Description

Book Synopsis

The essential reference for security pros and CCIE Security candidates: policies, standards, infrastructure/perimeter and content security, and threat protection

Integrated Security Technologies and Solutions – Volume I offers one-stop expert-level instruction in security design, deployment, integration, and support methodologies to help security professionals manage complex solutions and prepare for their CCIE exams. It will help security pros succeed in their day-to-day jobs and also get ready for their CCIE Security written and lab exams.

Part of the Cisco CCIE Professional Development Series from Cisco Press, it is authored by a team of CCIEs who are world-class experts in their Cisco security disciplines, including co-creators of the CCIE Security v5 blueprint. Each chapter starts with relevant theory, presents configuration examples and applications, and concludes with practical troubleshooting.

Volume 1 focuses on security policies and standards; infrastructure security; perimeter security (Next-Generation Firewall, Next-Generation Intrusion Prevention Systems, and Adaptive Security Appliance [ASA]), and the advanced threat protection and content security sections of the CCIE Security v5 blueprint. With a strong focus on interproduct integration, it also shows how to combine formerly disparate systems into a seamless, coherent next-generation security solution.

  • Review security standards, create security policies, and organize security with Cisco SAFE architecture
  • Understand and mitigate threats to network infrastructure, and protect the three planes of a network device
  • Safeguard wireless networks, and mitigate risk on Cisco WLC and access points
  • Secure the network perimeter with Cisco Adaptive Security Appliance (ASA)
  • Configure Cisco Next-Generation Firewall Firepower Threat Defense (FTD) and operate security via Firepower Management Center (FMC)
  • Detect and prevent intrusions with Cisco Next-Gen IPS, FTD, and FMC
  • Configure and verify Cisco IOS firewall features such as ZBFW and address translation
  • Deploy and configure the Cisco web and email security appliances to protect content and defend against advanced threats
  • Implement Cisco Umbrella Secure Internet Gateway in the cloud as your first line of defense against internet threats
  • Protect against new malware with Cisco Advanced Malware Protection and Cisco ThreatGrid


Table of Contents

Introduction xxv
Part I Hi There! This Is Network Security 1
Chapter 1 Let’s Talk About Network Security 3
Know Thy Enemy 4
Know Thy Self 6
Security Standards and Frameworks 9
Regulatory Compliance 15
Payment Card Industry Data Security Standard (PCI DSS) 16
Security Models 18
Integrating Security Solutions 23
Summary 25
References 25
Chapter 2 Infrastructure Security and Segmentation 27
The Three Planes 27
Securing the Management Plane 28
Securing the Control Plane 38
Securing the Data Plane 49
Visibility with NetFlow 76
Summary 77
References 78
Chapter 3 Wireless Security 79
What Is Wireless? 79
Wireless Security Overview 90
Securing the WLAN 94
Configuring Wireless Protection Policies 98
Management and Control Plane Protection 114
Integrating a WLC with Other Security Solutions 120
Summary 122
References 122
Part II Deny IP any any 123
Chapter 4 Firewalling with the ASA 125
ASA Fundamentals 125
Traffic with the ASA 151
ASA Advanced Features 167
Advanced Firewall Tuning 172
Troubleshooting the ASA 176
Summary 180
References 181
Chapter 5 Next-Gen Firewalls 183
Firepower Deployment Options 184
Configuring Firepower Threat Defense 186
Access Control Policies 206
Analysis and Reporting 229
Summary 237
References 238
Chapter 6 Next-Gen Intrusion Detection and Prevention 239
NGIPS Overview 239
Cisco NGIPS Appliances 248
Snort 256
Configuring a NGIPS 267
Operationalizing a NGIPS 283
Summary 296
References 297
Chapter 7 IOS Firewall and Security Features 299
Network Address Translation (NAT) 299
Zone-Based Firewall (ZBF) 309
IOS Advanced Security Features 319
Summary 331
References 331
Part III

EHLO. You have threat in content 333
Chapter 8 Content Security and Advanced Threat Protection 335
Content Security Overview 335
Web Security Appliance 336
Email Security Appliance 370
Security Management Appliance 390
Summary 391
References 391
Chapter 9 Umbrella and the Secure Internet Gateway 393
Umbrella Fundamentals 393
Umbrella Overview Dashboard 399
Deploying Umbrella 401
Cisco Investigate 423
Summary 425
References 425
Chapter 10 Protecting Against Advanced Malware 427
Introduction to Advanced Malware Protection (AMP) 427
Role of the AMP Cloud 429
Doing Security Differently 430
The Cloud 437
Cloud Proxy Mode 438
Air Gap Mode 440
Threat Grid 442
The Clean Interface 446
The Administrative Interface 446
The Dirty Interface 446
Comparing Public and Private Deployments 446
AMP for Networks 447
AMP for Endpoints 457
Custom Detections 462
AMP for Windows 474
Mac Policies 490
Linux Policies 495
AMP for Android 497
Groups, Groups, and More Groups 498
The Download Connector Screen 499
Distributing via Cisco AnyConnect 500
Installing AMP for Windows 501
Installing AMP for Mac 503
Installing AMP for Linux 504
Proxy Complications 511
AMP for Content Security 513
Content Security Connectors 513
Configuring AMP for Content Security Appliances 514
Configuring the Web Security Appliance (WSA) Devices 515
Configuring the Email Security Appliance (ESA) Devices 519
AMP Reports 522
Summary 524
9781587147067, TOC, 4/16/2018

Integrated Security Technologies and Solutions - Volume I: Cisco Security Solutions for Advanced Threat Protection with Next Generation Firewall, Intrusion Prevention, AMP, and Content Security

    Product form

    £53.09

    Includes FREE delivery

    RRP £58.99 – you save £5.90 (10%)

    Order before 4pm today for delivery by Mon 15 Jun 2026.

    A Paperback by Aaron Woland, Vivek Santuka, Mason Harris

    1 in stock

      Trusted by thousands of customers. See 2,385+ Customer Reviews

      View other formats and editions of Integrated Security Technologies and Solutions - Volume I: Cisco Security Solutions for Advanced Threat Protection with Next Generation Firewall, Intrusion Prevention, AMP, and Content Security by Aaron Woland

      Publisher: Pearson Education (US)
      Publication Date: 30/07/2018
      ISBN13: 9781587147067, 978-1587147067
      ISBN10:
      Also in:
      Computing Computer certification: Cisco Network security

      Description

      Book Synopsis

      The essential reference for security pros and CCIE Security candidates: policies, standards, infrastructure/perimeter and content security, and threat protection

      Integrated Security Technologies and Solutions – Volume I offers one-stop expert-level instruction in security design, deployment, integration, and support methodologies to help security professionals manage complex solutions and prepare for their CCIE exams. It will help security pros succeed in their day-to-day jobs and also get ready for their CCIE Security written and lab exams.

      Part of the Cisco CCIE Professional Development Series from Cisco Press, it is authored by a team of CCIEs who are world-class experts in their Cisco security disciplines, including co-creators of the CCIE Security v5 blueprint. Each chapter starts with relevant theory, presents configuration examples and applications, and concludes with practical troubleshooting.

      Volume 1 focuses on security policies and standards; infrastructure security; perimeter security (Next-Generation Firewall, Next-Generation Intrusion Prevention Systems, and Adaptive Security Appliance [ASA]), and the advanced threat protection and content security sections of the CCIE Security v5 blueprint. With a strong focus on interproduct integration, it also shows how to combine formerly disparate systems into a seamless, coherent next-generation security solution.

      • Review security standards, create security policies, and organize security with Cisco SAFE architecture
      • Understand and mitigate threats to network infrastructure, and protect the three planes of a network device
      • Safeguard wireless networks, and mitigate risk on Cisco WLC and access points
      • Secure the network perimeter with Cisco Adaptive Security Appliance (ASA)
      • Configure Cisco Next-Generation Firewall Firepower Threat Defense (FTD) and operate security via Firepower Management Center (FMC)
      • Detect and prevent intrusions with Cisco Next-Gen IPS, FTD, and FMC
      • Configure and verify Cisco IOS firewall features such as ZBFW and address translation
      • Deploy and configure the Cisco web and email security appliances to protect content and defend against advanced threats
      • Implement Cisco Umbrella Secure Internet Gateway in the cloud as your first line of defense against internet threats
      • Protect against new malware with Cisco Advanced Malware Protection and Cisco ThreatGrid


      Table of Contents

      Introduction xxv
      Part I Hi There! This Is Network Security 1
      Chapter 1 Let’s Talk About Network Security 3
      Know Thy Enemy 4
      Know Thy Self 6
      Security Standards and Frameworks 9
      Regulatory Compliance 15
      Payment Card Industry Data Security Standard (PCI DSS) 16
      Security Models 18
      Integrating Security Solutions 23
      Summary 25
      References 25
      Chapter 2 Infrastructure Security and Segmentation 27
      The Three Planes 27
      Securing the Management Plane 28
      Securing the Control Plane 38
      Securing the Data Plane 49
      Visibility with NetFlow 76
      Summary 77
      References 78
      Chapter 3 Wireless Security 79
      What Is Wireless? 79
      Wireless Security Overview 90
      Securing the WLAN 94
      Configuring Wireless Protection Policies 98
      Management and Control Plane Protection 114
      Integrating a WLC with Other Security Solutions 120
      Summary 122
      References 122
      Part II Deny IP any any 123
      Chapter 4 Firewalling with the ASA 125
      ASA Fundamentals 125
      Traffic with the ASA 151
      ASA Advanced Features 167
      Advanced Firewall Tuning 172
      Troubleshooting the ASA 176
      Summary 180
      References 181
      Chapter 5 Next-Gen Firewalls 183
      Firepower Deployment Options 184
      Configuring Firepower Threat Defense 186
      Access Control Policies 206
      Analysis and Reporting 229
      Summary 237
      References 238
      Chapter 6 Next-Gen Intrusion Detection and Prevention 239
      NGIPS Overview 239
      Cisco NGIPS Appliances 248
      Snort 256
      Configuring a NGIPS 267
      Operationalizing a NGIPS 283
      Summary 296
      References 297
      Chapter 7 IOS Firewall and Security Features 299
      Network Address Translation (NAT) 299
      Zone-Based Firewall (ZBF) 309
      IOS Advanced Security Features 319
      Summary 331
      References 331
      Part III

      EHLO. You have threat in content 333
      Chapter 8 Content Security and Advanced Threat Protection 335
      Content Security Overview 335
      Web Security Appliance 336
      Email Security Appliance 370
      Security Management Appliance 390
      Summary 391
      References 391
      Chapter 9 Umbrella and the Secure Internet Gateway 393
      Umbrella Fundamentals 393
      Umbrella Overview Dashboard 399
      Deploying Umbrella 401
      Cisco Investigate 423
      Summary 425
      References 425
      Chapter 10 Protecting Against Advanced Malware 427
      Introduction to Advanced Malware Protection (AMP) 427
      Role of the AMP Cloud 429
      Doing Security Differently 430
      The Cloud 437
      Cloud Proxy Mode 438
      Air Gap Mode 440
      Threat Grid 442
      The Clean Interface 446
      The Administrative Interface 446
      The Dirty Interface 446
      Comparing Public and Private Deployments 446
      AMP for Networks 447
      AMP for Endpoints 457
      Custom Detections 462
      AMP for Windows 474
      Mac Policies 490
      Linux Policies 495
      AMP for Android 497
      Groups, Groups, and More Groups 498
      The Download Connector Screen 499
      Distributing via Cisco AnyConnect 500
      Installing AMP for Windows 501
      Installing AMP for Mac 503
      Installing AMP for Linux 504
      Proxy Complications 511
      AMP for Content Security 513
      Content Security Connectors 513
      Configuring AMP for Content Security Appliances 514
      Configuring the Web Security Appliance (WSA) Devices 515
      Configuring the Email Security Appliance (ESA) Devices 519
      AMP Reports 522
      Summary 524
      9781587147067, TOC, 4/16/2018

      Recently viewed products

      © 2026 Book Curl

        • American Express
        • Apple Pay
        • Diners Club
        • Discover
        • Google Pay
        • Maestro
        • Mastercard
        • PayPal
        • Shop Pay
        • Union Pay
        • Visa

        Login

        Forgot your password?

        Don't have an account yet?
        Create account