Cisco Firewalls, Rough Cuts

Rough Cuts

  • Available to Safari Subscribers
  • About Rough Cuts

    • Rough Cuts are manuscripts that are developed but not yet published, available through Safari. Rough Cuts provide you access to the very latest information on a given topic and offer you the opportunity to interact with the author to influence the final publication.

Not for Sale
  • Description
  • Sample Content
  • Updates
  • Copyright 2011
  • Dimensions: 7-3/8 X 9-1/8
  • Pages: 800
  • Edition: 1st
  • Rough Cuts
  • ISBN-10: 1-58714-115-9
  • ISBN-13: 978-1-58714-115-7

This is the Rough Cut version of the printed book.

Cisco Firewalls

Concepts, design and deployment for Cisco Stateful Firewall solutions

In this book, Alexandre proposes a totally different approach to the important subject of firewalls: Instead of just presenting configuration models, he uses a set of carefully crafted examples to illustrate the theory in action. A must read!—Luc Billot, Security Consulting Engineer at Cisco

Cisco Firewalls thoroughly explains each of the leading Cisco firewall products, features, and solutions, and shows how they can add value to any network security design or operation. The author tightly links theory with practice, demonstrating how to integrate Cisco firewalls into highly secure, self-defending networks. Cisco Firewalls shows you how to deploy Cisco firewalls as an essential component of every network infrastructure. The book takes the unique approach of illustrating complex configuration concepts through step-by-step examples that demonstrate the theory in action. This is the first book with detailed coverage of firewalling Unified Communications systems, network virtualization architectures, and environments that include virtual machines. The author also presents indispensable information about integrating firewalls with other security elements such as IPS, VPNs, and load balancers; as well as a complete introduction to firewalling IPv6 networks. Cisco Firewalls will be an indispensable resource for engineers and architects designing and implementing firewalls; security administrators, operators, and support professionals; and anyone preparing for the CCNA Security, CCNP Security, or CCIE Security certification exams.

Alexandre Matos da Silva Pires de Moraes, CCIE No. 6063, has worked as a Systems Engineer for Cisco Brazil since 1998 in projects that involve not only Security and VPN technologies but also Routing Protocol and Campus Design, IP Multicast Routing, and MPLS Networks Design. He coordinated a team of Security engineers in Brazil and holds the CISSP, CCSP, and three CCIE certifications (Routing/Switching, Security, and Service Provider). A frequent speaker at Cisco Live, he holds a degree in electronic engineering from the Instituto Tecnológico de Aeronáutica (ITA – Brazil).

·        Create advanced security designs utilizing the entire Cisco firewall product family

·        Choose the right firewalls based on your performance requirements

·        Learn firewall  configuration fundamentals and master the tools that provide insight about firewall operations

·        Properly insert firewalls in your network’s topology using Layer 3 or Layer 2 connectivity

·        Use Cisco firewalls as part of a robust, secure virtualization architecture

·        Deploy Cisco ASA firewalls with or without NAT

·        Take full advantage of the classic IOS firewall feature set (CBAC)

·        Implement flexible security policies with the Zone Policy Firewall (ZPF)

·        Strengthen stateful

Table of Contents

Foreword

Introduction

Chapter 1: Firewalls and Network Security

Security Is a Must. But, Where to Start?

Firewalls and Domains of Trust

Firewall Insertion in the Network Topology

    Routed Mode Versus Transparent Mode

    Network Address Translation and Port Address Translation

Main Categories of Network Firewalls

    Packet Filters

    Circuit-Level Proxies

    Application-Level Proxies

    Stateful Firewalls

The Evolution of Stateful Firewalls

    Application Awareness

    Identity Awareness

    Leveraging the Routing Table for Protection Tasks

    Virtual Firewalls and Network Segmentation

What Type of Stateful Firewall?

    Firewall Appliances

    Router-Based Firewalls

    Switch-Based Firewalls

Classic Topologies Using Stateful Firewalls

Stateful Firewalls and Security Design

    Stateful Firewalls and VPNs

    Stateful Firewalls and Intrusion Prevention

    Stateful Firewalls and Specialized Security Appliances

Summary

Chapter 2: Cisco Firewall Families Overview

Overview of ASA Appliances

    Positioning of ASA Appliances

    Firewall Performance Parameters

    Overview of ASA Hardware Models

Overview of the Firewall Services Module

Overview of IOS-Based Integrated Firewalls

    Integrated Services Routers

    Aggregation Services Routers

Summary