Free Delivery Over $100
|
|
|||
|
||||
OverviewFull Product DetailsAuthor: David HucabyPublisher: Pearson Education (US) Imprint: Cisco Press Dimensions: Width: 23.30cm , Height: 3.20cm , Length: 19.40cm Weight: 0.372kg ISBN: 9781587201981ISBN 10: 1587201984 Pages: 112 Publication Date: 22 May 2008 Audience: College/higher education , Tertiary & Higher Education Format: Mixed media product Publisher's Status: Out of Print Availability: Out of stock  Table of ContentsLab 1 Initial Configuration 1 Scenario 1 Initial Configurations 1 Video Presentation Reference 1 Step 1: Connect to the Firewall Console 2 Step 2: Explore the CLI Modes 2 Step 3: Search the CLI Output 3 Step 4: Set the Firewall Hostname and Domain Name 4 Lab 2 Configuring Interfaces 5 Scenario 5 Initial Configurations 5 Video Presentation Reference 5 Step 1: Set the Firewall Mode 6 Step 2: Configure Interface Parameters 6 Step 3: Configure a Physical Interface 6 Step 4: Configure a Redundant Interface 7 Step 5: Configure a Logical VLAN Interface 8 Lab 3 Setting Up Routing 11 Scenario 11 Initial Configurations 11 Video Presentation Reference 12 Step 1: Configure Static Routes 12 Step 2: Configure a Default Route 12 Step 3: Configure the Standby ISP 13 Step 4: Use a Dynamic Routing Protocol 14 Lab 4 Firewall Administration over the Network 15 Scenario 15 Initial Configurations 15 Video Presentation Reference 16 Step 1: Set Up Telnet Access 16 Step 2: Set Up SSH Access 17 Step 3: Set Up ASDM Access 17 Step 4: View ASDM Session Demonstration 18 Lab 5 Using Multiple Security Contexts 19 Scenario 19 Initial Configurations 19 Video Presentation Reference 19 Step 1: Enable Multiple Context Mode 19 Step 2: Create New Security Contexts 20 Step 3: Administer Contexts Through the CLI 22 Step 4: Configure Security Contexts and Their Interfaces 22 Step 5: Learn Context Arrangement 23 Lab 6 Using Failover for High Availability 25 Scenario 25 Initial Configurations 25 Video Presentation Reference 29 Step 1: Identify the Failover Role 29 Step 2: Set Up LAN-Based Failover 29 Step 3: Set Up Stateful Failover 31 Step 4: Tune the Unit Failover Threshold 31 Step 5: Set Up the Active-Active Failover Groups 32 Step 6: Define Context Interface Addresses 32 Step 7: Assign Contexts to the Two Failover Groups 34 Step 8: Bootstrap the Secondary Firewall Unit 35 Monitoring Failover Operation 35 Lab 7 Failover in Action 37 Scenario 37 Initial Configurations 38 Video Presentation Reference 38 Scenario 1: Physical Interface Failure 38 Scenario 2: Logical Interface Failure 38 Scenario 3: Failover Unit Failure 39 Scenario 4: Hitless Code Upgrade 39 Lab 8 Setting Up Address Translation and Connection Limits 45 Scenario 45 Initial Configurations 45 Video Presentation Reference 46 Step 1: Configure Static NAT 46 Step 2: Configure Policy NAT 47 Step 3: Configure Identity NAT 48 Step 4: Configure NAT Exemption 48 Step 5: Configure Dynamic NAT and PAT 49 Step 6: Set UDP and TCP Connection Limits 50 Lab 9 Setting Up Firewall Rules 51 Scenario 51 Initial Configurations 51 Video Presentation Reference 52 Step 1: Configure an Access List for the Inside Interface 52 Step 2: Configure an Access List for the Outside Interface 52 Step 3: Configure a Network Object Group 53 Step 4: Configure an Enhanced Service Object Group 54 Step 5: Configure an Access List to Use the Object Groups 55 Lab 10 Setting Up a DMZ 57 Scenario 57 Initial Configurations 57 Video Presentation Reference 58 Step 1: Consider Connections from the Inside Toward the DMZ 59 Step 2: Consider Connections from the DMZ Toward the Outside 59 Step 3: Consider Connections from the Outside Toward the DMZ 59 Step 4: Consider Connections from the DMZ Toward the Inside 60 Step 5: Review the DMZ Access List for Conflicting Entries 60 Lab 11 Setting Up Logging 63 Scenario 63 Initial Configurations 63 Video Presentation Reference 64 Step 1: Send Logging Messages to the Internal Buffer 65 Step 2: Send Logging Messages to an ASDM Session 65 Step 3: Send Logging Messages to a Syslog Server 66 Lab 12 Using MPF to Control Layer 3/4 Connections 67 Scenario 67 Initial Configurations 67 Video Presentation Reference 68 Step 1: Classify Interesting Traffic with a Class Map 69 Step 2: Define a Policy with a Policy Map 69 Step 3: Apply the Policy 70 Step 4: Monitor the Policy 70 Lab 13 Using MPF to Perform QoS Queuing and Policing 71 Scenario 71 Initial Configurations 71 Video Presentation Reference 72 Step 1: Send Traffic to the Priority Queue 72 Step 2: Use a Policer to Limit Bandwidth 73 Lab 14 Using MPF to Tune Application Inspection Engines 75 Scenario 75 Initial Configurations 75 Video Presentation Reference 76 Step 1: Enable an Inspection Engine 76 Step 2: Change the Inspection Engine Listening Port 77 Step 3: Use an Inspection Policy Map 77 Step 4: Use an Inspection Regex Match 78 Lab 15 Testing Security Policies with Packet Tracer 79 Scenario 79 Initial Configurations 79 Video Presentation Reference 83 Step 1: Send an Outbound ICMP Packet Through a Static Address Translation 83 Step 2: Send an Outbound ICMP Packet Through a Dynamic Address Translation 83 Step 3: Send an Inbound ICMP Packet 84 Step 4: Send an Outbound TCP Packet Through an Application Inspection Engine 84 Lab 16 Capturing Traffic 85 Scenario 85 Initial Configurations 85 Video Presentation Reference 89 Step 1: Configure a Raw Data Capture Through the CLI 89 Step 2: Configure an ASP Drop Capture Through the CLI 89 Step 3: Copy the Capture Buffer to an External Host 90 Step 4: Configure a Capture Session with ASDM 90ReviewsAuthor InformationDavid Hucaby, CCIE (R) No. 4594, is a lead network engineer for the University of Kentucky, where he works with healthcare networks based on the Cisco (R) Catalyst (R), ASA/PIX (R)/FWSM security, and VPN product lines. David was one of the beta reviewers of the ASA/PIX 7.0 and 8.0 operating system software. David has a B.S. and M.S. in electrical engineering from the University of Kentucky and has worked in the IT field for 19 years. He lives in Kentucky with his wife Marci and two daughters. Tab Content 6Author Website:Countries AvailableAll regions |
||||
