Integrated Security Technologies and Solutions - Volume I: Cisco Security Solutions for Advanced Threat Protection with Next Generation Firewall, Intrusion Prevention, AMP, and Content Security, 1st edition

Published by Cisco Press (May 14, 2018) © 2018

  • Aaron Woland
  • Vivek Santuka
  • Mason Harris
  • Jamie Sanbower


ISBN-13: 9781587147067
Integrated Security Technologies and Solutions - Volume I: Cisco Security Solutions for Advanced Threat Protection with Next Generation Firewall, Intrusion Prevention, AMP, and Content Security
Published 2018


  • A print text
  • Free shipping
  • Also available for purchase as an ebook from all major ebook resellers, including

Integrated Security Technologies and Solutions — Volume I offers one-stop expert-level instruction in security design, deployment, integration, and support methodologies to help security professionals manage complex solutions and prepare for their CCIE exams. It will help security pros succeed in their day-to-day jobs and also get ready for their CCIE Security written and lab exams.

Part of the Cisco CCIE Professional Development Series from Cisco Press, it is authored by a team of CCIEs who are world-class experts in their Cisco security disciplines, including co-creators of the CCIE Security v5 blueprint. Each chapter starts with relevant theory, presents configuration examples and applications, and concludes with practical troubleshooting.

Volume 1 focuses on security policies and standards; infrastructure security; perimeter security (Next-Generation Firewall, Next-Generation Intrusion Prevention Systems, and Adaptive Security Appliance [ASA]), and the advanced threat protection and content security sections of the CCIE Security v5 blueprint. With a strong focus on interproduct integration, it also shows how to combine formerly disparate systems into a seamless, coherent next-generation security solution.

Introduction xxv
Part I Hi There! This Is Network Security 1
Chapter 1 Let’s Talk About Network Security 3
Know Thy Enemy 4
Know Thy Self 6
Security Standards and Frameworks 9
Regulatory Compliance 15
Payment Card Industry Data Security Standard (PCI DSS) 16
Security Models 18
Integrating Security Solutions 23
Summary 25
References 25
Chapter 2 Infrastructure Security and Segmentation 27
The Three Planes 27
Securing the Management Plane 28
Securing the Control Plane 38
Securing the Data Plane 49
Visibility with NetFlow 76
Summary 77
References 78
Chapter 3 Wireless Security 79
What Is Wireless? 79
Wireless Security Overview 90
Securing the WLAN 94
Configuring Wireless Protection Policies 98
Management and Control Plane Protection 114
Integrating a WLC with Other Security Solutions 120
Summary 122
References 122
Part II Deny IP any any 123
Chapter 4 Firewalling with the ASA 125
ASA Fundamentals 125
Traffic with the ASA 151
ASA Advanced Features 167
Advanced Firewall Tuning 172
Troubleshooting the ASA 176
Summary 180
References 181
Chapter 5 Next-Gen Firewalls 183
Firepower Deployment Options 184
Configuring Firepower Threat Defense 186
Access Control Policies 206
Analysis and Reporting 229
Summary 237
References 238
Chapter 6 Next-Gen Intrusion Detection and Prevention 239
NGIPS Overview 239
Cisco NGIPS Appliances 248
Snort 256
Configuring a NGIPS 267
Operationalizing a NGIPS 283
Summary 296
References 297
Chapter 7 IOS Firewall and Security Features 299
Network Address Translation (NAT) 299
Zone-Based Firewall (ZBF) 309
IOS Advanced Security Features 319
Summary 331
References 331
Part III <HTML> EHLO. You have threat in content </HTML> 333
Chapter 8 Content Security and Advanced Threat Protection 335
Content Security Overview 335
Web Security Appliance 336
Email Security Appliance 370
Security Management Appliance 390
Summary 391
References 391
Chapter 9 Umbrella and the Secure Internet Gateway 393
Umbrella Fundamentals 393
Umbrella Overview Dashboard 399
Deploying Umbrella 401
Cisco Investigate 423
Summary 425
References 425
Chapter 10 Protecting Against Advanced Malware 427
Introduction to Advanced Malware Protection (AMP) 427
Role of the AMP Cloud 429
Doing Security Differently 430
The Cloud 437
Cloud Proxy Mode 438
Air Gap Mode 440
Threat Grid 442
The Clean Interface 446
The Administrative Interface 446
The Dirty Interface 446
Comparing Public and Private Deployments 446
AMP for Networks 447
AMP for Endpoints 457
Custom Detections 462
AMP for Windows 474
Mac Policies 490
Linux Policies 495
AMP for Android 497
Groups, Groups, and More Groups 498
The Download Connector Screen 499
Distributing via Cisco AnyConnect 500
Installing AMP for Windows 501
Installing AMP for Mac 503
Installing AMP for Linux 504
Proxy Complications 511
AMP for Content Security 513
Content Security Connectors 513
Configuring AMP for Content Security Appliances 514
Configuring the Web Security Appliance (WSA) Devices 515
Configuring the Email Security Appliance (ESA) Devices 519
AMP Reports 522
Summary 524
9781587147067, TOC, 4/16/2018

Need help? Get in touch