Cisco Networks

Engineers' Handbook of Routing, Switching, and Security with IOS, NX-OS, and ASA

Author: Chris Carthern,William Wilson,Noel Rivera,Richard Bedwell

Publisher: Apress

ISBN: 1484208595

Category: Computers

Page: 839

View: 1020

DOWNLOAD NOW »

This book is a concise one-stop desk reference and synopsis of basic knowledge and skills for Cisco certification prep. For beginning and experienced network engineers tasked with building LAN, WAN, and data center connections, this book lays out clear directions for installing, configuring, and troubleshooting networks with Cisco devices. The full range of certification topics is covered, including all aspects of IOS, NX-OS, and ASA software. The emphasis throughout is on solving the real-world challenges engineers face in configuring network devices, rather than on exhaustive descriptions of hardware features. This practical desk companion doubles as a comprehensive overview of the basic knowledge and skills needed by CCENT, CCNA, and CCNP exam takers. It distills a comprehensive library of cheat sheets, lab configurations, and advanced commands that the authors assembled as senior network engineers for the benefit of junior engineers they train, mentor on the job, and prepare for Cisco certification exams. Prior familiarity with Cisco routing and switching is desirable but not necessary, as Chris Carthern, Dr. Will Wilson, Noel Rivera, and Richard Bedwell start their book with a review of the basics of configuring routers and switches. All the more advanced chapters have labs and exercises to reinforce the concepts learned. This book differentiates itself from other Cisco books on the market by approaching network security from a hacker’s perspective. Not only does it provide network security recommendations but it teaches you how to use black-hat tools such as oclHashcat, Loki, Burp Suite, Scapy, Metasploit, and Kali to actually test the security concepts learned. Readers of Cisco Networks will learn How to configure Cisco switches, routers, and data center devices in typical corporate network architectures The skills and knowledge needed to pass Cisco CCENT, CCNA, and CCNP certification exams How to set up and configure at-home labs using virtual machines and lab exercises in the book to practice advanced Cisco commands How to implement networks of Cisco devices supporting WAN, LAN, and data center configurations How to implement secure network configurations and configure the Cisco ASA firewall How to use black-hat tools and network penetration techniques to test the security of your network

Cisco Networks

Engineers' Handbook of Routing, Switching, and Security with IOS, NX-OS, and ASA

Author: Christopher Carthern,William Wilson,Noel Rivera,Richard Bedwell

Publisher: Apress

ISBN: 9781484208601

Category: Computers

Page: 839

View: 8979

DOWNLOAD NOW »

This book is a concise one-stop desk reference and synopsis of basic knowledge and skills for Cisco certification prep. For beginning and experienced network engineers tasked with building LAN, WAN, and data center connections, this book lays out clear directions for installing, configuring, and troubleshooting networks with Cisco devices. The full range of certification topics is covered, including all aspects of IOS, NX-OS, and ASA software. The emphasis throughout is on solving the real-world challenges engineers face in configuring network devices, rather than on exhaustive descriptions of hardware features. This practical desk companion doubles as a comprehensive overview of the basic knowledge and skills needed by CCENT, CCNA, and CCNP exam takers. It distills a comprehensive library of cheat sheets, lab configurations, and advanced commands that the authors assembled as senior network engineers for the benefit of junior engineers they train, mentor on the job, and prepare for Cisco certification exams. Prior familiarity with Cisco routing and switching is desirable but not necessary, as Chris Carthern, Dr. Will Wilson, Noel Rivera, and Richard Bedwell start their book with a review of the basics of configuring routers and switches. All the more advanced chapters have labs and exercises to reinforce the concepts learned. This book differentiates itself from other Cisco books on the market by approaching network security from a hacker’s perspective. Not only does it provide network security recommendations but it teaches you how to use black-hat tools such as oclHashcat, Loki, Burp Suite, Scapy, Metasploit, and Kali to actually test the security concepts learned. Readers of Cisco Networks will learn How to configure Cisco switches, routers, and data center devices in typical corporate network architectures The skills and knowledge needed to pass Cisco CCENT, CCNA, and CCNP certification exams How to set up and configure at-home labs using virtual machines and lab exercises in the book to practice advanced Cisco commands How to implement networks of Cisco devices supporting WAN, LAN, and data center configurations How to implement secure network configurations and configure the Cisco ASA firewall How to use black-hat tools and network penetration techniques to test the security of your network

Cisco IOS in a Nutshell

A Desktop Quick Reference for IOS on IP Networks

Author: James Boney

Publisher: "O'Reilly Media, Inc."

ISBN: 9780596553111

Category: Computers

Page: 798

View: 4497

DOWNLOAD NOW »

Cisco routers are everywhere that networks are. They come in all sizes, from inexpensive units for homes and small offices to equipment costing well over $100,000 and capable of routing at gigabit speeds. A fixture in today's networks, Cisco claims roughly 70% of the router market, producing high-end switches, hubs, and other network hardware. One unifying thread runs through the product line: virtually all of Cisco's products run the Internetwork Operating System, or IOS. If you work with Cisco routers, it's likely that you deal with Cisco's IOS software--an extremely powerful and complex operating system, with an equally complex configuration language. With a cryptic command-line interface and thousands of commands--some of which mean different things in different situations--it doesn't have a reputation for being user-friendly. Fortunately, there's help. This second edition of Cisco IOS in a Nutshell consolidates the most important commands and features of IOS into a single, well-organized volume that you'll find refreshingly user-friendly. This handy, two-part reference covers IOS configuration for the TCP/IP protocol family. The first section includes chapters on the user interface, configuring lines and interfaces, access lists, routing protocols, and dial-on-demand routing and security. A brief, example-filled tutorial shows you how to accomplish common tasks. The second part is a classic O'Reilly quick reference to all the commands for working with TCP/IP and the lower-level protocols on which it relies. Brief descriptions and lists of options help you zero in on the commands you for the task at hand. Updated to cover Cisco IOS Software Major Release 12.3, this second edition includes lots of examples of the most common configuration steps for the routers themselves. It's a timely guide that any network administrator will come to rely on.

Cisco ISE for BYOD and Secure Unified Access

Author: Aaron Woland,Jamey Heary

Publisher: Cisco Press

ISBN: 0134586697

Category: Computers

Page: 912

View: 2258

DOWNLOAD NOW »

Fully updated: The complete guide to Cisco Identity Services Engine solutions Using Cisco Secure Access Architecture and Cisco Identity Services Engine, you can secure and gain control of access to your networks in a Bring Your Own Device (BYOD) world. This second edition of Cisco ISE for BYOD and Secure Unified Accesscontains more than eight brand-new chapters as well as extensively updated coverage of all the previous topics in the first edition book to reflect the latest technologies, features, and best practices of the ISE solution. It begins by reviewing today’s business case for identity solutions. Next, you walk through ISE foundational topics and ISE design. Then you explore how to build an access security policy using the building blocks of ISE. Next are the in-depth and advanced ISE configuration sections, followed by the troubleshooting and monitoring chapters. Finally, we go in depth on the new TACACS+ device administration solution that is new to ISE and to this second edition. With this book, you will gain an understanding of ISE configuration, such as identifying users, devices, and security posture; learn about Cisco Secure Access solutions; and master advanced techniques for securing access to networks, from dynamic segmentation to guest access and everything in between. Drawing on their cutting-edge experience supporting Cisco enterprise customers, the authors offer in-depth coverage of the complete lifecycle for all relevant ISE solutions, making this book a cornerstone resource whether you’re an architect, engineer, operator, or IT manager. · Review evolving security challenges associated with borderless networks, ubiquitous mobility, and consumerized IT · Understand Cisco Secure Access, the Identity Services Engine (ISE), and the building blocks of complete solutions · Design an ISE-enabled network, plan/distribute ISE functions, and prepare for rollout · Build context-aware security policies for network access, devices, accounting, and audit · Configure device profiles, visibility, endpoint posture assessments, and guest services · Implement secure guest lifecycle management, from WebAuth to sponsored guest access · Configure ISE, network access devices, and supplicants, step by step · Apply best practices to avoid the pitfalls of BYOD secure access · Set up efficient distributed ISE deployments · Provide remote access VPNs with ASA and Cisco ISE · Simplify administration with self-service onboarding and registration · Deploy security group access with Cisco TrustSec · Prepare for high availability and disaster scenarios · Implement passive identities via ISE-PIC and EZ Connect · Implement TACACS+ using ISE · Monitor, maintain, and troubleshoot ISE and your entire Secure Access system · Administer device AAA with Cisco IOS, WLC, and Nexus

Data Center Virtualization Fundamentals

Author: Gustavo Alessandro Andrade Santana

Publisher: Pearson Education

ISBN: 1587143240

Category: Computers

Page: 929

View: 1038

DOWNLOAD NOW »

Data Center Virtualization Fundamentals For many IT organizations, today''s greatest challenge is to drive more value, efficiency, and utilization from data centers. Virtualization is the best way to meet this challenge. Data Center Virtualization Fundamentals brings together the comprehensive knowledge Cisco professionals need to apply virtualization throughout their data center environments. Leading data center expert Gustavo A. A. Santana thoroughly explores all components of an end-to-end data center virtualization solution, including networking, storage, servers, operating systems, application optimization, and security. Rather than focusing on a single product or technology, he explores product capabilities as interoperable design tools that can be combined and integrated with other solutions, including VMware vSphere. With the author''s guidance, you''ll learn how to define and implement highly-efficient architectures for new, expanded, or retrofit data center projects. By doing so, you can deliver agile application provisioning without purchasing unnecessary infrastructure, and establish a strong foundation for new cloud computing and IT-as-a-service initiatives. Throughout, Santana illuminates key theoretical concepts through realistic use cases, real-world designs, illustrative configuration examples, and verification outputs. Appendixes provide valuable reference information, including relevant Cisco data center products and CLI principles for IOS and NX-OS. With this approach, Data Center Virtualization Fundamentals will be an indispensable resource for anyone preparing for the CCNA Data Center, CCNP Data Center, or CCIE Data Center certification exams. Gustavo A. A. Santana, CCIE� No. 8806, is a Cisco Technical Solutions Architect working in enterprise and service provider data center projects that require deep integration across technology areas such as networking, application optimization, storage, and servers. He has more than 15 years of data center experience, and has led and coordinated a team of specialized Cisco engineers in Brazil. He holds two CCIE certifications (Routing & Switching and Storage Networking), and is a VMware Certified Professional (VCP) and SNIA Certified Storage Networking Expert (SCSN-E). A frequent speaker at Cisco and data center industry events, he blogs on data center virtualization at gustavoaasantana.net. Learn how virtualization can transform and improve traditional data center network topologies Understand the key characteristics and value of each data center virtualization technology Walk through key decisions, and transform choices into architecture Smoothly migrate existing data centers toward greater virtualization Burst silos that have traditionally made data centers inefficient Master foundational technologies such as VLANs, VRF, and virtual contexts Use virtual PortChannel and FabricPath to overcome the limits of STP Optimize cabling and network management with fabric extender (FEX) virtualized chassis Extend Layer 2 domains to distant data center sites using MPLS and Overlay Transport Virtualization (OTV) Use VSANs to overcome Fibre Channel fabric challenges Improve SAN data protection, environment isolation, and scalability Consolidate I/O through Data Center Bridging and FCoE Use virtualization to radically simplify server environments Create server profiles that streamline "bare metal" server provisioning "Transcend the rack" through virtualized networking based on Nexus 1000V and VM-FEX Leverage opportunities to deploy virtual network services more efficiently Evolve data center virtualization toward full-fledged private clouds -Reviews - "The variety of material that Gustavo covers in this work would appeal to anyone responsible for Data Centers today. His grasp of virtualization technologies and ability to relate it in both technical and non-technical terms makes for compelling reading. This is not your ordinary tech manual. Through use of relatable visual cues, Gustavo provides information that is easily recalled on the subject of virtualization, reaching across Subject Matter Expertise domains. Whether you consider yourself well-versed or a novice on the topic, working in large or small environments, this work will provide a clear understanding of the diverse subject of virtualization." -- Bill Dufresne, CCIE 4375, Distinguished Systems Engineer, Cisco (Americas) "..this book is an essential reference and will be valuable asset for potential candi�dates pursuing their Cisco Data Center certifications. I am confident that in reading this book, individuals will inevitably gain extensive knowledge and hands-on experience dur�ing their certification preparations. If you''re looking for a truly comprehensive guide to virtualization, this is the one!" -- Yusuf Bhaiji, Senior Manager, Expert Certifications (CCIE, CCDE, CCAr), [email protected] "When one first looks at those classic Cisco Data Center blueprints, it is very common to become distracted with the overwhelming number of pieces and linkages. By creating a solid theoretical foundation and providing rich sets of companion examples to illustrate each concept, Gustavo''s book brings hope back to IT Professionals from different areas of expertise. Apparently complex topics are demystified and the insertion of products, mechanisms, protocols and technologies in the overall Data Center Architecture is clearly explained, thus enabling you to achieve robust designs and successful deployments. A must read... Definitely!" -- Alexandre M. S. P. Moraes, Consulting Systems Engineer -- Author of "Cisco Firewalls"

NX-OS and Cisco Nexus Switching

Next-Generation Data Center Architectures

Author: Ron Fuller,David Jansen,Matthew McPherson

Publisher: Cisco Press

ISBN: 0132883554

Category: Computers

Page: 864

View: 2919

DOWNLOAD NOW »

NX-OS and Cisco Nexus Switching Next-Generation Data Center Architectures Second Edition The complete guide to planning, configuring, managing, and troubleshooting NX-OS in the enterprise–updated with new technologies and examples Using Cisco Nexus switches and the NX-OS operating system, data center professionals can build unified core networks that deliver unprecedented scalability, resilience, operational continuity, flexibility, and performance. NX-OS and Cisco Nexus Switching, Second Edition, is the definitive guide to applying these breakthrough technologies in real-world environments. This extensively updated edition contains five new chapters addressing a wide range of new technologies, including FabricPath, OTV, IPv6, QoS, VSG, Multi-Hop FCoE, LISP, MPLS, Layer 3 on Nexus 5000, and Config sync. It also presents a start-to-finish, step-by-step case study of an enterprise customer who migrated from Cisco Catalyst to a Nexus-based architecture, illuminated with insights that are applicable in virtually any enterprise data center. Drawing on decades of experience with enterprise customers, the authors cover every facet of deploying, configuring, operating, and troubleshooting NX-OS in today’s data center. You’ll find updated best practices for high availability, virtualization, security, L2/L3 protocol and network support, multicast, serviceability, provision of networking and storage services, and more. Best of all, the authors present all the proven commands, sample configurations, and tips you need to apply these best practices in your data center. Ron Fuller, CCIE No. 5851 (Routing and Switching/Storage Networking), Technical Marketing Engineer on Cisco’s Nexus 7000 team, specializes in helping customers design end-to-end data center architectures. Ron has 21 years of industry experience, including 7 at Cisco. He has spoken at Cisco Live on VDCs, NX-OS multicast, and general design. David Jansen, CCIE No. 5952 (Routing/Switching), is a Cisco Technical Solutions Architect specializing in enterprise data center architecture. He has 20 years of industry experience, 15 of them at Cisco (6 as a solution architect); and has delivered several Cisco Live presentations on NX-OS and data center solutions. Matthew McPherson, senior systems engineer and solutions architect for the Cisco Central Select Operation, specializes in data center architectures. He has 12 years of experience working with service providers and large finance and manufacturing enterprises, and possesses deep technical knowledge of routing, switching, and security. Understand the NX-OS command line, virtualization features, and file system Utilize the NX-OS comprehensive Layer 2/Layer 3 support: vPC, Spanning Tree Protocol, Cisco FabricPath, EIGRP, OSPF, BGP, HSRP, GLBP, and VRRP Configure IP multicast with PIM, Auto-RP, and MSDP Secure your network with CTS, SGTs, ACLs, CoPP, and DAI Establish a trusted set of network devices with Cisco TrustSec Maximize availability with ISSU, stateful process restart/switchover, and non-stop forwarding Improve serviceability with SPAN, ERSPAN, configuration checkpoints/rollback, packet analysis, Smart Call Home, Python, and PoAP Unify storage and Ethernet fabrics with FCoE, NPV, and NPIV Take full advantage of Nexus 1000V in a virtualized environment Achieve superior QoS with MQ CLI, queuing, and marking Extend L2 networks across L3 infrastructure with Overlay Transport Virtualization (OTV) Deliver on SLAs by integrating MPLS application components such as L3 VPNs, traffic engineering, QoS, and mVPN Support mobility via the new Locator ID Separation Protocol (LISP) Walk step-by-step through a realistic Nexus and NX-OS data center migration

Programming and Automating Cisco Networks

A guide to network programmability and automation in the data center, campus, and WAN

Author: Ryan Tischer,Jason Gooley

Publisher: Cisco Press

ISBN: 0134436768

Category: Computers

Page: 368

View: 1437

DOWNLOAD NOW »

Improve operations and agility in any data center, campus, LAN, or WAN Today, the best way to stay in control of your network is to address devices programmatically and automate network interactions. In this book, Cisco experts Ryan Tischer and Jason Gooley show you how to do just that. You’ll learn how to use programmability and automation to solve business problems, reduce costs, promote agility and innovation, handle accelerating complexity, and add value in any data center, campus, LAN, or WAN. The authors show you how to create production solutions that run on or interact with Nexus NX-OS-based switches, Cisco ACI, Campus, and WAN technologies.You’ll learn how to use advanced Cisco tools together with industry-standard languages and platforms, including Python, JSON, and Linux. The authors demonstrate how to support dynamic application environments, tighten links between apps and infrastructure, and make DevOps work better. This book will be an indispensable resource for network and cloud designers, architects, DevOps engineers, security specialists, and every professional who wants to build or operate high-efficiency networks. Drive more value through programma­bility and automation, freeing resources for high-value innovation Move beyond error-prone, box-by-box network management Bridge management gaps arising from current operational models Write NX-OS software to run on, access, or extend your Nexus switch Master Cisco’s powerful on-box automation and operation tools Manage complex WANs with NetConf/Yang, ConfD, and Cisco SDN Controller Interact with and enhance Cisco Application Centric Infrastructure (ACI) Build self-service catalogs to accelerate application delivery Find resources for deepening your expertise in network automation

Router Security Strategies

Securing IP Network Traffic Planes

Author: Gregg Schudel,David Smith

Publisher: Pearson Education

ISBN: 9780132796736

Category: Computers

Page: 672

View: 3016

DOWNLOAD NOW »

Router Security Strategies: Securing IP Network Traffic Planes provides a compre-hensive approach to understand and implement IP traffic plane separation and protection on IP routers. This book details the distinct traffic planes of IP networks and the advanced techniques necessary to operationally secure them. This includes the data, control, management, and services planes that provide the infrastructure for IP networking. The first section provides a brief overview of the essential components of the Internet Protocol and IP networking. At the end of this section, you will understand the fundamental principles of defense in depth and breadth security as applied to IP traffic planes. Techniques to secure the IP data plane, IP control plane, IP management plane, and IP services plane are covered in detail in the second section. The final section provides case studies from both the enterprise network and the service provider network perspectives. In this way, the individual IP traffic plane security techniques reviewed in the second section of the book are brought together to help you create an integrated, comprehensive defense in depth and breadth security architecture. “Understanding and securing IP traffic planes are critical to the overall security posture of the IP infrastructure. The techniques detailed in this book provide protection and instrumentation enabling operators to understand and defend against attacks. As the vulnerability economy continues to mature, it is critical for both vendors and network providers to collaboratively deliver these protections to the IP infrastructure.” –Russell Smoak, Director, Technical Services, Security Intelligence Engineering, Cisco Gregg Schudel, CCIE® No. 9591, joined Cisco in 2000 as a consulting system engineer supporting the U.S. service provider organization. Gregg focuses on IP core network security architectures and technology for interexchange carriers and web services providers. David J. Smith, CCIE No. 1986, joined Cisco in 1995 and is a consulting system engineer supporting the service provider organization. David focuses on IP core and edge architectures including IP routing, MPLS technologies, QoS, infrastructure security, and network telemetry. Understand the operation of IP networks and routers Learn about the many threat models facing IP networks, Layer 2 Ethernet switching environments, and IPsec and MPLS VPN services Learn how to segment and protect each IP traffic plane by applying defense in depth and breadth principles Use security techniques such as ACLs, rate limiting, IP Options filtering, uRPF, QoS, RTBH, QPPB, and many others to protect the data plane of IP and switched Ethernet networks Secure the IP control plane with rACL, CoPP, GTSM, MD5, BGP and ICMP techniques and Layer 2 switched Ethernet-specific techniques Protect the IP management plane with password management, SNMP, SSH, NTP, AAA, as well as other VPN management, out-of-band management, and remote access management techniques Secure the IP services plane using recoloring, IP fragmentation control, MPLS label control, and other traffic classification and process control techniques This security book is part of the Cisco Press® Networking Technology Series. Security titles from Cisco Press help networking professionals secure critical data and resources, prevent and mitigate network attacks, and build end-to-end self-defending networks.

Network Warrior

Everything You Need to Know That Wasn't on the CCNA Exam

Author: Gary A. Donahue

Publisher: "O'Reilly Media, Inc."

ISBN: 1449309356

Category: Computers

Page: 788

View: 1996

DOWNLOAD NOW »

Pick up where certification exams leave off. With this practical, in-depth guide to the entire network infrastructure, you’ll learn how to deal with real Cisco networks, rather than the hypothetical situations presented on exams like the CCNA. Network Warrior takes you step by step through the world of routers, switches, firewalls, and other technologies based on the author's extensive field experience. You'll find new content for MPLS, IPv6, VoIP, and wireless in this completely revised second edition, along with examples of Cisco Nexus 5000 and 7000 switches throughout. Topics include: An in-depth view of routers and routing Switching, using Cisco Catalyst and Nexus switches as examples SOHO VoIP and SOHO wireless access point design and configuration Introduction to IPv6 with configuration examples Telecom technologies in the data-networking world, including T1, DS3, frame relay, and MPLS Security, firewall theory, and configuration, as well as ACL and authentication Quality of Service (QoS), with an emphasis on low-latency queuing (LLQ) IP address allocation, Network Time Protocol (NTP), and device failures

Cisco IOS Cookbook

Author: Kevin Dooley,Ian Brown

Publisher: "O'Reilly Media, Inc."

ISBN: 0596527225

Category: Computers

Page: 1207

View: 9349

DOWNLOAD NOW »

Thoroughly revised and expanded, this second edition adds sections on MPLS, Security, IPv6, and IP Mobility and presents solutions to the most common configuration problems.

PKI Uncovered

Certificate-Based Security Solutions for Next-Generation Networks

Author: Andre Karamanian,Francois Dessart,Srinivas Tenneti

Publisher: Pearson Education

ISBN: 9781587059308

Category: Computers

Page: 500

View: 9722

DOWNLOAD NOW »

The only complete guide to designing, implementing, and supporting state-of-the-art certificate-based identity solutions with PKI Layered approach is designed to help readers with widely diverse backgrounds quickly learn what they need to know Covers the entire PKI project lifecycle, making complex PKI architectures simple to understand and deploy Brings together theory and practice, including on-the-ground implementers' knowledge, insights, best practices, design choices, and troubleshooting details PKI Uncovered brings together all the techniques IT and security professionals need to apply PKI in any environment, no matter how complex or sophisticated. At the same time, it will help them gain a deep understanding of the foundations of certificate-based identity management. Its layered and modular approach helps readers quickly get the information they need to efficiently plan, design, deploy, manage, or troubleshoot any PKI environment. The authors begin by presenting the foundations of PKI, giving readers the theoretical background they need to understand its mechanisms. Next, they move to high-level design considerations, guiding readers in making the choices most suitable for their own environments. The authors share best practices and experiences drawn from production customer deployments of all types. They organize a series of design "modules" into hierarchical models which are then applied to comprehensive solutions. Readers will be introduced to the use of PKI in multiple environments, including Cisco router-based DMVPN, ASA, and 802.1X. The authors also cover recent innovations such as Cisco GET VPN. Throughout, troubleshooting sections help ensure smooth deployments and give readers an even deeper "under-the-hood" understanding of their implementations.

The Book of GNS3

Build Virtual Network Labs Using Cisco, Juniper, and More

Author: Jason C. Neumann

Publisher: No Starch Press

ISBN: 1593275544

Category: Computers

Page: 296

View: 2964

DOWNLOAD NOW »

Cisco LAN Switching Configuration Handbook

Author: Stephen McQuerry,David Jansen,David Hucaby

Publisher: Cisco Press

ISBN: 9781587140631

Category: Computers

Page: 360

View: 6670

DOWNLOAD NOW »

Cisco LAN Switching Configuration Handbook Second Edition A concise reference for implementing the most frequently used features of the Cisco Catalyst family of switches Steve McQuerry, CCIE® No. 6108 David Jansen, CCIE No. 5952 David Hucaby, CCIE No. 4594 Cisco LAN Switching Configuration Handbook, Second Edition, is a quick and portable reference guide to the most commonly used features that can be configured on Cisco® Catalyst® switches. Written to be used across all Catalyst IOS platforms, the book covers general use of Cisco IOS®, followed by a series of chapters that provide design and configuration guidelines. Each chapter starts with common design overviews and then describes the configuration of management features. Coverage includes Layer 2, Layer 3, multicast, high availability, and traffic management configurations. This book is organized by groups of common features, with sections marked by shaded tabs for quick reference. Information on each feature is presented in a concise format, with background, configuration, and example components. The format is organized for easy accessibility to commands and their proper usage, saving you hours of research time. From the first page, the authors zero in on quick facts, configuration steps, and explanations of configuration options in each Cisco Catalyst switch feature. The quick reference format allows you to easily locate just the information you need without having to search through thousands of pages of documentation, helping you get your switches up and running quickly and smoothly. Whether you are looking for a handy, portable reference to more easily configure Cisco Catalyst switches in the field, or you are preparing for CCNA®, CCNP®, or CCIE® certification, you will find Cisco LAN Switching Configuration Handbook, Second Edition, to be an essential resource. Steve McQuerry, CCIE No. 6108, is a technical solutions architect with Cisco focused on data center solutions. Steve works with enterprise customers in the midwestern United States to help them plan their data center architectures. David Jansen, CCIE No. 5952, is a technical solutions architect (TSA) with Cisco focused on Data Center Architectures at Cisco. David has more than 20 years of experience in the IT industry. David Hucaby, CCIE No. 4594, is a lead network engineer for the University of Kentucky, where he works with healthcare networks based on the Cisco Catalyst, ASA/PIX/FWSM security, and VPN product lines. Implement switched campus network designs Configure switch prompts, IP addresses, passwords, switch modules, file management, and administrative protocols Understand how Layer 3 interfaces are used in a switch Configure Ethernet, Fast Ethernet, Gigabit Ethernet, and EtherChannel interfaces Implement VLANs, trunking, and VTP Operate, configure, and tune Spanning Tree Protocol (STP) Handle multicast traffic and interact with multicast routers Streamline access to server and firewall farms with accelerated server load balancing Deploy broadcast suppression, user authentication, port security, and VLAN access lists Configure switch management features Implement QoS and high availability features Transport voice traffic with specialized voice gateway modules, inline power, and QoS features This book is part of the Networking Technology Series from Cisco Press®, which offers networking professionals valuable information for constructing efficient networks, understanding new technologies, and building successful careers.

IPv6 Security

Author: Scott Hogg,Eric Vyncke

Publisher: Pearson Education

ISBN: 9781587058363

Category: Computers

Page: 576

View: 9991

DOWNLOAD NOW »

IPv6 Security Protection measures for the next Internet Protocol As the world’s networks migrate to the IPv6 protocol, networking professionals need a clearer understanding of the security risks, threats, and challenges this transition presents. In IPv6 Security, two of the world’s leading Internet security practitioners review each potential security issue introduced by IPv6 networking and present today’s best solutions. IPv6 Security offers guidance for avoiding security problems prior to widespread IPv6 deployment. The book covers every component of today’s networks, identifying specific security deficiencies that occur within IPv6 environments and demonstrating how to combat them. The authors describe best practices for identifying and resolving weaknesses as you maintain a dual stack network. Then they describe the security mechanisms you need to implement as you migrate to an IPv6-only network. The authors survey the techniques hackers might use to try to breach your network, such as IPv6 network reconnaissance, address spoofing, traffic interception, denial of service, and tunnel injection. The authors also turn to Cisco® products and protection mechanisms. You learn how to use Cisco IOS® and ASA firewalls and ACLs to selectively filter IPv6 traffic. You also learn about securing hosts with Cisco Security Agent 6.0 and about securing a network with IOS routers and switches. Multiple examples are explained for Windows, Linux, FreeBSD, and Solaris hosts. The authors offer detailed examples that are consistent with today’s best practices and easy to adapt to virtually any IPv6 environment. Scott Hogg, CCIE® No. 5133, is Director of Advanced Technology Services at Global Technology Resources, Inc. (GTRI). He is responsible for setting the company’s technical direction and helping it create service offerings for emerging technologies such as IPv6. He is the Chair of the Rocky Mountain IPv6 Task Force. Eric Vyncke, Cisco Distinguished System Engineer, consults on security issues throughout Europe. He has 20 years’ experience in security and teaches security seminars as a guest professor at universities throughout Belgium. He also participates in the Internet Engineering Task Force (IETF) and has helped several organizations deploy IPv6 securely. Understand why IPv6 is already a latent threat in your IPv4-only network Plan ahead to avoid IPv6 security problems before widespread deployment Identify known areas of weakness in IPv6 security and the current state of attack tools and hacker skills Understand each high-level approach to securing IPv6 and learn when to use each Protect service provider networks, perimeters, LANs, and host/server connections Harden IPv6 network devices against attack Utilize IPsec in IPv6 environments Secure mobile IPv6 networks Secure transition mechanisms in use during the migration from IPv4 to IPv6 Monitor IPv6 security Understand the security implications of the IPv6 protocol, including issues related to ICMPv6 and the IPv6 header structure Protect your network against large-scale threats by using perimeter filtering techniques and service provider—focused security practices Understand the vulnerabilities that exist on IPv6 access networks and learn solutions for mitigating each This security book is part of the Cisco Press® Networking Technology Series. Security titles from Cisco Press help networking professionals secure critical data and resources, prevent and mitigate network attacks, and build end-to-end self-defending networks. Category: Networking: Security Covers: IPv6 Security

Cisco Networking All-in-One For Dummies

Author: Edward Tetz

Publisher: John Wiley & Sons

ISBN: 111813785X

Category: Computers

Page: 720

View: 6147

DOWNLOAD NOW »

A helpful guide on all things Cisco Do you wish that the complex topics of routers, switches, and networking could be presented in a simple, understandable presentation? With Cisco Networking All-in-One For Dummies, they are! This expansive reference is packed with all the information you need to learn to use Cisco routers and switches to develop and manage secure Cisco networks. This straightforward-by-fun guide offers expansive coverage of Cisco and breaks down intricate subjects such as networking, virtualization, and database technologies into easily digestible pieces. Drills down complex subjects concerning Cisco networking into easy-to-understand, straightforward coverage Shares best practices for utilizing Cisco switches and routers to implement, secure, and optimize Cisco networks Reviews Cisco networking solutions and products, securing Cisco networks, and optimizing Cisco networks Details how to design and implement Cisco networks Whether you're new to Cisco networking products and services or an experienced professional looking to refresh your knowledge about Cisco, this For Dummies guide provides you with the coverage, solutions, and best practices you need.

Cisco Cookbook

Author: Kevin Dooley,Ian Brown

Publisher: "O'Reilly Media, Inc."

ISBN: 9781449390952

Category: Computers

Page: 912

View: 1634

DOWNLOAD NOW »

While several publishers (including O'Reilly) supply excellent documentation of router features, the trick is knowing when, why, and how to use these features There are often many different ways to solve any given networking problem using Cisco devices, and some solutions are clearly more effective than others. The pressing question for a network engineer is which of the many potential solutions is the most appropriate for a particular situation. Once you have decided to use a particular feature, how should you implement it? Unfortunately, the documentation describing a particular command or feature frequently does very little to answer either of these questions.Everybody who has worked with Cisco routers for any length of time has had to ask their friends and co-workers for example router configuration files that show how to solve a common problem. A good working configuration example can often save huge amounts of time and frustration when implementing a feature that you've never used before. The Cisco Cookbook gathers hundreds of example router configurations all in one place.As the name suggests, Cisco Cookbook is organized as a series of recipes. Each recipe begins with a problem statement that describes a common situation that you might face. After each problem statement is a brief solution that shows a sample router configuration or script that you can use to resolve this particular problem. A discussion section then describes the solution, how it works, and when you should or should not use it. The chapters are organized by the feature or protocol discussed. If you are looking for information on a particular feature such as NAT, NTP or SNMP, you can turn to that chapter and find a variety of related recipes. Most chapters list basic problems first, and any unusual or complicated situations last.The Cisco Cookbook will quickly become your "go to" resource for researching and solving complex router configuration issues, saving you time and making your network more efficient. It covers: Router Configuration and File Management Router Management User Access and Privilege Levels TACACS+ IP Routing RIP EIGRP OSPF BGP Frame Relay Queueing and Congestion Tunnels and VPNs Dial Backup NTP and Time DLSw Router Interfaces and Media Simple Network Management Protocol Logging Access Lists DHCP NAT Hot Standby Router Protocol IP Multicast

Cisco Intelligent WAN (IWAN)

Author: Brad Edgeworth,David Prall,Jean Marc Barozet,Anthony Lockhart,Nir Ben-Dvora

Publisher: Cisco Press

ISBN: 0134423739

Category: Computers

Page: 740

View: 1488

DOWNLOAD NOW »

The complete guide to Cisco® IWAN: features, benefits, planning, and deployment Using Cisco Intelligent WAN (IWAN), businesses can deliver an uncompromised experience, security, and reliability to branch offices over any connection. Cisco IWAN simplifies WAN design, improves network responsiveness, and accelerates deployment of new services. Now, there’s an authoritative single-source guide to Cisco IWAN: all you need to understand it, design it, and deploy it for maximum value. In Cisco Intelligent WAN (IWAN), leading Cisco experts cover all key IWAN technologies and components, addressing issues ranging from visibility and provisioning to troubleshooting and optimization. They offer extensive practical guidance on migrating to IWAN from your existing WAN infrastructure. This guide will be indispensable for all experienced network professionals who support WANs, are deploying Cisco IWAN solutions, or use related technologies such as DMVPN or PfR. Deploy Hybrid WAN connectivity to increase WAN capacity and improve application performance Overlay DMVPN on WAN transport to simplify operations, gain transport independence, and improve VPN scalability Secure DMVPN tunnels and IWAN routers Use Application Recognition to support QoS, Performance Routing (PfR), and application visibility Improve application delivery and WAN efficiency via PfR Monitor hub, transit, and branch sites, traffic classes, and channels Add application-level visibility and per-application monitoring to IWAN routers Overcome latency and bandwidth inefficiencies that limit application performance Use Cisco WAAS to customize each location’s optimizations, application accelerations, and virtualization Smoothly integrate Cisco WAAS into branch office network infrastructure Ensure appropriate WAN application responsiveness and experience Improve SaaS application performance with Direct Internet Access (DIA) Perform pre-migration tasks, and prepare your current WAN for IWAN Migrate current point-to-point and multipoint technologies to IWAN

CCNA Security 210-260 Official Cert Guide

Exam 45 Official Cert GdePub

Author: Omar Santos,John Stuppi

Publisher: Cisco Press

ISBN: 0134077814

Category: Computers

Page: 700

View: 3546

DOWNLOAD NOW »

Trust the best selling Official Cert Guide series from Cisco Press to help you learn, prepare, and practice for exam success. They are built with the objective of providing assessment, review, and practice to help ensure you are fully prepared for your certification exam. --Master Cisco CCNA Security 210-260 Official Cert Guide exam topics --Assess your knowledge with chapter-opening quizzes --Review key concepts with exam preparation tasks This is the eBook edition of the CCNA Security 210-260 Official Cert Guide. This eBook does not include the companion CD-ROM with practice exam that comes with the print edition. CCNA Security 210-260 Official Cert Guide presents you with an organized test-preparation routine through the use of proven series elements and techniques. “Do I Know This Already?” quizzes open each chapter and enable you to decide how much time you need to spend on each section. Exam topic lists make referencing easy. Chapter-ending Exam Preparation Tasks help you drill on key concepts you must know thoroughly. CCNA Security 210-260 Official Cert Guide focuses specifically on the objectives for the Cisco CCNA Security exam. Networking Security experts Omar Santos and John Stuppi share preparation hints and test-taking tips, helping you identify areas of weakness and improve both your conceptual knowledge and hands-on skills. Material is presented in a concise manner, focusing on increasing your understanding and retention of exam topics. Well regarded for its level of detail, assessment features, comprehensive design scenarios, and challenging review questions and exercises, this official study guide helps you master the concepts and techniques that will enable you to succeed on the exam the first time. The official study guide helps you master all the topics on the CCNA Security exam, including --Networking security concepts --Common security threats --Implementing AAA using IOS and ISE --Bring Your Own Device (BYOD) --Fundamentals of VPN technology and cryptography --Fundamentals of IP security --Implementing IPsec site-to-site VPNs --Implementing SSL remote-access VPNs using Cisco ASA --Securing Layer 2 technologies --Network Foundation Protection (NFP) --Securing the management plane on Cisco IOS devices --Securing the data plane --Securing routing protocols and the control plane --Understanding firewall fundamentals --Implementing Cisco IOS zone-based firewalls --Configuring basic firewall policies on Cisco ASA --Cisco IPS fundamentals --Mitigation technologies for e-mail- and web-based threats --Mitigation technologies for endpoint threats CCNA Security 210-260 Official Cert Guide is part of a recommended learning path from Cisco that includes simulation and hands-on training from authorized Cisco Learning Partners and self-study products from Cisco Press. To find out more about instructor-led training, e-learning, and hands-on instruction offered by authorized Cisco Learning Partners worldwide, please visit http://www.cisco.com/web/learning/index.html.

CCNA Data Center DCICN 200-150 Official Cert Guide

Author: Chad Hintz,Cesar Obediente,Ozden Karakok

Publisher: Cisco Press

ISBN: 0134514769

Category: Computers

Page: 960

View: 2547

DOWNLOAD NOW »

This is the eBook of the printed book and may not include any media, website access codes, or print supplements that may come packaged with the bound book. CCNA Data Center DCICN 200-150 Official Cert Guide from Cisco Press allows you to succeed on the exam the first time and is the only self-study resource approved by Cisco. Cisco Data Center experts Chad Hintz, Cesar Obediente, and Ozden Karakok share preparation hints and test-taking tips, helping you identify areas of weakness and improve both your conceptual knowledge and hands-on skills. This complete study package includes A test-preparation routine proven to help you pass the exam Do I Know This Already? quizzes, which allows you to decide how much time you need to spend on each section Chapter-ending exercises, which help you drill on key concepts you must know thoroughly The powerful Pearson IT Certification Practice Test software complete with hundreds of well-reviewed, exam-realistic questions customization options, and detailed performance reports final preparation chapter, which guides you through tools and resources to help you craft your review and test-taking strategies Study plan suggestions and templates to help you organize and optimize your study time Well-regarded for its level of detail, study plans, assessment features, challenging review questions and exercises, this official study guide helps you master the concepts and techniques that ensure your exam success. The official study guide helps you master topics on the CCNA Data Center DCICN 200-150 exam, including the following: Nexus data center infrastructure and architecture Networking models, Ethernet LANs, and IPv4/IPv6 addressing/routing Data center Nexus switching and routing fundamentals Nexus switch installation and operation VLANs, trunking, STP, and Ethernet switching IPv4 and IPv6 subnetting IPv4 routing concepts, protocols, configuration, and access control Data center storage networking technologies and configurations

Network Security with Netflow and IPFIX

Big Data Analytics for Information Security

Author: Omar Santos

Publisher: Cisco Press

ISBN: 0134033523

Category: Computers

Page: 320

View: 5931

DOWNLOAD NOW »

A comprehensive guide for deploying, configuring, and troubleshooting NetFlow and learning big data analytics technologies for cyber security Today’s world of network security is full of cyber security vulnerabilities, incidents, breaches, and many headaches. Visibility into the network is an indispensable tool for network and security professionals and Cisco NetFlow creates an environment where network administrators and security professionals have the tools to understand who, what, when, where, and how network traffic is flowing. Network Security with NetFlow and IPFIX is a key resource for introducing yourself to and understanding the power behind the Cisco NetFlow solution. Omar Santos, a Cisco Product Security Incident Response Team (PSIRT) technical leader and author of numerous books including the CCNA Security 210-260 Official Cert Guide, details the importance of NetFlow and demonstrates how it can be used by large enterprises and small-to-medium-sized businesses to meet critical network challenges. This book also examines NetFlow’s potential as a powerful network security tool. Network Security with NetFlow and IPFIX explores everything you need to know to fully understand and implement the Cisco Cyber Threat Defense Solution. It also provides detailed configuration and troubleshooting guidance, sample configurations with depth analysis of design scenarios in every chapter, and detailed case studies with real-life scenarios. You can follow Omar on Twitter: @santosomar NetFlow and IPFIX basics Cisco NetFlow versions and features Cisco Flexible NetFlow NetFlow Commercial and Open Source Software Packages Big Data Analytics tools and technologies such as Hadoop, Flume, Kafka, Storm, Hive, HBase, Elasticsearch, Logstash, Kibana (ELK) Additional Telemetry Sources for Big Data Analytics for Cyber Security Understanding big data scalability Big data analytics in the Internet of everything Cisco Cyber Threat Defense and NetFlow Troubleshooting NetFlow Real-world case studies