair, CCIE® No. 7050

Arvind Durai, CCIE No. 7016

 

The Firewall Services Module (FWSM) is a high-performance stateful-inspection firewall that integrates into the Cisco® 6500 switch and 7600 router chassis. The FWSM monitors traffic flows using application inspection engines to provide a strong level of network security. The FWSM defines the security parameter and enables the enforcement of security policies through authentication, access control lists, and protocol inspection. The FWSM is a key component to anyone deploying network security.

 

Cisco Secure Firewall Services Module (FWSM) covers all aspects of the FWSM. The book provides a detailed look at how the FWSM processes information, as well as installation advice, configuration details, recommendations for network integration, and reviews of operation and management. This book provides you with a single source that comprehensively answers how and why the FWSM functions as it does. This information enables you to successfully deploy the FWSM and gain the greatest functional benefit from your deployment. Practical examples throughout show you how other customers have successfully deployed the FWSM.

 

By reading this book, you will learn how the FWSM functions, the differences between the FWSM and the ASA Security Appliance, how to implement and maintain the FWSM, the latest features of the FWSM, and how to configure common installations.

 

Ray Blair, CCIE® No. 7050, is a consulting systems architect who has been with Cisco for more than 8 years, working primarily on security and large network designs. He has 20 years of experience in designing, implementing, and maintaining networks that have included nearly all networking technologies. Mr. Blair maintains three CCIE certifications in Routing and Switching, Security, and Service Provider. He is also a CNE and a CISSP.

 

Arvind Durai, CCIE No. 7016, is an advanced services technical leader for Cisco. His primary responsibility has been in supporting major Cisco customers in the enterprise sector. One of his focuses has been on security, and he has authored several white papers and design guides in various technologies. Mr. Durai maintains two CCIE certifications, in Routing and Switching and Security.

 

  • Understand modes of operation, security levels, and contexts for the FWSM
  • Configure routing protocols and the host-chassis to support the FWSM
  • Deploy ACLs and Authentication, Authorization, and Accounting (AAA)
  • Apply class and policy maps
  • Configure multiple FWSMs for failover support
  • Configure application and protocol inspection
  • Filter traffic using filter servers, ActiveX, and Java filtering functions
  • Learn how IP multicast and the FWSM interact
  • Increase performance with firewall load balancing
  • Configure IPv6 and asymmetric routing
  • Mitigate network attacks using shunning, anti-spoofing, connection limits, and timeouts
  • Examine network design, management, and troubleshooting best practices

 

This security book is part of the Cisco Press® Networking Technology series. Security titles from Cisco Press help networking professionals secure critical data and resources, prevent and mitigate network attacks, and build end-to-end self-defending networks.

 

Category: Networking: Security

Covers: Firewall security

 


Détails sur le produit

  • Format : Format Kindle
  • Taille du fichier : 5889 KB
  • Nombre de pages de l'édition imprimée : 528 pages
  • Utilisation simultanée de l'appareil : Jusqu'à  appareils simultanés, selon les limites de l'éditeur
  • Editeur : Cisco Press; Édition : 1 (29 août 2008)
  • Vendu par : Amazon Media EU S.à r.l.
  • Langue : Anglais
  • ASIN: B001GSTOAW
  • Synthèse vocale : Activée
  • X-Ray :
  • Word Wise: Non activé
  • Classement des meilleures ventes d'Amazon: n°385.531 dans la Boutique Kindle (Voir le Top 100 dans la Boutique Kindle)
  •  Souhaitez-vous faire modifier les images ?


En savoir plus sur l'auteur

Découvrez des livres, informez-vous sur les écrivains, lisez des blogs d'auteurs et bien plus encore.

Commentaires en ligne

Il n'y a pas encore de commentaires clients sur Amazon.fr
5 étoiles
4 étoiles
3 étoiles
2 étoiles
1 étoiles
Commentaires client les plus utiles sur Amazon.com (beta)
Amazon.com: 3.2 étoiles sur 5  5 commentaires
4.0 étoiles sur 5 Complex Security Material Made Easy 9 janvier 2009
Par Hernan Cortes - Publié sur Amazon.com
Format:Broché
The Cisco Press book, Cisco Secure Firewall Services Module (FWSM), written by Ray Blair and Arvind Durai promises the reader that he would be given 'an in-depth understanding of the FWSM' particularly 'for those who design, implement, or maintain the FWSM.' I would venture to write that this book delivers this and more. Written at a level accessible to a majority of readers, i.e. high school and beyond, this technical narrative helps to facilitate the rapid adoption of a product which would otherwise require a great deal of time and training resources necessary to successfully implement in a production network. To assist in achieving understanding of the complex topics related to network security and the FWSM, the book is replete with easy-to-grasp diagrams and simple to detailed module configuration examples. The text itself is terse though engaging, direct and even humorous in parts which aids in maintaining the reader's attention and prolonged interest in the difficult subject matter. Concepts are presented in clear and understandable language which also promotes rapid digestion of the material.

Of particular interest to this reviewer was the topic related to security contexts, a concept which prior to reading this manual was difficult to understand much less implement. However, after having read the overview of the product in chapter two followed by the security contexts material resident in chapter five and the configuration chapter seven, I am confidant of the technical knowledge gained to be able to quickly and securely configure this extraordinary feature of the product.

This manual is the perfect desk side companion to the information made available about the Firewall Services Module on the support section of Cisco's web site. Blair and Durai, both CCIEs, have provided security experts and the newcomer to the field a fine technical work which delivers comprehensive detail of the product and their real world experience designing for and implementing security solutions with the Firewall Services Module. Due to their vast and proven experience in the industry and due to their facile writing style, this reviewer looks forward to more titles written by this team.
4.0 étoiles sur 5 Excellent guide for the practitioner. 31 décembre 2008
Par TimH - Publié sur Amazon.com
Format:Broché
Cisco secure firewall services module FWSM
Best practices for securing networks with FWSM.

The authors note that this book is written for the user that has to have an in-depth understanding of their new FWSM and its operation. I absolutely agree that the book is rich in detail and delves deeply into the underpinnings of the new FWSM. If you have a background in PIX or the new ASA you will be right at home learning the nuances of the chassis mount evolution of the product line.

As both authors are CCIE holders they are fully qualified to discuss and contrast the various best practices of firewall and network design as well as the unlimited implementation possibilities of the FWSM. They are kind enough to begin at the beginning and explain the various kinds of firewalls available to the modern day security engineer/designer and how the FWSM fits in with its own unique capabilities.

Everything you would expect to be covered in a cisco press title is of course present and well laid out. But Wait, There's More! Blair and Durai not only present the basics of the physical characteristics of the device itself but go into how to physically secure the installation of the blade giving common sense but well needed tips on access control to the device rack etc. I've seen too many installations where the trusted equipment is racked up in a janitor's closet or other non-secure space just waiting for an enterprising bad actor to come along and mess with the IT staff if not perform full fledged attacks.

The FWSMs configuration power and flexibility comes in the concept of contexts. Contexts are virtual firewalls implemented within the single physical FWSM device. The FWSM can support up to 250 contexts depending on your license. The authors advise that implementing too many contexts can oversubscribe the firewall and cause performance issues. The context chapter fully describes how to balance resources to provide the greatest possible throughput with the least hardware necessary.

With the full fledged reliance on the internet to perform almost all daily business transactions Availability is of prime importance. The connections to the internet must be available 7X24X365. The FWSM helps to accomplish this goal by the use of high availability pairs. Blair and Durai give an entire chapter to the configuration and testing of Active/Standby and Active/Active configurations. Add the complexity of multiple contexts within the pairs and you'll be glad you have these guys leading you through the configuration maze. Another full chapter digs deeper into load balancing with multiple FWSMs which could also be pairs, with multiple contexts... You get the idea.

The book would be just fine if it is only intended to be a reference manual. However the authors go beyond the call by providing their years of expertise with network infrastructure examples including every command to implement the various layouts provided. They go on to provide detailed examples of how to use this new infrastructure to provide the services necessary to support a modern network installation. This includes VPN termination, various routing protocols, and even touches on the latest design goal of Regulatory Compliance and how to achieve it at the network level.

As you can tell by now I fully encourage you to acquire this book if you have to have detailed hands-on interaction with the FWSM. It is probably overkill for the occasional user or management. The cisco site has all you'll need to understand the basics of the FWSM and how it could fit into your organization. But once it has been bought and delivered this book will help you get it up and running and securing your network.

Tim M. Heagarty, CISSP, CISA, GCIA, PCI QSA
3.0 étoiles sur 5 Okay, for a newbie 29 octobre 2008
Par RC - Publié sur Amazon.com
Format:Broché|Achat vérifié
This book is a high-level guide for getting started. It isn't very deep in technical instructions or guidance. It provides a framework for getting started and working with the Firewall Services Module. Unfortunately, there isn't much printed materials available for purchase. It is satisfactory/sufficient for getting started. Additional research may be required for troubleshooting and for further explanation.
4.0 étoiles sur 5 very functional 15 septembre 2008
Par W Boudville - Publié sur Amazon.com
Format:Broché
This book is effectively the user's manual for Cisco's FWSM. I don't know if the module comes with other documentation, but this text is probably what you should use for an indepth explanation of the product.

Cisco has put a fair amount of functionality into FWSM. Using and controlling this functionality can be done via the network. Naturally, the remote access is mediated by a standard username and password combination. This can be compared with local configured user data stored in the FWSM. Or, in an interesting feature, with user data at an external server. The latter feature reflects a possible data centre usage, where you have several FWSMs deployed, and you want to centralise sysadmin data in one server.

Another key feature is the failover mechanism. Where the firewall has 2 units. These can be set in active/standby or active/active modes. There are 2 FWSM modules, that jointly offer a physical redundancy. The book shows that synchronising these peer modules is straightforward. Obviously this costs more, but the improved reliability should be attractive or even necessary to some data centre sysadmins.
Comment
0 internautes sur 1 ont trouvé ce commentaire utile 
1.0 étoiles sur 5 This book contains a lot of errors 12 juillet 2009
Par Casey Sermons - Publié sur Amazon.com
Format:Broché|Achat vérifié
This book contains a lot of typographical errors. I wasn't sure if the configurations were right sometimes. I would download the configuration guide off Cisco's web site instead of ordering this book.
Ces commentaires ont-ils été utiles ?   Dites-le-nous

Discussions entre clients

Le forum concernant ce produit
Discussion Réponses Message le plus récent
Pas de discussions pour l'instant

Posez des questions, partagez votre opinion, gagnez en compréhension
Démarrer une nouvelle discussion
Thème:
Première publication:
Aller s'identifier
 

Rechercher parmi les discussions des clients
Rechercher dans toutes les discussions Amazon
   


Rechercher des articles similaires par rubrique