Cisco ISE for BYOD and Secure Unified Access (2nd Edition) (Networking Technology: Security)

Aaron Woland, Jamey Heary

  • 出版商: Cisco Press
  • 出版日期: 2017-06-16
  • 售價: $2,450
  • 貴賓價: 9.5$2,328
  • 語言: 英文
  • 頁數: 912
  • 裝訂: Paperback
  • ISBN: 1587144735
  • ISBN-13: 9781587144738
  • 相關分類: Cisco資訊安全
  • 立即出貨 (庫存=1)

買這商品的人也買了...

商品描述

Fully updated: The complete guide to Cisco Identity Services Engine solutions


Using Cisco Secure Access Architecture and Cisco Identity Services Engine, you can secure and gain control of access to your networks in a Bring Your Own Device (BYOD) world.


This second edition of Cisco ISE for BYOD and Secure Unified Accesscontains more than eight brand-new chapters as well as extensively updated coverage of all the previous topics in the first edition book to reflect the latest technologies, features, and best practices of the ISE solution. It begins by reviewing today’s business case for identity solutions. Next, you walk through ISE foundational topics and ISE design. Then you explore how to build an access security policy using the building blocks of ISE. Next are the in-depth and advanced ISE configuration sections, followed by the troubleshooting and monitoring chapters. Finally, we go in depth on the new TACACS+ device administration solution that is new to ISE and to this second edition.


With this book, you will gain an understanding of ISE configuration, such as identifying users, devices, and security posture; learn about Cisco Secure Access solutions; and master advanced techniques for securing access to networks, from dynamic segmentation to guest access and everything in between.


Drawing on their cutting-edge experience supporting Cisco enterprise customers, the authors offer in-depth coverage of the complete lifecycle for all relevant ISE solutions, making this book a cornerstone resource whether you’re an architect, engineer, operator, or IT manager.


·         Review evolving security challenges associated with borderless networks, ubiquitous mobility, and consumerized IT

·         Understand Cisco Secure Access, the Identity Services Engine (ISE), and the building blocks of complete solutions

·         Design an ISE-enabled network, plan/distribute ISE functions, and prepare for rollout

·         Build context-aware security policies for network access, devices, accounting, and audit

·         Configure device profiles, visibility, endpoint posture assessments, and guest services

·         Implement secure guest lifecycle management, from WebAuth to sponsored guest access

·         Configure ISE, network access devices, and supplicants, step by step

·         Apply best practices to avoid the pitfalls of BYOD secure access

·         Set up efficient distributed ISE deployments

·         Provide remote access VPNs with ASA and Cisco ISE

·         Simplify administration with self-service onboarding and registration

·         Deploy security group access with Cisco TrustSec

·         Prepare for high availability and disaster scenarios

·         Implement passive identities via ISE-PIC and EZ Connect

·         Implement TACACS+ using ISE

·         Monitor, maintain, and troubleshoot ISE and your entire Secure Access system

·         Administer device AAA with Cisco IOS, WLC, and Nexus

 

商品描述(中文翻譯)

全面更新:Cisco Identity Services Engine解決方案的完整指南

使用Cisco Secure Access Architecture和Cisco Identity Services Engine,您可以在BYOD(自帶設備)世界中保護和控制對網絡的訪問。

這本第二版的《Cisco ISE for BYOD and Secure Unified Access》包含了八個全新章節,以及對第一版書中所有先前主題的廣泛更新,以反映ISE解決方案的最新技術、功能和最佳實踐。首先,它回顧了當今身份解決方案的商業案例。接下來,您將深入研究ISE的基礎主題和ISE設計。然後,您將探索如何使用ISE的構建模塊構建訪問安全策略。接下來是ISE配置的深入和高級部分,然後是故障排除和監控章節。最後,我們深入研究了ISE和本書第二版中新增的TACACS+設備管理解決方案。

通過閱讀本書,您將了解ISE配置,例如識別用戶、設備和安全狀態;了解Cisco Secure Access解決方案;並掌握保護網絡訪問的高級技術,從動態分割到訪客訪問等等。

作者們基於他們支持Cisco企業客戶的尖端經驗,深入介紹了所有相關ISE解決方案的完整生命周期,使本書成為架構師、工程師、運營商或IT經理的基石資源。

·         回顧與無邊界網絡、普及的移動性和消費化IT相關的不斷演變的安全挑戰
·         了解Cisco Secure Access、Identity Services Engine(ISE)和完整解決方案的構建模塊
·         設計支持ISE的網絡,規劃/分發ISE功能,並為部署做好準備
·         為網絡訪問、設備、帳戶和審計構建上下文感知的安全策略
·         配置設備配置文件、可見性、端點姿態評估和訪客服務
·         實施安全的訪客生命周期管理,從WebAuth到贊助的訪客訪問
·         逐步配置ISE、網絡訪問設備和請求者
·         運用最佳實踐避免BYOD安全訪問的陷阱
·         部署高效的分佈式ISE部署
·         使用ASA和Cisco ISE提供遠程訪問VPN
·         通過自助註冊和註冊簡化管理
·         使用Cisco TrustSec部署安全組訪問
·         為高可用性和災難情況做好準備
·         通過ISE-PIC和EZ Connect實施被動身份
·         使用ISE實施TACACS+
·         監控、維護和排除ISE和整個Secure Access系統
·         使用Cisco IOS、WLC和Nexus管理設備AAA