Overview

The IKEv2 protocol significantly improves VPN security, and Cisco’s FlexVPN offers a unified paradigm and command line interface for taking full advantage of it. Simple and modular, FlexVPN relies extensively on tunnel interfaces while maximising compatibility with legacy VPNs. Now, two Cisco network security experts offer a complete, easy-tounderstand, and practical introduction to IKEv2, modern IPsec VPNs, and FlexVPN. The authors explain each key concept, and then guide you through all facets of FlexVPN planning, deployment, migration, configuration, administration, troubleshooting, and optimisation. You’ll discover how IKEv2 improves on IKEv1, master key IKEv2 features, and learn how to apply them with Cisco FlexVPN. IKEv2 IPsec Virtual Private Networks offers practical design examples for many common scenarios, addressing IPv4 and IPv6, servers, clients, NAT, pre-shared keys, resiliency, overhead, and more. If you’re a network engineer, architect, security specialist, or VPN administrator, you’ll find all the knowledge you need to protect your organisation with IKEv2 and FlexVPN. Understand IKEv2 improvements: anti-DDoS cookies, configuration payloads, acknowledged responses, and more Implement modern secure VPNs with Cisco IOS and IOS-XE Plan and deploy IKEv2 in diverse real-world environments Configure IKEv2 proposals, policies, profiles, keyrings, and authorisation Use advanced IKEv2 features, including SGT transportation and IKEv2 fragmentation Understand FlexVPN, its tunnel interface types, and IOS AAA infrastructure Implement FlexVPN Server with EAP authentication, pre-shared keys, and digital signatures Deploy, configure, and customize FlexVPN clients Configure, manage, and troubleshoot the FlexVPN Load Balancer Improve FlexVPN resiliency with dynamic tunnel source, backup peers, and backup tunnels Monitor IPsec VPNs with AAA, SNMP, and Syslog Troubleshoot connectivity, tunnel creation, authentication, authorization, data encapsulation, data encryption, and overlay routing Calculate IPsec overhead and fragmentation Plan your IKEv2 migration: hardware, VPN technologies, routing, restrictions, capacity, PKI, authentication, availability, and more

Full Product Details

Author:   Graham Bartlett ,  Amjad Inamdar
Publisher:   Pearson Education (US)
Imprint:   Cisco Press
Dimensions:   Width: 19.40cm , Height: 3.80cm , Length: 23.80cm
Weight:   1.220kg
ISBN:  

9781587144608

ISBN 10:   1587144603
Pages:   656
Publication Date:   15 November 2016
Audience:   Professional and scholarly ,  Professional & Vocational
Format:   Paperback
Publisher's Status:   Active
Availability:   In stock  
We have confirmation that this item is in stock with the supplier. It will be ordered in for you and dispatched immediately.

Table of Contents

Chapter 1 Introduction to IPsec VPNs Chapter 2 IKEv2: The Protocol  Chapter 3 Comparison of IKEv1 and IKEv2 Chapter 4 IOS IPsec Implementation Chapter 5 IKEv2 Configuration Chapter 6 Advanced IKEv2 Features Chapter 7 IKEv2 Deployments Chapter 8 Introduction to FlexVPN Chapter 9 FlexVPN Server Chapter 10 FlexVPN Client Chapter 11 FlexVPN Load Balancer Chapter 12 FlexVPN Deployments Chapter 13 Monitoring IPsec VPNs Chapter 14 Troubleshooting IPsec VPNs Chapter 15 IPsec Overhead and Fragmentation Chapter 16 Migration Strategies 539  

Reviews

Author Information

 Graham Bartlett, CCIE No. 26709, has designed a number of large scale Virtual Private Networks within the UK and worked with customers throughout the world using IKEv2 and Next Generation Encryption. Graham’s interests include Security and Virtual Private Networks. Within this space he has discovered zero-day vulnerabilities, including the higest severity security advisory in the March 2015 Cisco IOS software and IOS XE software security advisory bundled publication. He has contributed to numerous IETF RFCs, and has intellectual property published as prior art. He is a CiscoLive speaker and has developed Cisco Security exam content (CCIE/CCNP). He is a CCP (Senior) IA Architect, CCP (Practitioner) Security & Information Risk Advisor, CCNP, CISSP, Cisco Security Ninja and holds a BSc(Hons) in Computer Systems and Networks. Amjad Inamdar CISSP 460898, is a Senior Technical Leader with Cisco IOS Security Engineering, India. He has primarily worked on design, development and deployment of Cisco IOS secure connectivity solutions including the industry leading FlexVPN, DMVPN, GETVPN and EzVPN solutions and is currently working on the Cisco next generation SD-WAN solution. He has contributed to IETF drafts, holds a Cisco patent and has prior art publications. He holds many industry certifications including CISSP, CCSK, CCNP Security, CCDP, CCNP R/S, CCNA (SP, Data Center, Wireless, Voice), Cisco Security Ninja and has presented security at conferences, internal forums and to Cisco customers and partners. He holds a degree (B.E) in Electronics and Communication Engineering.

Tab Content 6

Author Website:  

Customer Reviews

Recent Reviews

No review item found!

Add your own review!

Countries Available

All regions