Atjaunināt sīkdatņu piekrišanu

E-grāmata: SSL Remote Access VPNs (Network Security)

4.00/5 (10 ratings by Goodreads)
,
  • Formāts: 376 pages
  • Izdošanas datums: 10-Jun-2008
  • Izdevniecība: Cisco Press
  • Valoda: eng
  • ISBN-13: 9780132796835
Citas grāmatas par šo tēmu:
  • Formāts - EPUB+DRM
  • Cena: 24,88 €*
  • * ši ir gala cena, t.i., netiek piemērotas nekādas papildus atlaides
  • Ielikt grozā
  • Pievienot vēlmju sarakstam
  • Šī e-grāmata paredzēta tikai personīgai lietošanai. E-grāmatas nav iespējams atgriezt un nauda par iegādātajām e-grāmatām netiek atmaksāta.
SSL Remote Access VPNs (Network Security)Palielināt
  • Formāts: 376 pages
  • Izdošanas datums: 10-Jun-2008
  • Izdevniecība: Cisco Press
  • Valoda: eng
  • ISBN-13: 9780132796835
Citas grāmatas par šo tēmu:

DRM restrictions

  • Kopēšana (kopēt/ievietot):

    nav atļauts

  • Drukāšana:

    nav atļauts

  • Lietošana:

    Digitālo tiesību pārvaldība (Digital Rights Management (DRM))
    Izdevējs ir piegādājis šo grāmatu šifrētā veidā, kas nozīmē, ka jums ir jāinstalē bezmaksas programmatūra, lai to atbloķētu un lasītu. Lai lasītu šo e-grāmatu, jums ir jāizveido Adobe ID. Vairāk informācijas šeit. E-grāmatu var lasīt un lejupielādēt līdz 6 ierīcēm (vienam lietotājam ar vienu un to pašu Adobe ID).

    Nepieciešamā programmatūra
    Lai lasītu šo e-grāmatu mobilajā ierīcē (tālrunī vai planšetdatorā), jums būs jāinstalē šī bezmaksas lietotne: PocketBook Reader (iOS / Android)

    Lai lejupielādētu un lasītu šo e-grāmatu datorā vai Mac datorā, jums ir nepieciešamid Adobe Digital Editions (šī ir bezmaksas lietotne, kas īpaši izstrādāta e-grāmatām. Tā nav tas pats, kas Adobe Reader, kas, iespējams, jau ir jūsu datorā.)

    Jūs nevarat lasīt šo e-grāmatu, izmantojot Amazon Kindle.

SSL Remote Access VPNs

 

An introduction to designing and configuring SSL virtual private networks

 

Jazib Frahim, CCIE® No. 5459

Qiang Huang, CCIE No. 4937

 

Cisco® SSL VPN solutions (formerly known as Cisco WebVPN solutions) give you a flexible and secure way to extend networking resources to virtually any remote user with access to the Internet and a web browser. Remote access based on SSL VPN delivers secure access to network resources by establishing an encrypted tunnel across the Internet using a broadband (cable or DSL) or ISP dialup connection.

 

SSL Remote Access VPNs provides you with a basic working knowledge of SSL virtual private networks on Cisco SSL VPN-capable devices. Design guidance is provided to assist you in implementing SSL VPN in existing network infrastructures. This includes examining existing hardware and software to determine whether they are SSL VPN capable, providing design recommendations, and guiding you on setting up the Cisco SSL VPN devices. Common deployment scenarios are covered to assist you in deploying an SSL VPN in your network.

 

SSL Remote Access VPNs gives you everything you need to know to understand, design, install, configure, and troubleshoot all the components that make up an effective, secure SSL VPN solution.

 

Jazib Frahim, CCIE® No. 5459, is currently working as a technical leader in the Worldwide Security Services Practice of the Cisco Advanced Services for Network Security. He is responsible for guiding customers in the design and implementation of their networks, with a focus on network security. He holds two CCIEs, one in routing and switching and the other in security.

 

Qiang Huang, CCIE No. 4937, is a product manager in the Cisco Campus Switch System Technology Group, focusing on driving the security and intelligent services roadmap for market-leading modular Ethernet switching platforms. During his time at Cisco, Qiang has played an important role in a number of technology groups, including the Cisco TAC security and VPN team, where he was responsible for trouble-shooting complicated customer deployments in security and VPN solutions. Qiang has extensive knowledge of security and VPN technologies and experience in real-life customer deployments. Qiang holds CCIE certifications in routing and switching, security, and

ISP Dial.

 





Understand remote access VPN technologies, such as Point-to-Point Tunneling Protocol (PPTP), Internet Protocol Security (IPsec), Layer 2 Forwarding (L2F), Layer 2 Tunneling (L2TP) over IPsec, and SSL VPN





Learn about the building blocks of SSL VPN, including cryptographic algorithms and SSL and Transport Layer Security (TLS)





Evaluate common design best practices for planning and designing an SSL VPN solution





Gain insight into SSL VPN functionality on Cisco Adaptive Security Appliance (ASA) and Cisco IOS® routers Install and configure SSL VPNs on Cisco ASA and Cisco IOS routers Manage your SSL VPN deployment using Cisco Security Manager

 

This security book is part of the Cisco Press® Networking Technology Series. Security titles from Cisco Press help networking professionals secure critical data and resources, prevent and mitigate network attacks, and build end-to-end self-defending networks.

 

Category: Networking: Security

Covers: SSL VPNs

 

Papildus informācija

SSL Remote Access VPNs An introduction to designing and configuring SSL virtual private networks Jazib Frahim, CCIE(R) No. 5459 Qiang Huang, CCIE No. 4937 Cisco(R) SSL VPN solutions (formerly known as Cisco WebVPN solutions) give you a flexible and secure way to extend networking resources to virtually any remote user with access to the Internet and a web browser. Remote access based on SSL VPN delivers secure access to network resources by establishing an encrypted tunnel across the Internet using a broadband (cable or DSL) or ISP dialup connection. SSL Remote Access VPNs provides you with a basic working knowledge of SSL virtual private networks on Cisco SSL VPN-capable devices. Design guidance is provided to assist you in implementing SSL VPN in existing network infrastructures. This includes examining existing hardware and software to determine whether they are SSL VPN capable, providing design recommendations, and guiding you on setting up the Cisco SSL VPN devices. Common deployment scenarios are covered to assist you in deploying an SSL VPN in your network. SSL Remote Access VPNs gives you everything you need to know to understand, design, install, configure, and troubleshoot all the components that make up an effective, secure SSL VPN solution. Jazib Frahim, CCIE(R) No. 5459, is currently working as a technical leader in the Worldwide Security Services Practice of the Cisco Advanced Services for Network Security. He is responsible for guiding customers in the design and implementation of their networks, with a focus on network security. He holds two CCIEs, one in routing and switching and the other in security. Qiang Huang, CCIE No. 4937, is a product manager in the Cisco Campus Switch System Technology Group, focusing on driving the security and intelligent services roadmap for market-leading modular Ethernet switching platforms. During his time at Cisco, Qiang has played an important role in a number of technology groups, including the Cisco TAC security and VPN team, where he was responsible for trouble-shooting complicated customer deployments in security and VPN solutions. Qiang has extensive knowledge of security and VPN technologies and experience in real-life customer deployments. Qiang holds CCIE certifications in routing and switching, security, and ISP Dial. *Understand remote access VPN technologies, such as Point-to-Point Tunneling Protocol (PPTP), Internet Protocol Security (IPsec), Layer 2 Forwarding (L2F), Layer 2 Tunneling (L2TP) over IPsec, and SSL VPN*Learn about the building blocks of SSL VPN, including cryptographic algorithms and SSL and Transport Layer Security (TLS)*Evaluate common design best practices for planning and designing an SSL VPN solution*Gain insight into SSL VPN functionality on Cisco Adaptive Security Appliance (ASA) and Cisco IOS(R) routers *Install and configure SSL VPNs on Cisco ASA and Cisco IOS routers *Manage your SSL VPN deployment using Cisco Security Manager This security book is part of the Cisco Press(R) Networking Technology Series. Security titles from Cisco Press help networking professionals secure critical data and resources, prevent and mitigate network attacks, and build end-to-end self-defending networks. Category: Networking: Security Covers: SSL VPNs
Introduction xviii
Introduction To Remote Access Vpn Technologies
3(14)
Remote Access Technologies
5(1)
Ipsec
5(2)
Software-Based Vpn Clients
7(1)
Hardware-Based Vpn Clients
7(1)
Ssl Vpn
7(1)
Ssl Vpn
7(2)
L2Tp
9(2)
L2Tp Over Ipsec
11(2)
Pptp
13(1)
Summary
14(3)
Ssl Vpn Technology
17(46)
Crytographic Building Blocks Of Ssl Vpns
17(13)
Hashing And Message Integrity Authentication
17(1)
Hashing
18(1)
Message Authentication Code
18(2)
Encryption
20(1)
Rc4
21(1)
Des And 3Des
22(1)
Aes
22(1)
Diffie-Hellman
23(1)
Rsa And Dsa
24(1)
Digital Signatures And Digital Certification
24(1)
Digital Signatures
24(1)
Public Key Infrastructure, Digital Certificates, And Certification
25(5)
Ssl And Tls
30(19)
Ssl And Tls History
30(1)
Ssl Protocols Overview
31(1)
Osl Layer Placement And Tcp/Ip Protocol Support
31(2)
Ssl Record Protocol And Handshake Protocols
33(1)
Ssl Connection Setup
34(8)
Application Data
42(1)
Case Study: Ssl Connection Setup
43(5)
Dtls
48(1)
Ssl Vpn
49(10)
Reverse Proxy Technology
50(2)
Url Mangling
52(1)
Content Rewriting
53(2)
Port-Forwarding Technology
55(3)
Terminal Services
58(1)
Ssl Vpn Tunnel Client
58(1)
Summary
59(1)
References
60(3)
Ssl Vpn Design Considerations
63(22)
Not All Resource Access Methods Are Equal
63(2)
User Authentication And Access Privilege Management
65(5)
User Authentication
66(1)
Choice Of Authentication Servers
66(1)
Aaa Server Scalability And High Availability
67(1)
Aaa Server Scalability
67(1)
Aaa Server High Availability And Resiliency
68(1)
Resource Access Privilege Management
68(2)
Security Considerations
70(8)
Security Threats
71(1)
Lack Of Security On Unmanaged Computers
71(1)
Data Theft
71(1)
Man-In-The-Middle Attacks
72(1)
Web Application Attack
73(1)
Spread Of Viruses, Worms, And Trojans From Remote Computers To The Internal Network
73(1)
Split Tunneling
73(1)
Password Attacks
74(1)
Security Risk Mitigation
74(1)
Strong User Authentication And Password Policy
75(1)
Choose Strong Cryptographic Algorithms
75(1)
Session Timeout And Persistent Sessions
75(1)
Endpoint Security Posture Assessment And Validation
75(1)
Vpn Session Data Protection
76(1)
Techniques To Prevent Data Theft
76(1)
Web Application Firewalls, Intrusion Prevention Systems, And Antivirus And Network Admission Control Technologies
77(1)
Device Placement
78(1)
Platform Options
79(1)
Virtualization
79(1)
High Availability
80(1)
Performance And Scalability
81(1)
Summary
82(1)
References
82(3)
Cisco Ssl Vpn Family Of Products
85(8)
Overview Of Cisco Ssl Vpn Product Portfolio
85(2)
Cisco Asa 5500 Series
87(3)
Ssl Vpn History On Cisco Asa
87(1)
Ssl Vpn Specifications On Cisco Asa
88(1)
Ssl Vpn Licenses On Cisco Asa
89(1)
Cisco Ios Routers
90(1)
Ssl Vpn History On Cisco Ios Routers
90(1)
Ssl Vpn Licenses On Cisco Ios Routers
90(1)
Summary
91(2)
Ssl Vpns On Cisco Asa
93(130)
Ssl Vpn Design Considerations
93(2)
Ssl Vpn Prerequisites
95(2)
Ssl Vpn Licenses
95(1)
Client Operating System And Browser And Software Requirements
96(1)
Infrastructure Requirements
97(1)
Pre-Ssl Vpn Configuration Guide
97(17)
Enrolling Digital Certificates (Recommended)
98(1)
Configuring A Trustpoint
98(1)
Obtaining A Ca Certificate
99(1)
Obtaining An Identity Certificate
100(1)
Setting Up Asdm
101(1)
Uploading Asdm
102(1)
Setting Up The Appliance
103(1)
Accessing Asdm
104(2)
Setting Up Tunnel And Group Policies
106(1)
Configuring Group-Policies
107(3)
Configuring A Tunnel Group
110(1)
Setting Up User Authentication
110(4)
Clientless Ssl Vpn Configuration Guide
114(38)
Enabling Clientless Ssl Vpn On An Interface
116(1)
Configuring Ssl Vpn Portal Customization
117(1)
Logon Page
118(5)
Portal Page
123(2)
Logout Page
125(1)
Portal Customization And User Group
126(3)
Full Customization
129(5)
Configuring Bookmarks
134(1)
Configuring Websites
135(2)
Configuring File Servers
137(2)
Applying A Bookmark List To A Group Policy
139(1)
Single Sign-On
140(1)
Configuring Web-Type Acls
141(3)
Configuring Application Access
144(1)
Configuring Port Forwarding
144(3)
Configuring Smart Tunnels
147(3)
Configuring Client-Server Plug-Ins
150(2)
Anyconnect Vpn Client Configurin Guide
152(12)
Loading The Svc Package
154(1)
Defining Anyconnect Vpn Client Attributes
155(1)
Enabling Anyconnect Vpn Client Functionality
155(1)
Defining A Pool Of Addresses
156(3)
Configuring Traffic Filters
159(1)
Configuring A Tunnel Group
159(1)
Advanced Full Tunnel Features
159(1)
Split Tunneling
159(2)
Dns And Wins Assignment
161(1)
Keeping The Ssl Vpn Client Installed
162(1)
Configuring Dtls
163(1)
Cisco Secure Desktop
164(18)
Csd Components
165(1)
Secure Desktop Manager
165(1)
Secure Desktop
165(1)
Cache Cleaner
166(1)
Csd Requirements
166(1)
Supported Operating Systems
166(1)
User Privileges
167(1)
Supported Internet Browsers
167(1)
Internet Browser Settings
167(1)
Csd Architecture
168(1)
Configuring Csd
169(1)
Loading The Csd Package
169(1)
Defining Prelogin Sequences
170(12)
Host Scan
182(7)
Host Scan Modules
183(1)
Basic Host Scan
183(1)
Endpoint Assessment
183(1)
Advanced Endpoint Assessment
184(1)
Configuring Host Scan
184(1)
Setting Up Basic Host Scan
184(2)
Enabling Endpoint Host Scan
186(1)
Setting Up An Advanced Endpoint Host Scan
187(2)
Dynamic Access Policies
189(16)
Dap Architecture
190(1)
Dap Records
191(1)
Dap Selection Rules
191(1)
Dap Configuration File
191(1)
Dap Sequence Of Events
191(1)
Configuring Dap
192(1)
Selecting A Aaa Attribute
193(2)
Selecting Endpoint Attributes
195(2)
Defining Access Policies
197(8)
Deployment Scenarios
205(7)
Anyconnect Client With Csd And External Authentication
206(1)
Set Up Csd
207(1)
Set Up Radius For Authentication
207(1)
Configure Anyconnect Ssl Vpn
208(1)
Clientless Connections With Dap
209(1)
Define Clientless Connections
210(1)
Configuring Dap
211(1)
Monitoring And Troubleshooting Ssl Vpn
212(8)
Monitoring Ssl Vpn
215(1)
Troublshooting SSL VPN
215(1)
Troubleshooting Ssl Negotiations
215(1)
Troubleshooting Anyconnect Client Issues
215(2)
Troubleshooting Clientless Issues
217(2)
Troubleshooting Csd
219(1)
Troubleshooting Dap
219(1)
Summary
220(3)
Ssl Vpns On Cisco Ios Routers
223(90)
Ssl Vpn Design Considerations
223(2)
Ios Ssl Vpn Prerequisites
225(1)
Ios Ssl Vpn Configuration Guide
226(21)
Configuring Pre-Ssl Vpn Setup
226(1)
Setting Up User Authentication
226(3)
Enrolling Digital Certificates (Recommended)
229(3)
Loading Sdm (Recommended)
232(3)
Initial Ssl Vpn Configuration
235(2)
Setting Up An Ssl Vpn Gateway
237(2)
Setting Up An Ssl Vpn Context
239(2)
Configuring Ssl Vpn Look And Feel
241(4)
Configuring Ssl Vpn Group Policies
245(2)
Advanced Ssl Vpn Features
247(29)
Configuring Clientless Ssl Vpns
247(6)
Windows File Sharing
253(4)
Configuring Application Acl
257(2)
Thin Client Ssl Vpns
259(2)
Defining Port-Forwarding Lists
261(1)
Mapping Port-Forwarding Lists To A Grop Policy
262(2)
Anyconnet Ssl Vpn Client
264(1)
Loading The Anyconnect Package
264(2)
Defining Anyconnect Vpn Client Attributes
266(10)
Cisco Secure Desktop
276(25)
Csd Components
277(1)
Secure Desktop Manager
277(1)
Secure Desktop
277(1)
Cache Cleaner
278(1)
Csd Requirements
278(1)
Supported Operating Systems
278(1)
User Privileges
279(1)
Supportd Internet Browsers
279(1)
Internet Browser Settings
279(1)
Csd Architecture
280(1)
Configuring Csd
281(1)
Loading The Csd Package
282(1)
Launching The Csd Package
283(1)
Defining Policies For Windows-Based Clients
283(15)
Defining Policies For Windows Ce
298(1)
Defining Policies For The Mac And Linux Cache Cleaner
298(3)
Deployment Scenarios
301(6)
Clientless Connections With Csd
301(1)
User Authentication And Dns
302(1)
Set Up Csd
303(1)
Define Clientless Connections
303(1)
Anyconnect Client And External Authentication
304(1)
Set Up Radius For Authentication
305(1)
Install The Anyconnect Ssl Vpn
306(1)
Configure Anyconnect Ssl Vpn Properties
306(1)
Monitoring An Ssl Vpn In Cisco Ios
307(4)
Summary
311(2)
Management Of Ssl Vpns
313(19)
Multidevice Policy Provisioning
314(8)
Device View And Policy View
314(1)
Device View
314(4)
Policy View
318(2)
Use Of Common Objects For Multidevice Management
320(2)
Workflow Control And Role-Based Access Control
322(9)
Workflow Control
323(1)
Workflow Mode
324(2)
Role-Based Administration
326(1)
Native Mode
326(1)
Cisco Secure Acs Integration Mode
327(4)
Summary
331(1)
References
331(1)
Index 332
Jazib Frahim, CCIE No. 5459, has been with Cisco for more than nine years. Having a bachelors degree in computer engineering from Illinois Institute of Technology, he started out as a TAC engineer in the LAN Switching team. He then moved to the TAC Security team, where he acted as a technical leader for the security products. He led a team of 20 engineers in resolving complicated security and VPN technologies. He is currently working as a technical leader in the Worldwide Security Services Practice of Advanced Services for Network Security. He is responsible for guiding customers in the design and implementation of their networks with a focus on network security. He holds two CCIEs, one in routing and switching and the other in security. He has written numerous Cisco online technical documents and has been an active member on the Cisco online forum NetPro. He has presented at Networkers on multiple occasions and has taught many on-site and online courses to Cisco customers, partners, and employees.

 

He has recently received his master of business administration (MBA) degree from North Carolina State University. He is also an author of the following Cisco Press books: Cisco Network Admission Control, Volume II: NAC Deployment and Troubleshooting, and Cisco ASA: All-in-One Firewall, IPS, and VPN Adaptive Security Appliance.

 

Qiang Huang, CCIE No. 4937, is a product manager in the Cisco Systems Campus Switch System Technology Group, focusing on driving the security and intelligent services roadmap for Cisco marketleading modular Ethernet switching platforms. He has been with Cisco for almost ten years. During his time at Cisco, Qiang played an important role in a number of technology groups including the following: technical lead in the Cisco TAC security and VPN team, where he was responsible for troubleshooting complicated customer deployments in security and VPN solutions; a security consulting engineer in the Cisco Advanced Service Group, providing security posture assessment and consulting services to customers; a technical marketing engineer focusing on competitive analysis and market intelligence in network security with specialization in the emerging SSL VPN technology. Qiang has extensive knowledge of security and VPN technologies and experience in real-life customer deployments. Qiang holds CCIE certifications in routing and switching, security, and ISP dial. He is also one of the contributing authors of Internetworking Technologies Handbook, Fourth Edition. Qiang received a masters degree in electrical engineering from Colorado State University.

 
Biežāk uzdotie jautājumi par e-grāmatām Biežāk uzdotie jautājumi par e-grāmatām
Permanent link: https://www.kriso.lv/db/97801327968356e.html
Keywords: