Integrated Security Technologies and Solutions - Volume I Cisco Security Solutions for Advanced Threat Protection with Next Generation Firewall, Intrusion Prevention, AMP, and Content Security

The essential reference for security pros and CCIE Security candidates: policies, standards, infrastructure/perimeter and content security, and threat protection

Integrated Security Technologies and Solutions – Volume I offers one-stop expert-level instruction in security design, deployment, integration, and support methodologies to help security professionals manage complex solutions and prepare for their CCIE exams. It will help security pros succeed in their day-to-day jobs and also get ready for their CCIE Security written and lab exams.

Part of the Cisco CCIE Professional Development Series from Cisco Press, it is authored by a team of CCIEs who are world-class experts in their Cisco security disciplines, including co-creators of the CCIE Security v5 blueprint. Each chapter starts with relevant theory, presents configuration examples and applications, and concludes with practical troubleshooting.

Volume 1 focuses on security policies and standards; infrastructure security; perimeter security (Next-Generation Firewall, Next-Generation Intrusion Prevention Systems, and Adaptive Security Appliance [ASA]), and the advanced threat protection and content security sections of the CCIE Security v5 blueprint. With a strong focus on interproduct integration, it also shows how to combine formerly disparate systems into a seamless, coherent next-generation security solution.

• Review security standards, create security policies, and organize security with Cisco SAFE architecture
• Understand and mitigate threats to network infrastructure, and protect the three planes of a network device
• Safeguard wireless networks, and mitigate risk on Cisco WLC and access points
• Secure the network perimeter with Cisco Adaptive Security Appliance (ASA)
• Configure Cisco Next-Generation Firewall Firepower Threat Defense (FTD) and operate security via Firepower Management Center (FMC)
• Detect and prevent intrusions with Cisco Next-Gen IPS, FTD, and FMC
• Configure and verify Cisco IOS firewall features such as ZBFW and address translation
• Deploy and configure the Cisco web and email security appliances to protect content and defend against advanced threats
• Implement Cisco Umbrella Secure Internet Gateway in the cloud as your first line of defense against internet threats
• Protect against new malware with Cisco Advanced Malware Protection and Cisco ThreatGrid
  

Aaron Woland, CCIE No. 20113, is a principal engineer in Cisco’s Advanced Threat Security group and works with Cisco’s largest customers all over the world. His primary job responsibilities include security design, solution enhancements, standards development, advanced threat solution design, endpoint security, and futures.

Aaron joined Cisco in 2005 and is currently a member of numerous security advisory boards and standards body working groups. Prior to joining Cisco, Aaron spent 12 years as a consultant and technical trainer.

Aaron is the author of both editions of Cisco ISE for BYOD and Secure Unified Access, Cisco Next-Generation Security Solutions: All-in-one Cisco ASA FirePOWER Services, NGIPS, and AMP; CCNP Security SISAS 300-208 Official Cert Guide, CCNA Security 210-260 Complete Video Course, and many published white papers and design guides.

Aaron is one of only five inaugural members of the Hall of Fame Elite for Distinguished Speakers at Cisco Live, and he is a security columnist for Network World, where he blogs on all things related to security. His many other certifications include GHIC, GCFE, GSEC, CEH, MCSE, VCP, CCSP, CCNP, and CCDP.

You can follow Aaron on Twitter: @aaronwoland.

Vivek Santuka, CCIE No. 17621 is a consulting systems engineer at Cisco and is a security consultant to some of Cisco’s largest customers. He has over 13 years of experience in security, focusing on identity management and access control. Vivek is a member of multiple technical advisory groups.

Vivek holds two CCIE certifications: Security and Routing and Switching. In addition, he holds RHCE and CISSP certifications.

Vivek is author of the Cisco Press book AAA Identity Management Security.

You can follow Vivek on Twitter: @vsantuka.

Mason Harris, CCIE No. 5916, is a solutions architect for Cisco, focusing on cloud architectures with Cisco’s largest global customers. He has more than 24 years of experience in information technology and is one the few individuals in the world who has attained five CCIE certifications. Prior to joining Cisco, he was the chief architect at cloud security startup vArmour Networks. Outside work, Mason can be found backpacking on long trails or at home with his family. A lifelong UNC Tarheels fan, he holds an undergraduate degree from UNC–Chapel Hill and a master’s degree from NC State University, with a minor in Arabic.

Jamie Sanbower, CCIE No. 13637 (Routing and Switching, Security, and Wireless), is a technical solutions architect focusing on security for the Global Security Architecture Team.

Jamie has been with Cisco since 2010 and is currently a technical leader and member of numerous technical advisory groups. With over 15 years of technical experience in networking and security, Jamie has developed, designed, implemented, and operated enterprise network and security solutions for a wide variety of large clients.

Prior to joining Cisco, Jamie was the director of the cybersecurity practice at Force 3. His other certifications include CISSP, CEH, and MCSE.

Part 1. Hi There! This Is Network Security
1. Let’s Talk about Network Security
2. Infrastructure Security and Segmentation
3. Wireless Security

Part 2. Deny IP Any Any
4. Cisco ASA and the Power of Fire
5. Intrusion Prevention and NGIPS
6. Cisco IOS ZBF and Advanced Security Functions

Part 3. EHLO: You Have Threat in Content
7. Content Security and Advanced Threat Protection
8. Advanced Malware Protection
9. Advanced Threat with OpenDNS

The New copy of this book will include any supplemental materials advertised. Please check the title of the book to determine if it should include any access cards, study guides, lab manuals, CDs, etc.

The Used, Rental and eBook copies of this book are not guaranteed to include any supplemental materials. Typically, only the book itself is included. This is true even if the title states it includes any access cards, study guides, lab manuals, CDs, etc.