Cisco Secure Firewall Services Module (FWSM)

Ray Blair, Arvind Durai

  • 出版商: Cisco Press
  • 出版日期: 2008-08-29
  • 定價: $2,240
  • 售價: 8.0$1,792
  • 語言: 英文
  • 頁數: 528
  • 裝訂: Paperback
  • ISBN: 1587053535
  • ISBN-13: 9781587053535
  • 相關分類: Cisco
  • 立即出貨 (庫存 < 4)

買這商品的人也買了...

商品描述

Cisco Secure Firewall Services Module (FWSM)

 

Best practices for securing networks with FWSM

 

Ray Blair, CCIE® No. 7050

Arvind Durai, CCIE No. 7016

 

The Firewall Services Module (FWSM) is a high-performance stateful-inspection firewall that integrates into the Cisco® 6500 switch and 7600 router chassis. The FWSM monitors traffic flows using application inspection engines to provide a strong level of network security. The FWSM defines the security parameter and enables the enforcement of security policies through authentication, access control lists, and protocol inspection. The FWSM is a key component to anyone deploying network security.

 

Cisco Secure Firewall Services Module (FWSM) covers all aspects of the FWSM. The book provides a detailed look at how the FWSM processes information, as well as installation advice, configuration details, recommendations for network integration, and reviews of operation and management. This book provides you with a single source that comprehensively answers how and why the FWSM functions as it does. This information enables you to successfully deploy the FWSM and gain the greatest functional benefit from your deployment. Practical examples throughout show you how other customers have successfully deployed the FWSM.

 

By reading this book, you will learn how the FWSM functions, the differences between the FWSM and the ASA Security Appliance, how to implement and maintain the FWSM, the latest features of the FWSM, and how to configure common installations.

 

Ray Blair, CCIE® No. 7050, is a consulting systems architect who has been with Cisco for more than 8 years, working primarily on security and large network designs. He has 20 years of experience in designing, implementing, and maintaining networks that have included nearly all networking technologies. Mr. Blair maintains three CCIE certifications in Routing and Switching, Security, and Service Provider. He is also a CNE and a CISSP.

 

Arvind Durai, CCIE No. 7016, is an advanced services technical leader for Cisco. His primary responsibility has been in supporting major Cisco customers in the enterprise sector. One of his focuses has been on security, and he has authored several white papers and design guides in various technologies. Mr. Durai maintains two CCIE certifications, in Routing and Switching and Security.

 

  • Understand modes of operation, security levels, and contexts for the FWSM
  • Configure routing protocols and the host-chassis to support the FWSM
  • Deploy ACLs and Authentication, Authorization, and Accounting (AAA)
  • Apply class and policy maps
  • Configure multiple FWSMs for failover support
  • Configure application and protocol inspection
  • Filter traffic using filter servers, ActiveX, and Java filtering functions
  • Learn how IP multicast and the FWSM interact
  • Increase performance with firewall load balancing
  • Configure IPv6 and asymmetric routing
  • Mitigate network attacks using shunning, anti-spoofing, connection limits, and timeouts
  • Examine network design, management, and troubleshooting best practices

 

This security book is part of the Cisco Press® Networking Technology series. Security titles from Cisco Press help networking professionals secure critical data and resources, prevent and mitigate network attacks, and build end-to-end self-defending networks.

 

Category: Networking: Security

Covers: Firewall security

 

商品描述(中文翻譯)

《Cisco Secure Firewall Services Module (FWSM)》

《Cisco Secure Firewall Services Module (FWSM)》是一本關於FWSM的書籍。該書詳細介紹了FWSM的信息處理過程,並提供安裝建議、配置細節、網絡集成建議以及操作和管理評論。這本書為您提供了一個全面回答FWSM如何運作的單一來源。這些信息使您能夠成功部署FWSM並從中獲得最大的功能效益。書中的實際示例展示了其他客戶如何成功部署FWSM。

通過閱讀本書,您將學習到FWSM的功能、FWSM與ASA安全設備之間的區別、如何實施和維護FWSM、FWSM的最新功能以及如何配置常見的安裝。

Ray Blair, CCIE® No. 7050,是一位顧問系統架構師,已在思科工作超過8年,主要從事安全和大型網絡設計。他擁有20年的網絡設計、實施和維護網絡的經驗,其中包括幾乎所有的網絡技術。Blair先生擁有路由和交換、安全和服務提供商三個CCIE認證。他還是一位CNE和CISSP。

Arvind Durai, CCIE No. 7016,是思科的高級服務技術領導者。他的主要職責是支持企業部門的重要思科客戶。他的其中一個重點是安全,他在各種技術領域撰寫了幾篇白皮書和設計指南。Durai先生擁有路由和交換以及安全兩個CCIE認證。

本書包括以下內容:
- 了解FWSM的操作模式、安全級別和上下文
- 配置路由協議和主機-機箱以支持FWSM
- 部署ACL和AAA(身份驗證、授權和計費)
- 應用類和策略映射
- 配置多個FWSM以支持故障轉移
- 配置應用程序和協議檢查
- 使用過濾器服務器、ActiveX和Java過濾功能過濾流量
- 了解IP多播和FWSM的交互作用
- 通過防火牆負載平衡提高性能
- 配置IPv6和非對稱路由
- 通過屏蔽、防欺騙、連接限制和超時來減輕網絡攻擊
- 檢查網絡設計、管理和故障排除的最佳實踐

這本安全書是思科出版社的《網絡技術系列》的一部分。思科出版社的安全書籍幫助網絡專業人士保護關鍵數據和資源,預防和緩解網絡攻擊,構建端到端的自衛網絡。