Cisco ASA and Pix Firewall Handbook

Cisco ASA and Pix Firewall Handbook

Paperback CCIE

By (author) David Hucaby

List price $67.15

Unavailable - AbeBooks may have this title.

  • Publisher: Cisco Press
  • Format: Paperback | 840 pages
  • Dimensions: 188mm x 228mm x 46mm | 1,402g
  • Publication date: 7 June 2005
  • Publication City/Country: Indianapolis
  • ISBN 10: 1587051583
  • ISBN 13: 9781587051586
  • Illustrations note: illustrations

Product description

Cisco PIX Firewall Handbook is a guide to the most commonly implemented features of the top selling Cisco Systems firewall security solutions. Whether a novice or experienced network security engineer, readers will be able to quickly and easily configure a wide range of Cisco PIX and IOS firewall features. Many features of these devices are complex and require many configuration steps for proper operation. The required commands are difficult to remember or require lengthy reading through the Cisco Documentation CD. In addition, the Cisco PIX firewall has very limited context-based help and the documentation is formatted quite differently from other products. Cisco PIX Firewall Handbook is designed to give concise information on how to quickly and correctly configure PIX Firewall features. As features and commands are presented, Cisco IOS Software and PIX commands appear side-by-side for quick reference. Security engineers and administrators can carry this book on-site and refer to it during hands-on installation or troubleshooting sessions. The book is organized by families of features, and information on each feature is presented in a concise format, with background, configuration, and example components. Each section also has a quick reference table of commands that can be used to troubleshoot or display information about the features presented.

Other people who viewed this bought:

Showing items 1 to 10 of 10

Other books in this category

Showing items 1 to 11 of 11
Categories:

Author information

David Hucaby, CCIEA (R) No. 4594, is a lead network engineer for the University of Kentucky, where he works with healthcare networks based on the Cisco Catalyst, IP Telephony, PIX, and VPN product lines. David was one of the beta reviewers of the PIX version 7 Firewall operating system software.

Table of contents

Introduction Chapter 1 Firewall Overview 1-1: Overview of Firewall Operation Initial Checking Xlate Lookup Conn Lookup ACL Lookup Uauth Lookup Inspection Engine 1-2: Inspection Engines for ICMP, UDP, and TCP ICMP Inspection UDP Inspection TCP Inspection TCP Normalization Other Firewall Operations 1-3: Hardware and Performance 1-4: Basic Security Policy Guidelines Further Reading Chapter 2 Configuration Fundamentals 2-1: User Interface User Interface Modes User Interface Features 2-2: Firewall Features and Licenses Upgrading a License Activation Key 2-3: Initial Firewall Configuration Chapter 3 Building Connectivity 3-1: Configuring Interfaces Basic Interface Configuration Configuring IPv6 on an Interface Configuring the ARP Cache Configuring Interface MTU and Fragmentation Configuring an Interface Priority Queue Firewall Topology Considerations 3-2: Configuring Routing Using Routing Information to Prevent IP Address Spoofing Configuring Static Routes Configuring RIP to Exchange Routing Information Configuring OSPF to Exchange Routing Information 3-3: DHCP Server Functions Using the Firewall as a DHCP Server Relaying DHCP Requests to a DHCP Server 3-4: Multicast Support Multicast Overview Multicast Addressing Forwarding Multicast Traffic IGMP: Finding Multicast Group Recipients PIM: Building a Multicast Distribution Tree Configuring PIM Configuring Stub Multicast Routing (SMR) Configuring IGMP Operation Stub Multicast Routing Example PIM Multicast Routing Example Verifying IGMP Multicast Operation Verifying PIM Multicast Routing Operation Chapter 4 Firewall Management 4-1: Using Security Contexts to Make Virtual Firewalls Security Context Organization Sharing Context Interfaces Issues with Sharing Context Interfaces Configuration Files and Security Contexts Guidelines for Multiple-Context Configuration Initiating Multiple-Context Mode Navigating Multiple Security Contexts Configuring a New Context Allocating Firewall Resources to Contexts Verifying Multiple-Context Operation 4-2: Managing the Flash File System Using the PIX6.x Flash File System Navigating a PIX 7.x or FWSM Flash File System Administering a PIX 7.x or FWSM Flash File System Identifying the Operating System Image Upgrading an Image from the Monitor Prompt Upgrading an Image from an Administrative Session 4-3: Managing Configuration Files Managing the Startup Configuration Saving a Running Configuration Importing a Configuration 4-4: Managing Administrative Sessions Console Connection Telnet Sessions SSH Sessions PDM/ASDM Sessions User Session Banners Monitoring Administrative Sessions 4-5: Firewall Reloads and Crashes Reloading a Firewall Obtaining Crash Information 4-6: Monitoring a Firewall with SNMP Overview of Firewall SNMP Support SNMP Configuration Chapter 5 Managing Firewall Users 5-1: Managing Generic Users Authenticating and Authorizing Generic Users Accounting of Generic Users 5-2: Managing Users with a Local Database Authenticating with Local Usernames Authorizing Users to Access Firewall Commands Accounting of Local User Activity 5-3: Defining AAA Servers for User Management 5-4: Configuring AAA to Manage Administrative Users Enabling AAA User Authentication Enabling AAA Command Authorization Enabling AAA Command Accounting 5-5: Configuring AAA for End-User Cut-Through Proxy Authenticating Users Passing Through Authorizing User Activity with TACACS+ Servers Authorizing User Activity with RADIUS Servers Keeping Accounting Records of User Activity AAA Cut-Through Proxy Configuration Examples 5-6: Firewall Password Recovery Recovering a PIX or ASA Password Recovering an FWSM Password Chapter 6 Controlling Access Through the Firewall 6-1: Transparent Firewall Mode Configuring a Transparent Firewall 6-2: Routed Firewall Mode and Address Translation Defining Access Directions Types of Address Translation Handling Connections Through an Address Translation Static NAT Policy NAT Identity NAT NAT Exemption Dynamic Address Translation (NAT or PAT) Controlling Traffic 6-3: Controlling Access with Access Lists Defining Object Groups Configuring an Access List Access List Examples Monitoring Access Lists 6-4: Filtering Content Configuring Content Filters Content-Filtering Examples 6-5: Defining Security Policies in a Modular Policy Framework Classifying Traffic Defining a Policy Default Policy Definitions 6-6: Application Inspection Configuring Application Inspection 6-7: Shunning Traffic Shun Example Chapter 7 Increasing Firewall Availability with Failover 7-1: Firewall Failover Overview How Failover Works Firewall Failover Roles Detecting a Firewall Failure Failover Communication Active-Active Failover Requirements 7-2: Configuring Firewall Failover 7-3: Firewall Failover Configuration Examples Active-Standby Failover Example with PIX Firewalls Active-Standby Failover Example with FWSM Active-Active Failover Example 7-4: Managing Firewall Failover Displaying Information About Failover Debugging Failover Activity Manually Intervening in Failover 7-5: Upgrading Firewalls in Failover Mode Upgrading an Active-Standby Failover Pair Upgrading an Active-Active Failover Pair Chapter 8 Firewall Load Balancing 8-1: Firewall Load Balancing Overview 8-2: Firewall Load Balancing in Software IOS FWLB Configuration Notes IOS FWLB Configuration IOS Firewall Load-Balancing Example Displaying Information About IOS FWLB 8-3: Firewall Load Balancing in Hardware FWLB in Hardware Configuration Notes CSM FWLB Configuration CSM Firewall Load-Balancing Example Displaying Information About CSM FWLB 8-4: Firewall Load-Balancing Appliance CSS FWLB Configuration CSS Appliance Firewall Load-Balancing Example Displaying Information About CSS FWLB Chapter 9 Firewall Logging 9-1: Managing the Firewall Clock Setting the Clock Manually Setting the Clock with NTP 9-2: Generating Logging Messages Syslog Server Suggestions Logging Configuration Verifying Message Logging Activity Manually Testing Logging Message Generation 9-3: Fine-Tuning Logging Message Generation Pruning Messages Changing the Message Severity Level Access List Activity Logging 9-4: Analyzing Firewall Logs Chapter 10 Verifying Firewall Operation 10-1: Checking Firewall Vital Signs Using the Syslog Information Checking System Resources Checking Stateful Inspection Resources Checking Firewall Throughput Checking Inspection Engine and Service Policy Activity Checking Failover Operation Checking Firewall Interfaces 10-2: Watching Data Pass Through a Firewall Using Capture Using Debug Packet 10-3: Verifying Firewall Connectivity Step 1: Test with Ping Packets Step 2: Check the ARP Cache Step 3: Check the Routing Table Step 4: Use Traceroute to Verify the Forwarding Path Step 5: Check the Access Lists Step 6: Verify Address Translation Operation Step 7: Look for Active Shuns Step 8: Check User Authentication Step 9: See What Has Changed Chapter 11 Cisco IOS Firewall: Controlling Access 11-1: IOS Transparent Firewall Configuring a Transparent IOS Firewall 11-2: Configuring Network Address Translation NAT Operation Using Static Address Translations Using Dynamic Address Translations 11-3: Configuring IOS Firewall Stateful Inspection How CBAC Works Configuring CBAC Inspection CBAC Example Monitoring CBAC Operation 11-4: HTTP, Java, and URL Filtering Monitoring URL Filtering Chapter 12 Cisco IOS Firewall: Managing Activity 12-1: Synchronizing the IOS Firewall Clock Setting the Clock Manually Setting the Clock with NTP 12-2: Configuring IOS Firewall Logging Syslog Server Suggestions Logging Configuration IOS Firewall Logging Messages 12-3: Using Authentication Proxy to Manage User Access Configuring Authentication Proxy Authentication Proxy Example Chapter 13 Intrusion Detection System (IDS) Sensors 13-1: IDS Overview Cisco Embedded IDS Sensor Availability IDS Alarms 13-2: IDS Embedded Sensor Configuration Locating the Signature Definitions Using a Signature Update with an IOS IPS Sensor Configuring an Embedded IDS Sensor IDS Sensor Examples 13-3: Monitoring IDS Activity Verifying Syslog Operation Verifying Post Office Operation Verifying IDS Activity on a Router Sensor Verifying IDS Activity on a Firewall Sensor 13-4: IDS Sensor Signature List Appendix A Well-Known Protocol and Port Numbers A-1: IP Protocol Numbers A-2: ICMP Message Types A-3: IP Port Numbers Appendix B Security Appliance Logging Messages B-1: Alerts-Syslog Severity Level 1 Messages B-2: Critical-Syslog Severity Level 2 Messages B-3: Errors-Syslog Severity Level 3 Messages B-4: Warnings-Syslog Severity Level 4 Messages B-5: Notifications-Syslog Severity Level 5 Messages B-6: Informational-Syslog Severity Level 6 Messages B-7: Debugging-Syslog Severity Level 7 Messages