Op werkdagen voor 23:00 besteld, morgen in huis Gratis verzending vanaf €20
, ,

Cisco Network Admission Control Volume 2: NAC Framework Deployment and Troubleshooting

The self-defending network in action

Paperback Engels 2007 9781587052255
Verwachte levertijd ongeveer 7 werkdagen

Samenvatting

When most information security professionals think about threats to their networks, they think about the threat of attackers from the outside. However, in recent years the number of computer security incidents occurring from trusted users within a company has equaled those occurring from external threats. The difference is, external threats are fairly well understood and almost all companies utilize tools and technology to protect against those threats. In contrast, the threats from internal trusted employees or partners are often overlooked and much more difficult to protect against.

Network Admission Control (NAC) is designed to prohibit or restrict access to the secured internal network from devices with a diminished security posture until they are patched or updated to meet the minimum corporate security requirements. A fundamental component of the Cisco Self-Defending Network Initiative, NAC enables you to enforce host patch policies and to regulate network access permissions for noncompliant, vulnerable systems.

'Cisco Network Admission Control, Volume 2', helps you understand how to deploy the NAC Framework solution and ultimately build a self-defending network. The book focuses on the key components that make up the NAC Framework, showing how you can successfully deploy and troubleshoot each component and the overall solution. Emphasis is placed on real-world deployment scenarios, and the book walks you step by step through individual component configurations. Along the way, the authors call out best practices and tell you which mistakes to avoid. Component-level and solution-level troubleshooting techniques are also presented. Three full-deployment scenarios walk you through application of NAC in a small business, medium-sized organization, and large enterprise.

To successfully deploy and troubleshoot the Cisco NAC solution requires thoughtful builds and design of NAC in branch, campus, and enterprise topologies. It requires a practical and methodical view towards building layered security and management with troubleshooting, auditing, and monitoring capabilities.
Jayshree V. Ullal, Senior Vice President, Datacenter, Switching and Security Technology Group, Cisco Systems

- Effectively deploy the Cisco Trust Agent
- Configure Layer 2 IP and Layer 2 802.1x NAC on network access devices
- Examine packet flow in a Cisco IOS NAD when NAC is enabled, and configure Layer 3 NAC on the NAD
- Monitor remote access VPN tunnels
- Configure and troubleshoot NAC on the Cisco ASA and PIX security appliances
- Install and configure Cisco Secure Access Control Server (ACS) for NAC
- Install the Cisco Security Agent Manage-ment Center and create agent kits
- Add antivirus policy servers to ACS for external antivirus posture validation
- Understand and apply audit servers to your NAC solution
- Use remediation servers to automatically patch end hosts to bring them in compliance with your network policies
- Monitor the NAC solution using the Cisco Security Monitoring, Analysis, and Response System (MARS)

This security book is part of the Cisco Press Networking Technology Series. Security titles from Cisco Press help networking professionals secure critical data and resources, prevent and mitigate network attacks, and build end-to-end self-defending networks.

Specificaties

ISBN13:9781587052255
Taal:Engels
Bindwijze:paperback
Aantal pagina's:587
Uitgever:Cisco Press
Druk:1
Hoofdrubriek:IT-management / ICT

Lezersrecensies

Wees de eerste die een lezersrecensie schrijft!

Geef uw waardering

Zeer goed Goed Voldoende Matig Slecht

Over Omar Santos

Omar Santosis an active member of the cyber security community, where he leads several industry-wide initiatives and standards bodies. His active role helps businesses, academic institutions, state and local law enforcement agencies, and other participants dedicated to increasing the security of their critical infrastructures. Omar is the author of more than a dozen books and video courses, as well as numerous white papers, articles, and security configuration guidelines and best practices. Omar is a principal engineer of the Cisco Product Security Incident Response Team (PSIRT), where he mentors and leads engineers and incident managers during the investigation and resolution of cyber security vulnerabilities. Additional information about Omar’s current projects can be found at omarsantos.io, and you can follow Omar on Twitter: @santosomar.

Andere boeken door Omar Santos

Inhoudsopgave

Introduction

Part 1: NAC Overview
1. NAC Solution and Technology Overview
Network Admission Control
Components That Make Up the NAC Framework Solution
Summary
Review Questions

Part 2: Configuration Guidelines
2. Cisco Trust Agent
Preparing for Deployment of CTA
Deploying CTA in a Lab Environment
User Notifications
Customizing CTA with the Optional ctad.ini File
CTA Scripting Interface
CTA Logging Service
Deploying CTA in a Production Network
Troubleshooting CTA
Chapter Summary
References
Review Question

3. Cisco Secure Services Client
Installing and Configuring the Cisco Secure Services Client
Deploying the Cisco Secure Services Client in a Production Network
Viewing the Current Status of the Cisco Secure Services Client
Windows Wireless Zero Configuration
Troubleshooting the Cisco Secure Services Client
Summary
References
Review Question

4. Configuring Layer 2 NAC on Network Access Devices
NAC-L2-IP
NAC-L2-802.1X
Summary
Review Questions

5. Configuring Layer 3 NAC on Network Access Devices
Architectural Overview of NAC on Layer 3 Devices
Configuration Steps of NAC on Layer 3 Devices
Monitoring and Troubleshooting NAC on Layer 3 Devices
Summary
Review Questions

6. Configuring NAC on Cisco VPN 3000 Series Concentrators
Architectural Overview of NAC on Cisco VPN 3000 Concentrators
Configuration Steps of NAC on Cisco VPN 3000 Concentrators
Testing, Monitoring, and Troubleshooting NAC on Cisco VPN 3000 Concentrators
Summary
Review Questions

7. Configuring NAC on Cisco ASA and PIX Security Appliances
Architectural Overview of NAC on Cisco Security Appliances
Configuration Steps of NAC on Cisco Security Appliances
Testing, Monitoring, and Troubleshooting NAC on Cisco Security Appliances
Summary
Review Questions

8. Cisco Secure Access Control Server
Installing ACS
Initial ACS Configuration
Posture Validation
Posture Enforcement
Network Access Profiles
Network Access Filtering
NAC Agentless Hosts
Bypass)
User Databases
Importing Vendor Attribute-Value Pairs
Enabling Logging
Replication
Troubleshooting ACSHandshake in Failed Attempts Log
Summary
Review Questions

9. Cisco Security Agent
Cisco Security Agent Architecture
Installing Cisco Security Agents Management Center
Configuring CSA NAC-Related Features
Summary

10. Antivirus Software Integration
Supported Antivirus Software Vendors
Antivirus Software Posture Plug-Ins
Antivirus Policy Servers and the Host Credential Authorization Protocol (HCAP)
Summary
Review Questions

11. Audit Servers
Options for Handling Agentless Hosts
Architectural Overview of NAC for Agentless Hosts
Configuring Audit Servers
Monitoring of Agentless Hosts
Summary
Review Questions

12. Remediation
Altiris
PatchLink
Summary
Review Questions

Part 3: Deployment Scenarios
13. Deploying and Troubleshooting NAC in Small Businesses
NAC Requirements for a Small Business
Small Business Network Topology
Configuring NAC in a Small Business
Troubleshooting NAC Deployment in a Small Business
Handshake
Summary
Review Questions

14. Deploying and Troubleshooting NAC in Medium-Size Enterprises
Deployment Overview of NAC in a Medium-Size Enterprise
Business Requirements for NAC in a Medium-Size Enterprise
Medium-Size Enterprise NAC Solution Highlights
Steps for Configuring NAC in a Medium-Size Enterprise
Monitoring and Troubleshooting NAC in a Medium-Size Enterprise
Summary
Review Questions

15. Deploying and Troubleshooting NAC in Large Enterprises
Business Requirements for Deploying NAC in a Large Enterprise
Design and Network Topology for NAC in a Large Enterprise
Configuring NAC in a Large Enterprise
Troubleshooting NAC Deployment in a Large Enterprise
Summary
Review Questions

Part 4: Managing and Monitoring NAC
16. NAC Deployment and Management Best Practices
A Phased Approach to Deploying NAC Framework
Provisioning of User Client Software
CSA Management
Maintaining NAC Policies
Technical Support
Education and Awareness
Summary
References
Review Questions

17. Monitoring the NAC Solution Using the Cisco Security Monitoring, Analysis, and Response System
CS-MARS Overview
Setting Up Cisco IOS Routers to Report to CS-MARS
Setting Up Cisco Switches to Report to CS-MARS
Configuring ACS to Send Events to CS-MARS
Configuring CSA to Send Events to CS-MARS
Configuring VPN 3000 Concentrators to Send Events to CS-MARS
Configuring the Adaptive Security Appliance and PIX Security Appliance to Send Events to CS-MARS
Configuring QualysGuard to Send Events to CS-MARS
Generating Reports in CS-MARS
Troubleshooting CS-MARS
Summary
Reference
Review Questions

Part 5: Appendix
Appendix A: Answers to Review Questions

Alle 100 bestsellers

Rubrieken

Populaire producten

    Personen

      Trefwoorden

        Cisco Network Admission Control Volume 2: NAC Framework Deployment and Troubleshooting