I'm a student
I'm an educator
Request full copy

Integrated Security Technologies and Solutions - Volume I: Cisco Security Solutions for Advanced Threat Protection with Next Generation Firewall, Intrusion Prevention, AMP, and Content Security, 1st edition

Published by Cisco Press (May 14, 2018) © 2018

  • Aaron Woland
  • Vivek Santuka
  • Mason Harris
  • Jamie Sanbower
$63.99

  • A print text (hardcover or paperback) 
  • Free shipping
  • Also available for purchase as an ebook from all major ebook resellers, including InformIT.com

Integrated Security Technologies and Solutions — Volume I offers one-stop expert-level instruction in security design, deployment, integration, and support methodologies to help security professionals manage complex solutions and prepare for their CCIE exams. It will help security pros succeed in their day-to-day jobs and also get ready for their CCIE Security written and lab exams.


Part of the Cisco CCIE Professional Development Series from Cisco Press, it is authored by a team of CCIEs who are world-class experts in their Cisco security disciplines, including co-creators of the CCIE Security v5 blueprint. Each chapter starts with relevant theory, presents configuration examples and applications, and concludes with practical troubleshooting.

Volume 1 focuses on security policies and standards; infrastructure security; perimeter security (Next-Generation Firewall, Next-Generation Intrusion Prevention Systems, and Adaptive Security Appliance [ASA]), and the advanced threat protection and content security sections of the CCIE Security v5 blueprint. With a strong focus on interproduct integration, it also shows how to combine formerly disparate systems into a seamless, coherent next-generation security solution.


  • The must-have ready-reference for all Cisco security students
  • First of two volumes: Volume 1 focuses on network security, next-generation firewalling and intrusion prevention, and advanced threat and content security
  • Discover how Cisco firewalls, IPS systems, access control, and other security products and solutions integrate in the real world

    Introduction xxv
Part I Hi There! This Is Network Security 1
Chapter 1 Let’s Talk About Network Security 3
    Know Thy Enemy 4
    Know Thy Self 6
    Security Standards and Frameworks 9
    Regulatory Compliance 15
    Payment Card Industry Data Security Standard (PCI DSS) 16
    Security Models 18
    Integrating Security Solutions 23
    Summary 25
    References 25
Chapter 2 Infrastructure Security and Segmentation 27
    The Three Planes 27
    Securing the Management Plane 28
    Securing the Control Plane 38
    Securing the Data Plane 49
    Visibility with NetFlow 76
    Summary 77
    References 78
Chapter 3 Wireless Security 79
    What Is Wireless? 79
    Wireless Security Overview 90
    Securing the WLAN 94
    Configuring Wireless Protection Policies 98
    Management and Control Plane Protection 114
    Integrating a WLC with Other Security Solutions 120
    Summary 122
    References 122
Part II Deny IP any any 123
Chapter 4 Firewalling with the ASA 125
    ASA Fundamentals 125
    Traffic with the ASA 151
    ASA Advanced Features 167
    Advanced Firewall Tuning 172
    Troubleshooting the ASA 176
    Summary 180
    References 181
Chapter 5 Next-Gen Firewalls 183
    Firepower Deployment Options 184
    Configuring Firepower Threat Defense 186
    Access Control Policies 206
    Analysis and Reporting 229
    Summary 237
    References 238
Chapter 6 Next-Gen Intrusion Detection and Prevention 239
    NGIPS Overview 239
    Cisco NGIPS Appliances 248
    Snort 256
    Configuring a NGIPS 267
    Operationalizing a NGIPS 283
    Summary 296
    References 297
Chapter 7 IOS Firewall and Security Features 299
    Network Address Translation (NAT) 299
    Zone-Based Firewall (ZBF) 309
    IOS Advanced Security Features 319
    Summary 331
    References 331
Part III <HTML> EHLO. You have threat in content </HTML> 333
Chapter 8 Content Security and Advanced Threat Protection 335
    Content Security Overview 335
    Web Security Appliance 336
    Email Security Appliance 370
    Security Management Appliance 390
    Summary 391
    References 391
Chapter 9 Umbrella and the Secure Internet Gateway 393
    Umbrella Fundamentals 393
    Umbrella Overview Dashboard 399
    Deploying Umbrella 401
    Cisco Investigate 423
    Summary 425
    References 425
Chapter 10 Protecting Against Advanced Malware 427
    Introduction to Advanced Malware Protection (AMP) 427
    Role of the AMP Cloud 429
    Doing Security Differently 430
    The Cloud 437
    Cloud Proxy Mode 438
    Air Gap Mode 440
    Threat Grid 442
    The Clean Interface 446
    The Administrative Interface 446
    The Dirty Interface 446
    Comparing Public and Private Deployments 446
    AMP for Networks 447
    AMP for Endpoints 457
    Custom Detections 462
    AMP for Windows 474
    Mac Policies 490
    Linux Policies 495
    AMP for Android 497
    Groups, Groups, and More Groups 498
    The Download Connector Screen 499
    Distributing via Cisco AnyConnect 500
    Installing AMP for Windows 501
    Installing AMP for Mac 503
    Installing AMP for Linux 504
    Proxy Complications 511
    AMP for Content Security 513
    Content Security Connectors 513
    Configuring AMP for Content Security Appliances 514
    Configuring the Web Security Appliance (WSA) Devices 515
    Configuring the Email Security Appliance (ESA) Devices 519
    AMP Reports 522
    Summary 524
9781587147067, TOC, 4/16/2018

Aaron Woland, CCIE No. 20113, is a principal engineer in Cisco’s Advanced Threat Security group and works with Cisco’s largest customers all over the world. His primary job responsibilities include security design, solution enhancements, standards development, advanced threat solution design, endpoint security, and futures.

Aaron joined Cisco in 2005 and is currently a member of numerous security advisory boards and standards body working groups. Prior to joining Cisco, Aaron spent 12 years as a consultant and technical trainer.


Aaron is the author of both editions of Cisco ISE for BYOD and Secure Unified Access, Cisco Next-Generation Security Solutions: All-in-one Cisco ASA FirePOWER Services, NGIPS, and AMP; CCNP Security SISAS 300-208 Official Cert Guide, CCNA Security 210-260 Complete Video Course, and many published white papers and design guides.

Aaron is one of only five inaugural members of the Hall of Fame Elite for Distinguished Speakers at Cisco Live, and he is a security columnist for Network World, where he blogs on all things related to security. His many other certifications include GHIC, GCFE, GSEC, CEH, MCSE, VCP, CCSP, CCNP, and CCDP.


You can follow Aaron on Twitter: @aaronwoland.

Vivek Santuka, CCIE No. 17621 is a consulting systems engineer at Cisco and is a security consultant to some of Cisco’s largest customers. He has over 13 years of experience in security, focusing on identity management and access control. Vivek is a member of multiple technical advisory groups.


Vivek holds two CCIE certifications: Security and Routing and Switching. In addition, he holds RHCE and CISSP certifications.

Vivek is author of the Cisco Press book AAA Identity Management Security.


You can follow Vivek on Twitter: @vsantuka.

Mason Harris, CCIE No. 5916, is a solutions architect for Cisco, focusing on cloud architectures with Cisco’s largest global customers. He has more than 24 years of experience in information technology and is one the few individuals in the world who has attained five CCIE certifications. Prior to joining Cisco, he was the chief architect at cloud security startup vArmour Networks. Outside work, Mason can be found backpacking on long trails or at home with his family. A lifelong UNC Tarheels fan, he holds an undergraduate degree from UNC–Chapel Hill and a master’s degree from NC State University, with a minor in Arabic.


Jamie Sanbower, CCIE No. 13637 (Routing and Switching, Security, and Wireless), is a technical solutions architect focusing on security for the Global Security Architecture Team.

Jamie has been with Cisco since 2010 and is currently a technical leader and member of numerous technical advisory groups. With over 15 years of technical experience in networking and security, Jamie has developed, designed, implemented, and operated enterprise network and security solutions for a wide variety of large clients.

Prior to joining Cisco, Jamie was the director of the cybersecurity practice at Force 3. His other certifications include CISSP, CEH, and MCSE.

Need help? Get in touch

Video
Play
Privacy and cookies
By watching, you agree Pearson can share your viewership data for marketing and analytics for one year, revocable by deleting your cookies.

Video transcript (PDF | 16KB) 

Pearson eTextbook: What’s on the inside just might surprise you

They say you can’t judge a book by its cover. It’s the same with your students. Meet each one right where they are with an engaging, interactive, personalized learning experience that goes beyond the textbook to fit any schedule, any budget, and any lifestyle. 

Digital Learning NOW

Extend your professional development and meet your students where they are with free weekly Digital Learning NOW webinars. Attend live, watch on-demand, or listen at your leisure to expand your teaching strategies. Earn digital professional development badges for attending a live session.

Explore webinars