CISCO NETWORK ADMISSION CONTROL, VOLUME II: NAC DEPLOYMENT AND TROUBLESHOOTING (NETWORKING TECHNOLOGY) (PAPERBACK)

Saturday, July 25th, 2009 at 11:50 pm

Cisco Network Admission Control Volume II: NAC Framework Deployment and Troubleshooting The self-defending network in movement Jazib Frahim, CCIE® No. 5459 Omar Santos David White, Jr., CCIE No. 12,021 When most report confidence professionals think about threats to their networks, they think about the hazard of enemy from the outside. However, in brand new years the series of mechanism confidence incidents occurring from devoted users inside of a organisation has equaled those occurring from outmost threats. The disproportion is, outmost threats have been sincerely well accepted and roughly all companies implement collection and record to strengthen opposite those threats. In contrast, the threats from inner devoted employees or partners have been mostly ignored and most some-more formidable to strengthen against. Network Admission Control (NAC) is created to demarcate or shorten entrance to the cumulative inner network from inclination with a discontinued confidence viewpoint until they have been patched or updated to encounter the smallest corporate confidence requirements. A elemental part of of the Cisco® Self-Defending Network Initiative, NAC enables you to have host vegetable vegetable patch policies and to umpire network entrance permissions for noncompliant, exposed systems. Cisco Network Admission Control, Volume II, helps you assimilate how to muster the NAC Framework resolution and in conclusion set up a self-defending network. The book focuses on the key components which have up the NAC Framework, display how you can successfully muster and troubleshoot each part of and the altogether solution. Emphasis is placed on real-world deployment scenarios, and the book walks you step by step by particular part of configurations. Along the way, the authors call out most appropriate practices and discuss it you which mistakes to avoid. Component-level and solution-level troubleshooting techniques have been additionally presented. Three full-deployment scenarios travel you by concentration of NAC in a small business, medium-sized organization, and large enterprise. “To successfully muster and troubleshoot the Cisco NAC resolution requires courteous builds and pattern of NAC in branch, campus, and craving topologies. It requires a unsentimental and process perspective towards office building layered confidence and supervision with troubleshooting, auditing, and monitoring capabilities.” —Jayshree V. Ullal, Senior Vice President, Datacenter, Switching and Security Technology Group, Cisco Systems® Jazib Frahim, CCIE® No. 5459, is a comparison network confidence operative in the Worldwide Security Services Practice of the Cisco Advanced Services for Network Security team. He is obliged for running business in the pattern and doing of their networks with a concentration on network security. Omar Santos is a comparison network confidence operative in the Worldwide Security Services Practice of the Cisco Advanced Services for Network Security team. He has some-more than twelve years of knowledge in secure interpretation communications. David White, Jr., CCIE No. 12,021, has some-more than 10 years of networking knowledge with a concentration on network security. He is now an escalation operative in the Cisco TAC, where he has been for some-more than 6 years. Effectively muster the Cisco Trust Agent Configure Layer 2 IP and Layer 2 802.1x NAC on network entrance inclination Examine parcel upsurge in a Cisco IOS NAD when NAC is enabled, and configure Layer 3 NAC on the NAD Monitor remote entrance VPN tunnels Configure and troubleshoot NAC on the Cisco ASA and PIX confidence appliances Install and configure Cisco Secure Access Control Server (ACS) for NAC Install the Cisco Security Agent Manage-ment Center and emanate representative kits Add antivirus process servers to ACS for outmost antivirus viewpoint validation Understand and request review servers to your NAC resolution Use remediation servers to automatically vegetable vegetable patch finish hosts to move them in correspondence with your network policies Monitor the NAC resolution regulating the Cisco Security Monitoring, Analysis, and Response System (MARS) This confidence book is partial of the Cisco Press® Networking Technology Series. Security titles from Cisco Press assistance networking professionals secure vicious interpretation and resources, forestall and lessen network attacks, and set up end-to-end self-defending networks. Category: Cisco Press—Security Covers: Network Admission Control $60.00 USA / $75.00 CAN

About the AuthorJazib Frahim, CCIE No. 5459, has been with Cisco Systems for some-more than 7 years. With a Bachelor’s grade in mechanism engineering from Illinois Institute of Technology, he proposed out as a TAC operative with the LAN Switching team. He afterwards changed to the TAC Security team, where he acted as a technical personality for the confidence products. He led a group of twenty engineers as a group personality in solution difficult confidence and VPN technologies. Jazib is now operative as a Senior Network Security Engineer in the Worldwide Security Services Practice of Cisco’s Advanced Services for Network Security. He is obliged for running business in the pattern and doing of their networks, with a concentration in network security. He binds dual CCIEs, one in Routing and Switching and the alternative in Security. He additionally authored the Cisco Press book Cisco ASA: All-in-one Firewall, IPS, and VPN Adaptive Security Appliance(ISBN: 1-58705-209-1). Additionally, Jazib has created countless Cisco online technical papers and has been an active part of on Cisco’s online forum, NetPro. He has presented at Networkers on mixed occasions and has taught most onsite and online courses to Cisco customers, partners, and employees. Jazib is now posterior a Master of Business Administration (MBA) grade from North Carolina State University. Omar Santos is a Senior Network Security Consulting Engineer in the Worldwide Security Services Practice of Cisco’s Advanced Services for Network Security. He has some-more than twelve years of knowledge in secure interpretation communications. Omar has designed, implemented, and upheld countless secure networks for Fortune 500 companies and the U.S. government, together with the United States Marine Corps (USMC) and Department of Defense (DoD). He is additionally the writer of the Cisco Press book Cisco ASA: All-in-one Firewall, IPS, and VPN Adaptive Security Appliance(ISBN: 1-58705-209-1) and most Cisco online technical papers and pattern guidelines. Prior to his stream role, he was a technical personality of Cisco’s Technical Assistance Center (TAC), where he taught, led, and mentored most engineers inside of the organization. He is an active part of of the InfraGard organization, a mild endeavour in between the Federal Bureau of Investigation and an organisation of businesses, educational institutions, state and internal law-enforcement agencies, and alternative participants which have been dedicated to augmenting the confidence of the vicious infrastructures of the United States of America. Omar has additionally delivered countless technical presentations to Cisco customers, partners, and alternative organizations. David White, Jr., CCIE No. 12021, has some-more than ten years of networking knowledge with a concentration on network security. He is now an Escalation Engineer in the Cisco TAC, where he has been for some-more than 6 years. In his purpose at Cisco, he is concerned in brand new product pattern and doing and is an active member in Cisco documentation, both online and in print. David binds a CCIE in Security and is additionally NSA IAM certified. Before fasten Cisco, David worked for the U.S. government, where he helped secure the worldwide communications network. He was innate and lifted in St. Petersburg, Florida, and perceived his Bachelor’s grade in mechanism engineering from the Georgia Institute of Technology.

(more…)

Technorati Tags: Admission, Cisco, control, Deployment, network, Networking, Paperback, technology, troubleshooting, Volume