Àâòîðèçàöèÿ
Ïîèñê ïî óêàçàòåëÿì
Frahim J., White D., Santos O. — Cisco Network Admission Control, Volume II: Deployment and Troubleshooting
Îáñóäèòå êíèãó íà íàó÷íîì ôîðóìå Íàøëè îïå÷àòêó?
Íàçâàíèå: Cisco Network Admission Control, Volume II: Deployment and TroubleshootingÀâòîðû: Frahim J., White D., Santos O.Àííîòàöèÿ: Secure the network edge with the premier book on NAC deployment and management
ßçûê: Ðóáðèêà: Òåõíîëîãèÿ /Ñòàòóñ ïðåäìåòíîãî óêàçàòåëÿ: Ãîòîâ óêàçàòåëü ñ íîìåðàìè ñòðàíèö ed2k: ed2k stats Ãîä èçäàíèÿ: 2006Êîëè÷åñòâî ñòðàíèö: 624Äîáàâëåíà â êàòàëîã: 11.12.2007Îïåðàöèè: Ïîëîæèòü íà ïîëêó |
Ñêîïèðîâàòü ññûëêó äëÿ ôîðóìà | Ñêîïèðîâàòü ID
Ïðåäìåòíûé óêàçàòåëü
5500 series Adaptive Security Appliances, NADs (Network Access Devices) 21 802.1X, disassociated wireless client 119 802.1X, wired clients., CTA Windows installation 35—42 802.1X, wired clients., troubleshooting 82 85—86 Access Control Server. See ACS Access-group Policy-ACL command 164 ACLs, Layer 3 NAC configuration 161—163 ACS (Access Control Server) 22. See also Cisco Secure Access Control Server ACS (Access Control Server), agentless hosts 298—299 ACS (Access Control Server), agentless hosts, Agentless Host for L3 299 ACS (Access Control Server), agentless hosts, configuration 300—305 ACS (Access Control Server), agentless hosts, NAC-L2--802.1X enabled networks 299—300 ACS (Access Control Server), configuration 248 ACS (Access Control Server), configuration, digital certificates 252—253 256—258 ACS (Access Control Server), configuration, global authentication protocols 259—262 ACS (Access Control Server), configuration, NADs (network access devices) 250—251 ACS (Access Control Server), configuration, NAPs (network access profiles) 262—264 ACS (Access Control Server), configuration, NDGs (Network Device Groups) 249—250 ACS (Access Control Server), configuration, RADIUS attributes 251—252 ACS (Access Control Server), event sending to CS-MARS 509 ACS (Access Control Server), event sending to CS-MARS, 802.1X NADs configuration 513—514 ACS (Access Control Server), event sending to CS-MARS, defining as reporting device 509—511 ACS (Access Control Server), event sending to CS-MARS, logging configuration 511—513 ACS (Access Control Server), event sending to CS-MARS, pnlog agent installation 514—517 ACS (Access Control Server), installation, post tasks 246—247 ACS (Access Control Server), installation, previous version upgrade 246 ACS (Access Control Server), installation, server system requirements 242—243 ACS (Access Control Server), installation, Windows 243—245 ACS (Access Control Server), large enterprise NAC configuration 463 ACS (Access Control Server), large enterprise NAC configuration, database replication 466—471 ACS (Access Control Server), large enterprise NAC configuration, NAC-L2--802.1X 464—466 ACS (Access Control Server), logging options 307 ACS (Access Control Server), logging options, failed attempts configuration 307—309 ACS (Access Control Server), logging options, passed authentications configuration 309—311 ACS (Access Control Server), logging options, RADIUS accounting logging 311—313 ACS (Access Control Server), NAFs (network access filters) 295—297 ACS (Access Control Server), NAPs (network access profiles) 286—288 ACS (Access Control Server), NAPs (network access profiles), Authentication policy 289—290 ACS (Access Control Server), NAPs (network access profiles), Authorization policy 294—295 ACS (Access Control Server), NAPs (network access profiles), Posture Validation policy 290—293 ACS (Access Control Server), NAPs (network access profiles), Protocols policy 288—289 ACS (Access Control Server), posture enforcement, downloadable IP ACLs 276—279 ACS (Access Control Server), posture enforcement, policy-based ACLs 281 ACS (Access Control Server), posture enforcement, RACs (RADIUS authorization components) 282—286 ACS (Access Control Server), posture enforcement, VLAN assignment 280—281 ACS (Access Control Server), posture validation 264—266 ACS (Access Control Server), posture validation, antivirus servers 274 ACS (Access Control Server), posture validation, audit servers 274 ACS (Access Control Server), posture validation, deleting rule 276 ACS (Access Control Server), posture validation, notification string 276 ACS (Access Control Server), posture validation, policies 266—267 270—272 ACS (Access Control Server), posture validation, rule cloning 275—276 ACS (Access Control Server), posture validation, rule ordering 275 ACS (Access Control Server), replication 313 ACS (Access Control Server), small business configuration 399—405 413—414 ACS (Access Control Server), troubleshooting, certificate issues 318 ACS (Access Control Server), troubleshooting, enabling service debug logging 314—317 ACS (Access Control Server), troubleshooting, invalid protocol data 317 ACS (Access Control Server), troubleshooting, RADIUS dictionary missing 318 ACS (Access Control Server), troubleshooting, RADIUS posture validation incorrect mapping 318 ACS (Access Control Server), user database 305—306 ACS (Access Control Server), vendor attributes 306 ACS dictionary, attribute definitions 61—62 Activity, Security Posture, NAC 530 Adaptive Security Appliances See ASA Address assignment, IPSec remote-access tunnels 186—187 Address assignment, security appliance configuration 218—219 Administrative Client, Cisco Secure Services, configuration 94—102 Administrative Client, Cisco Secure Services, installation 93—94 Agent kits, CSA (Cisco Security Agent) 333—336 Agentless hosts, ACS 298—299 Agentless hosts, ACS, Agentless Host for L3 299 Agentless hosts, ACS, configuration 300—305 Agentless hosts, ACS, NAC-L2--802.1X enabled networks 299—300 Agentless hosts, architecture 358—361 Agentless hosts, audit servers, configuration 361—374 Agentless hosts, CS-MARS reports 532—533 Agentless hosts, handling options, audit servers 357—358 Agentless hosts, handling options, MAC authentication bypass 356 Agentless hosts, handling options, NAD exception lists 355—356 Agentless hosts, monitoring, CS-ACS logs 376 Agentless hosts, monitoring, NADs 377—378 Agentless hosts, monitoring, QualysGuard Scanner Appliance 375—376 Altiris Quarantine solution, medium enterprise configuration 433—434 Altiris Quarantine solution, remediation solutions 381—384 Altiris Quarantine solution, remediation solutions, adding Notification Server 386 Altiris Quarantine solution, remediation solutions, exception policies 387 Altiris Quarantine solution, remediation solutions, importing attribute files 385 Altiris Quarantine solution, remediation solutions, Network Access Agent and Posture Plug-in 386—387 Altiris Quarantine solution, remediation solutions, Network Discovery 384 Altiris Quarantine solution, remediation solutions, posture policy on Notification Server 387—388 Analysis, NAC components 23—24 Antivirus policies, maintaining 492 Antivirus servers, ACS posture validation 274 Antivirus software, HCAP (Host Credential Authorization Protocol) 345—352 Antivirus software, posture plug-ins 344—345 Antivirus software, supported vendors 343 Architectures, agentless hosts 358—361 Architectures, CSA (Cisco Security Agent) 324—325 Architectures, CSA (Cisco Security Agent), CSA MC rule definitions 325—327 Architectures, CSA (Cisco Security Agent), global event correlation 327—328 Architectures, Layer 3 NAC 155—158 Architectures, NAC-L2--802.1X 139—141 Architectures, NAC-L2-IP 123—125 Architectures, security appliance 211—212 Architectures, VPN 3000 series concentrators 175 Architectures, VPN 3000 series concentrators, L2TP over IPSec clients 179—180 Architectures, VPN 3000 series concentrators, software clients 176—178 ASA (Adaptive Security Appliances) 21 211 ASA (Adaptive Security Appliances), 5500 series 21 ASA (Adaptive Security Appliances), architecture 211—212 ASA (Adaptive Security Appliances), configuration 212—213 ASA (Adaptive Security Appliances), configuration, NAC-related parameters 221—228 ASA (Adaptive Security Appliances), configuration, VPN 213—221 ASA (Adaptive Security Appliances), configuration, VPN client 221 ASA (Adaptive Security Appliances), event sending to CS-MARS 524 ASA (Adaptive Security Appliances), event sending to CS-MARS, configuring forward events 526—527 ASA (Adaptive Security Appliances), event sending to CS-MARS, defining reporting device 524—526 ASA (Adaptive Security Appliances), testing 229 ASA (Adaptive Security Appliances), testing, NAC session monitoring 235—238 ASA (Adaptive Security Appliances), testing, remote-access IPSec tunnel from agentless client 232—234 ASA (Adaptive Security Appliances), testing, remote-access IPSec tunnel from CTA client 234—235 ASA (Adaptive Security Appliances), testing, remote-access IPSec tunnel without NAC 230—232 Attribute files, Altiris 385 Audit servers, ACS posture validation 274 Audit servers, configuration 361 Audit servers, configuration, configuring QualysGuard Scanner Appliance 363—366 Audit servers, configuration, CS-ACS server configuration 366—374 Audit servers, configuration, QualysGuard Scanner Appliance installation 362—363 Audit servers, medium enterprise configuration 432—433 Audit servers, NAP setup 370 Audits servers, agentless hosts, handling options 357—358 Authentication bypass, agentless host handling 356 Authentication policy, ACS NAPs 289—290 Authentication, Layer 3 NAC configuration 159—160 Authentication, users, IPSec remote-access tunnels 183—185 Authentication, users, security appliance configuration 217 Authorization policy, ACS NAPs 294—295 Best practices, CSA MC management 489—491 Best practices, maintaining policies 491 Best practices, maintaining policies, antivirus 492 Best practices, maintaining policies, operating system 491—492 Best practices, maintaining policies, remediation servers 492 Best practices, NAC deployment 481—482 Best practices, NAC deployment, final deployment strategy 487—488 Best practices, NAC deployment, initial tuning 486 Best practices, NAC deployment, lab testing 483—485 Best practices, NAC deployment, pilot site 486 Best practices, NAC deployment, readiness assessment 482—483 Best practices, NAC deployment, test plans 485 Best practices, NAC deployment, user assessment 483 Best practices, provisioning software to client machines 488—489 Best practices, technical support 492—493 Best practices, training and education 493 Best practices, training and education, end-user 493—494 Best practices, training and education, engineering staff 494 Best practices, training and education, help desk staff 494 Branch offces, large enterprise network topology 454—456 Brokers, CTA (Cisco Trust Agent) 12 Business requirements, medium enterprise 424—425 CA certificates, CTA lab environment deployment 46 CA certificates, CTA lab environment deployment, Linux 47 CA certificates, CTA lab environment deployment, Mac 47 CA certificates, CTA lab environment deployment, post installation tasks 47 CA certificates, CTA lab environment deployment, Windows 46—47 Call centers, headquarter network topology 458 Catalyst switches, NADs (Network Access Devices) 17—20 CatOS (Cisco Catalyst switch) 130 CatOS (Cisco Catalyst switch), medium enterprise configuration 427—430 CatOS (Cisco Catalyst switch), NAC-L2--802.1X configuration 144 CatOS (Cisco Catalyst switch), NAC-L2-IP configuration 130—132 Cisco 5500 series Adaptive Security Appliances NADs (Network Access Devices) 21 Cisco Adaptive Security Appliances See ASA Cisco Catalyst switch See CatOS Cisco Easy VPN Client, VPN configuration 189—192 221 Cisco IOS routers, NADs (Network Access Devices) 16—17 Cisco IOS, NAC-L2--802.1X configuration 142—144 Cisco IOS, NAC-L2-IP configuration 126—129 Cisco IOS, router report to CS-MARS 499—500 Cisco IOS, router report to CS-MARS, defining as reporting device 500—502 Cisco IOS, router report to CS-MARS, forward events configuration 502—504 Cisco Network Admission Control, Volume I 5 18 30 Cisco PIX Security Appliances See PIX Security Appliances Cisco Secure Access Control Server 241—242. See also ACS Cisco Secure Access Control Server, agentless hosts 298—299 Cisco Secure Access Control Server, agentless hosts, Agentless Host for L3 299 Cisco Secure Access Control Server, agentless hosts, configuration 300—305 Cisco Secure Access Control Server, agentless hosts, NAC-L2--802.1X enabled networks 299—300 Cisco Secure Access Control Server, configuration 248 Cisco Secure Access Control Server, configuration, digital certificates 252—253 256—258 Cisco Secure Access Control Server, configuration, global authentication protocols 259—262 Cisco Secure Access Control Server, configuration, NADs (network access devices) 250—251 Cisco Secure Access Control Server, configuration, NAPs (network access profiles) 262—264 Cisco Secure Access Control Server, configuration, NDGs (Network Device Groups) 249—250 Cisco Secure Access Control Server, configuration, RADIUS attributes 251—252 Cisco Secure Access Control Server, HCAP (Host Credential Authorization Protocol) 346—352 Cisco Secure Access Control Server, installation, post tasks 246—247 Cisco Secure Access Control Server, installation, previous version upgrade 246 Cisco Secure Access Control Server, installation, server system requirements 242—243 Cisco Secure Access Control Server, installation, Windows 243—245 Cisco Secure Access Control Server, logging options 307 Cisco Secure Access Control Server, logging options, failed attempts configuration 307—309 Cisco Secure Access Control Server, logging options, passed authentications configuration 309—311 Cisco Secure Access Control Server, logging options, RADIUS accounting logging 311—313 Cisco Secure Access Control Server, medium enterprise configuration 435 Cisco Secure Access Control Server, medium enterprise configuration, ADF file import 435 Cisco Secure Access Control Server, medium enterprise configuration, Altiris server setup 438 Cisco Secure Access Control Server, medium enterprise configuration, authorization rules 442—443 Cisco Secure Access Control Server, medium enterprise configuration, external antivirus policy server 437—438 Cisco Secure Access Control Server, medium enterprise configuration, network access filter configuration 435—436 Cisco Secure Access Control Server, medium enterprise configuration, posture-validation policies 436—437 Cisco Secure Access Control Server, medium enterprise configuration, posture-validation rules 441—442 Cisco Secure Access Control Server, medium enterprise configuration, QualysGuard Scanner setup 438—439 Cisco Secure Access Control Server, medium enterprise configuration, shared components profile 439—441 Cisco Secure Access Control Server, NAFs (network access filters) 295—297 Cisco Secure Access Control Server, NAPs (network access profiles) 286—288 Cisco Secure Access Control Server, NAPs (network access profiles), Authentication policy 289—290 Cisco Secure Access Control Server, NAPs (network access profiles), Authorization policy 294—295 Cisco Secure Access Control Server, NAPs (network access profiles), Posture Validation policy 290—293 Cisco Secure Access Control Server, NAPs (network access profiles), Protocols policy 288—289 Cisco Secure Access Control Server, posture enforcement, downloadable IP ACLs 276—279 Cisco Secure Access Control Server, posture enforcement, policy-based ACLs 281 Cisco Secure Access Control Server, posture enforcement, RACs (RADIUS authorization components) 282—286 Cisco Secure Access Control Server, posture enforcement, VLAN assignment 280—281 Cisco Secure Access Control Server, posture validation 264—266 Cisco Secure Access Control Server, posture validation, antivirus servers 274 Cisco Secure Access Control Server, posture validation, audit servers 274 Cisco Secure Access Control Server, posture validation, deleting rule 276 Cisco Secure Access Control Server, posture validation, notification string 276 Cisco Secure Access Control Server, posture validation, policies 266—267 270—272 Cisco Secure Access Control Server, posture validation, rule cloning 275—276 Cisco Secure Access Control Server, posture validation, rule ordering 275 Cisco Secure Access Control Server, replication 313 Cisco Secure Access Control Server, troubleshooting, certificate issues 318 Cisco Secure Access Control Server, troubleshooting, enabling service debug logging 314—317 Cisco Secure Access Control Server, troubleshooting, invalid protocol data 317 Cisco Secure Access Control Server, troubleshooting, RADIUS dictionary missing 318 Cisco Secure Access Control Server, troubleshooting, RADIUS posture validation incorrect mapping 318 Cisco Secure Access Control Server, user database 305—306 Cisco Secure Access Control Server, vendor attributes 306 Cisco Secure Services Client 91—92 Cisco Secure Services Client, current status viewing 113—114 Cisco Secure Services Client, deployment, creating license file 111 Cisco Secure Services Client, deployment, End-User Client 103—113 Cisco Secure Services Client, installation 92 Cisco Secure Services Client, installation, Administrative Client 93—94 Cisco Secure Services Client, installation, configuring Administrative Client 94—102 Cisco Secure Services Client, installation, system requirements 93 Cisco Secure Services Client, troubleshooting, disassociated wireless client 119 Cisco Secure Services Client, troubleshooting, GUI does not start 118 Cisco Secure Services Client, troubleshooting, icon in system tray 118 Cisco Secure Services Client, troubleshooting, password prompt 119 Cisco Secure Services Client, troubleshooting, suspended client 119 Cisco Secure Services Client, troubleshooting, System Report Utility 115—117 Cisco Secure Services Client, troubleshooting, viewing client log 117 Cisco Secure Services Client, WZC (Windows Wireless Zero configuration) 115 Cisco Security Agent 324. See CSA Cisco Security Agent Management Center See CSA MC Cisco Security Monitoring, Analysis, and Response System See CS-MARS Cisco Trust Agent See CTA Cisco VPN 3000 series concentrators See VPN 3000 series concentrators Cisco Web site 12 Clear eou command 135 Clientless hosts, Layer 3 NAC configuration 165—166 Clients logs, troubleshooting Cisco Secure Services Client 117 Clients, end-user, small business configuration 405—406 Clients, provisioning software 488—489 Clients, VPN 3000 series concentrators 176—178 Clogcli utility, CTA logging 68—69 Commands, Layer 3 NAC monitoring 168—169 Communications, CTA (Cisco Trust Agent) 12 Communications, troubleshooting CTA (Cisco Trust Agent) 78—79 Components, NAC (Network Admissions Control), analysis 23—24 Components, NAC (Network Admissions Control), Cisco Secure Access Control Server 22 Components, NAC (Network Admissions Control), CSA (Cisco Security Agent) 14—15 Components, NAC (Network Admissions Control), CTA (Cisco Trust Agent) 12—14 Components, NAC (Network Admissions Control), monitoring 23—24 Components, NAC (Network Admissions Control), NADs (Network Access Devices) 15—22 Components, NAC (Network Admissions Control), reporting 23—24 Computer Associates, supported antivirus vendors 343 Conference center, headquarter network topology 459 Configuration, ACS 248 Configuration, ACS, agentless host policy 300—305 Configuration, ACS, digital certificates 252—253 256—258 Configuration, ACS, global authentication protocols 259—262 Configuration, ACS, NADs (network access devices) 250—251 Configuration, ACS, NAPs (network access profiles) 262—264 Configuration, ACS, NDGs (Network Device Groups) 249—250 Configuration, ACS, RADIUS attributes 251—252 Configuration, audit servers 361 Configuration, audit servers, configuring QualysGuard Scanner Appliance 363—366 Configuration, audit servers, CS-ACS server configuration 366—374 Configuration, audit servers, QualysGuard Scanner Appliance installation 362—363 Configuration, Cisco Secure Services 92 Configuration, Cisco Secure Services, Administrative Client 93—102 Configuration, Cisco Secure Services, system requirements 93 Configuration, CSA (Cisco Security Agent) 331 Configuration, CSA (Cisco Security Agent), agent kits 333—336 Configuration, CSA (Cisco Security Agent), creating groups 331—333 Configuration, CSA (Cisco Security Agent), NAC Posture changes 336—338
Ðåêëàìà
|
|
Î ïðîåêòå