Àâòîðèçàöèÿ
Ïîèñê ïî óêàçàòåëÿì
Frahim J., White D., Santos O. — Cisco Network Admission Control, Volume II: Deployment and Troubleshooting
Îáñóäèòå êíèãó íà íàó÷íîì ôîðóìå Íàøëè îïå÷àòêó?
Íàçâàíèå: Cisco Network Admission Control, Volume II: Deployment and TroubleshootingÀâòîðû: Frahim J., White D., Santos O.Àííîòàöèÿ: Secure the network edge with the premier book on NAC deployment and management
ßçûê: Ðóáðèêà: Òåõíîëîãèÿ /Ñòàòóñ ïðåäìåòíîãî óêàçàòåëÿ: Ãîòîâ óêàçàòåëü ñ íîìåðàìè ñòðàíèö ed2k: ed2k stats Ãîä èçäàíèÿ: 2006Êîëè÷åñòâî ñòðàíèö: 624Äîáàâëåíà â êàòàëîã: 11.12.2007Îïåðàöèè: Ïîëîæèòü íà ïîëêó |
Ñêîïèðîâàòü ññûëêó äëÿ ôîðóìà | Ñêîïèðîâàòü ID
Ïðåäìåòíûé óêàçàòåëü
Configuration, large enterprise NAC 463 Configuration, large enterprise NAC, ACS 463—471 Configuration, large enterprise NAC, end-user clients 472 Configuration, large enterprise NAC, switches 472 Configuration, Layer 3 NAC 158—159 Configuration, Layer 3 NAC, AAA authentication 159—160 Configuration, Layer 3 NAC, clientless host parameters 165—166 Configuration, Layer 3 NAC, defining RADIUS server 160—161 Configuration, Layer 3 NAC, exception policies 163—165 Configuration, Layer 3 NAC, intercept ACLs 162—163 Configuration, Layer 3 NAC, interface ACL 161—162 Configuration, Layer 3 NAC, optimizing parameters 166—168 Configuration, Layer 3 NAC, parameters 162 Configuration, NAC for small business 399 Configuration, NAC for small business, Cisco Secure ACS 399—405 Configuration, NAC for small business, end-user clients 405—406 Configuration, NAC for small business, switches 406—410 Configuration, NAC for small business, web server 411 Configuration, NAC-L2--802.1X, CatOS 144 Configuration, NAC-L2--802.1X, Cisco IOS 142—144 Configuration, NAC-L2--802.1X, wireless access points 147—150 Configuration, NAC-L2-IP, CatOS 130—132 Configuration, NAC-L2-IP, Cisco IOS 126—129 Configuration, NAC-L2-IP, nonresponsive hosts 132—133 Configuration, security appliance 212—213 Configuration, security appliance, NAC-related parameters 221—228 Configuration, security appliance, VPN 213—221 Configuration, security appliance, VPN client 221 Configuration, VPN 3000 series concentrators 181 Configuration, VPN 3000 series concentrators, Cisco Easy VPN Client 189—192 Configuration, VPN 3000 series concentrators, NAC-related parameters 193—200 Configuration, VPN 3000 series concentrators, VPN configuration 182—189 Configuration, WZC (Windows Wireless Zero configuration) 115 CS-ACS (Cisco Secure Access Control Server) 181 CS-ACS (Cisco Secure Access Control Server), BPN 3000 series concentrators user authentication 181 CS-ACS (Cisco Secure Access Control Server), configuration 366—367 CS-ACS (Cisco Secure Access Control Server), configuration, defining QualysGuard Scanner Appliance 368—369 CS-ACS (Cisco Secure Access Control Server), configuration, loading ADF 367 CS-ACS (Cisco Secure Access Control Server), configuration, NAP audit server setup 370 CS-ACS (Cisco Secure Access Control Server), configuration, NAP authorization policy 373 CS-ACS (Cisco Secure Access Control Server), configuration, QualysGuard root certificate 373—374 CS-ACS (Cisco Secure Access Control Server), configuration, shared profile configuration 371—372 CS-ACS (Cisco Secure Access Control Server), monitoring logs 376 CS-MARS (Cisco Security Monitoring, Analysis, and Response System) 497 CS-MARS (Cisco Security Monitoring, Analysis, and Response System), ACS event sending configuration 509 CS-MARS (Cisco Security Monitoring, Analysis, and Response System), ACS event sending configuration, 802.1X NADs configuration 513—514 CS-MARS (Cisco Security Monitoring, Analysis, and Response System), ACS event sending configuration, defining as reporting device 509—511 CS-MARS (Cisco Security Monitoring, Analysis, and Response System), ACS event sending configuration, logging configuration 511—513 CS-MARS (Cisco Security Monitoring, Analysis, and Response System), ACS event sending configuration, pnlog agent installation 514—517 CS-MARS (Cisco Security Monitoring, Analysis, and Response System), ASA (Adaptive Security Appliance) 524 CS-MARS (Cisco Security Monitoring, Analysis, and Response System), ASA (Adaptive Security Appliance), configuring forward events 526—527 CS-MARS (Cisco Security Monitoring, Analysis, and Response System), ASA (Adaptive Security Appliance), defining reporting device 524—526 CS-MARS (Cisco Security Monitoring, Analysis, and Response System), basics 497—499 CS-MARS (Cisco Security Monitoring, Analysis, and Response System), Cisco IOS router setup 499—500 CS-MARS (Cisco Security Monitoring, Analysis, and Response System), Cisco IOS router setup, defining as reporting device 500—502 CS-MARS (Cisco Security Monitoring, Analysis, and Response System), Cisco IOS router setup, forward events configuration 502—504 CS-MARS (Cisco Security Monitoring, Analysis, and Response System), CSA event sending configuration 518 CS-MARS (Cisco Security Monitoring, Analysis, and Response System), CSA event sending configuration, defining as reporting device 518—520 CS-MARS (Cisco Security Monitoring, Analysis, and Response System), CSA event sending configuration, forward event configuration 520—521 CS-MARS (Cisco Security Monitoring, Analysis, and Response System), generating reports 528—529 CS-MARS (Cisco Security Monitoring, Analysis, and Response System), generating reports, agentless hosts 532—533 CS-MARS (Cisco Security Monitoring, Analysis, and Response System), generating reports, scheduling 533—534 CS-MARS (Cisco Security Monitoring, Analysis, and Response System), generating reports, top hosts 531 CS-MARS (Cisco Security Monitoring, Analysis, and Response System), generating reports, top tokens 530 CS-MARS (Cisco Security Monitoring, Analysis, and Response System), PIX 524 CS-MARS (Cisco Security Monitoring, Analysis, and Response System), PIX, configuring forward events 526—527 CS-MARS (Cisco Security Monitoring, Analysis, and Response System), PIX, defining reporting device 524—526 CS-MARS (Cisco Security Monitoring, Analysis, and Response System), QualysGuard 527—528 CS-MARS (Cisco Security Monitoring, Analysis, and Response System), switch setup 504 CS-MARS (Cisco Security Monitoring, Analysis, and Response System), switch setup, defining as reporting device 505—507 CS-MARS (Cisco Security Monitoring, Analysis, and Response System), switch setup, forward events configuration 508—509 CS-MARS (Cisco Security Monitoring, Analysis, and Response System), troubleshooting, monitored device discovery 537 CS-MARS (Cisco Security Monitoring, Analysis, and Response System), troubleshooting, specific device events not showing 535—536 CS-MARS (Cisco Security Monitoring, Analysis, and Response System), troubleshooting, unknown reporting device events showing 536—537 CS-MARS (Cisco Security Monitoring, Analysis, and Response System), VPN 3000 concentrators 521 CS-MARS (Cisco Security Monitoring, Analysis, and Response System), VPN 3000 concentrators, defining as reporting device 521—522 CS-MARS (Cisco Security Monitoring, Analysis, and Response System), VPN 3000 concentrators, forward event configuration 523—524 CSA (Cisco Security Agent) 14—15 323--324 CSA (Cisco Security Agent), architecture 324—325 CSA (Cisco Security Agent), architecture, CSA MC rule definitions 325—327 CSA (Cisco Security Agent), architecture, global event correlation 327—328 CSA (Cisco Security Agent), configuring features 331 CSA (Cisco Security Agent), configuring features, agent kits 333—336 CSA (Cisco Security Agent), configuring features, creating groups 331—333 CSA (Cisco Security Agent), configuring features, NAC Posture changes 336—338 CSA (Cisco Security Agent), CSA MC installation 328—331 CSA (Cisco Security Agent), event sending to CS-MARS 518 CSA (Cisco Security Agent), event sending to CS-MARS defining as reporting device 518—520 CSA (Cisco Security Agent), event sending to CS-MARS forward event configuration 520—521 CSA MC (Cisco Security Agent Management Center) 15 323 CSA MC (Cisco Security Agent Management Center), architecture 324—325 CSA MC (Cisco Security Agent Management Center), architecture, global event correlation 327—328 CSA MC (Cisco Security Agent Management Center), architecture, rule definitions 325—327 CSA MC (Cisco Security Agent Management Center), installation 328—331 CSA MC (Cisco Security Agent Management Center), management 489—491 CSA-MC, medium enterprise configuration 443 CTA (Cisco Trust Agent) 12—14 29—30 331 CTA (Cisco Trust Agent), ctad.ini file 48—49 55—56 CTA (Cisco Trust Agent), deployment 30—31 CTA (Cisco Trust Agent), deployment, installation packages 32—34 CTA (Cisco Trust Agent), deployment, lab environment 34—47 CTA (Cisco Trust Agent), deployment, minimum system requirements 32 CTA (Cisco Trust Agent), deployment, operating systems 31—32 CTA (Cisco Trust Agent), deployment, production networks 70—77 CTA (Cisco Trust Agent), logging service 63—64 CTA (Cisco Trust Agent), logging service, clogcli utility 68—69 CTA (Cisco Trust Agent), logging service, ctalogd.ini file creation 64—68 CTA (Cisco Trust Agent), posture plug-ins 344—345 CTA (Cisco Trust Agent), Scripting Interface 57 CTA (Cisco Trust Agent), Scripting Interface, executing 62—63 CTA (Cisco Trust Agent), Scripting Interface, use requirements 58—62 CTA (Cisco Trust Agent), troubleshooting, 802.1X wired client 82 85—86 CTA (Cisco Trust Agent), troubleshooting, communication 78—79 CTA (Cisco Trust Agent), troubleshooting, disconnected client 87 CTA (Cisco Trust Agent), troubleshooting, installation 77—78 CTA (Cisco Trust Agent), troubleshooting, posture token validation 81—82 CTA (Cisco Trust Agent), troubleshooting, system logs 80—81 CTA (Cisco Trust Agent), user notifications 48 CTA (Cisco Trust Agent), wired client comparison to Cisco Secure Services Client 91 ctad.ini files, CTA (Cisco Trust Agent) 48—51 55—56 ctalogd.ini files, creating 64—68 Data center, headquarter network topology 460 Database replication, large enterprise NAC configuration 466—471 Debug commands, troubleshooting, large enterprise NAC 474 Debug commands, troubleshooting, NAC-L2-IP 137—139 Debug eou all command 170—171 Deployment, Cisco Secure Services, creating license file 111 Deployment, Cisco Secure Services, End-User Client 103—113 Deployment, CTA (Cisco Trust Agent) 30—31 Deployment, CTA (Cisco Trust Agent), installation packages 32—34 Deployment, CTA (Cisco Trust Agent), lab environment 34—47 Deployment, CTA (Cisco Trust Agent), minimum system requirements 32 Deployment, CTA (Cisco Trust Agent), operating systems 31—32 Deployment, CTA (Cisco Trust Agent), production networks 70—77 Deployment, NAC in medium enterprise 419—421 Deployment, NAC in medium enterprise, management network 422—423 Deployment, NAC in medium enterprise, quarantine network 423 Deployment, NAC in medium enterprise, user network 421 Deployment, phases, final strategy 487—488 Device authorize command 163—164 Digital certificates, ACS configuration 252—253 256—258 Downloadable IP ACLs, ACS posture enforcement 276—279 Dynamic crypto maps, security appliance configuration 220 Dynamic Link Library Files, posture plug-in 344 Education, best practices 493 Education, best practices, end-user 493—494 Education, best practices, engineering staff 494 Education, best practices, help desk staff 494 End-User Client, Cisco Secure Services, creating configuration files 103—111 End-User Client, Cisco Secure Services, deployment 112—113 End-User Client, Cisco Secure Services, prerequisites 103 End-user clients, large enterprise NAC configuration 472 End-user clients, medium enterprise configuration 443 End-user clients, small business configuration 405—406 End-user clients, training best practices 493—494 Enforcement actions, large enterprise business requirements 453 Engineering staff, training best practices 494 Engineering, headquarter network topology 459 eou allow clientless command 165 eou allow ip-station-id command 162 359 500 eou clientless password command 166 eou clientless username command 166 eou default command 168 eou logging command 170 EoU logging, troubleshooting, NAC-L2-IP 136—137 eou max-retry 2 command 167 eou port command 167 eou rate-limit command 168 ETrust AntiVirus 343 ETrust Patrol 343 Exception lists, NAD, agentless hosts 355—356 Exception lists, security appliance configuration 228 Exception lists, security appliances 212 Exception policies, Altiris remediation 387 Exception policies, Layer 3 NAC configuration 163—165 Exceptions list, VPN 3000 series concentrators 194—198 External antivirus policy servers, Cisco Secure ACS 346—352 External groups 182 External groups, finance, headquarter network topology 459 GAME protocol (Generic Authorization Message Exchange protocol) 11 Generic Authorization Message Exchange protocol (GAME protocol) 11 Global authentication protocols, ACS configuration 259—262 Global parameters, NAC, VPN 3000 series concentrators 193 Groups, CSA (Cisco Security Agent) 331—333 Groups, IPSec remote-access tunnels 182 GUI, troubleshooting Cisco Secure Services Client 118 HCAP (Host Credential Authorization Protocol) 345—352 Headquarters, large enterprise network topology 457—458 Headquarters, large enterprise network topology, call center 458 Headquarters, large enterprise network topology, conference center 459 Headquarters, large enterprise network topology, data center 460 Headquarters, large enterprise network topology, engineering 459 Headquarters, large enterprise network topology, finance 459 Headquarters, large enterprise network topology, human resources 459 Headquarters, large enterprise network topology, remote access VPNs 460 Headquarters, large enterprise network topology, sales department 459 Headquarters, large enterprise network topology, VLAN assignment 461—463 Help desk staff, training best practices 494 Host Credential Authorization Protocol (HCAP) 345—352 Human resources, headquarter network topology 459 Identity policy command 164 Identity profile eapoudp command 163 IEEE 802.1X 30 inf files, CTA Scripting Interface 60—62 Information Files, posture plug-in 344 Installation, ACS, post tasks 246—247 Installation, ACS, previous version upgrade 246 Installation, ACS, server system requirements 242—243 Installation, ACS, Windows 243—245 Installation, Cisco Secure Services 92 Installation, Cisco Secure Services, Administrative Client 93—94 Installation, Cisco Secure Services, configuring Administrative Client 94—102 Installation, Cisco Secure Services, system requirements 93 Installation, CSA MC 328—331 Installation, CTA (Cisco Trust Agent), packages 32—34 Installation, CTA (Cisco Trust Agent), troubleshooting 77—78 Internal groups 182 IOS routers, NADs (Network Access Devices) 16—17 IP address assignment, security appliance configuration 218—219 ip admission IOS-NAC command 162 ip admission name command 162 ip radius source-interface command 161 IPSec tunnels, remote-access from agentless client, security appliances 232—234 IPSec tunnels, remote-access from agentless client, VPN 3000 series concentrators 203—205 IPSec tunnels, remote-access from CTA client, security appliances 234—235 IPSec tunnels, remote-access from CTA client, VPN 3000 series concentrators 205—207 IPSec tunnels, remote-access without NAC, security appliances 230—232 IPSec tunnels, remote-access without NAC, VPN 3000 series concentrators 200—203 IPSec, remote-access tunnels 182 IPSec, remote-access tunnels, address assignment 186—187 IPSec, remote-access tunnels, group configuration 182 IPSec, remote-access tunnels, mode-config assignment 189 IPSec, remote-access tunnels, user authentication 183—185 IPSec, security appliance configuration, defining policy 219 IPSec, tunnels, VPN 3000 series concentrators 179—180 ISAKMP, security appliance configuration, preshared keys 217 ISAKMP, VPN security appliance configuration 214 L2TP over IPSec clients, VPN 3000 series concentrators 179—180 Lab environments, CA certificate 46—47 Lab environments, CTA deployment 34 Lab environments, Linux installation 45 Lab environments, Mac installation 42—44 Lab environments, Windows installation 34—42 Lab testing, NAC deployment phase 483—485 Large enterprises, business requirements, enforcement actions 453 Large enterprises, business requirements, security policies 452—453 Large enterprises, NAC configuration 463 Large enterprises, NAC configuration, ACS 463—471 Large enterprises, NAC configuration, end-user clients 472 Large enterprises, NAC configuration, switches 472 Large enterprises, network topology, branch office 454—456 Large enterprises, network topology, headquarters 457—463 Large enterprises, network topology, regional office 456 Large enterprises, troubleshooting, ACS logs 475 Large enterprises, troubleshooting, debug commands 474 Large enterprises, troubleshooting, show commands 473—474 Layer 3 NAC, architecture 155—158 Layer 3 NAC, configuration 158—159 Layer 3 NAC, configuration, AAA authentication 159—160 Layer 3 NAC, configuration, clientless host parameters 165—166 Layer 3 NAC, configuration, defining RADIUS server 160—161 Layer 3 NAC, configuration, exception policies 163—165 Layer 3 NAC, configuration, intercept ACLs 162—163 Layer 3 NAC, configuration, interface ACL 161—162 Layer 3 NAC, configuration, optimizing parameters 166—168 Layer 3 NAC, configuration, parameters 162 Layer 3 NAC, monitoring commands 168—169 Layer 3 NAC, troubleshooting 170—171 License files, Cisco Secure Services Client deployment 111 Linux, CTA (Cisco Trust Agent), CA certificate 47 Linux, CTA (Cisco Trust Agent), installation packages 33 Linux, CTA (Cisco Trust Agent), lab environment installation 45 Linux, CTA (Cisco Trust Agent), operating system support 31 Linux, CTA (Cisco Trust Agent), production environment deployment 76—77 Logging services, CTA (Cisco Trust Agent) 63—64 Logging services, CTA (Cisco Trust Agent), clogcli utility 68—69 Logging services, CTA (Cisco Trust Agent), ctalogd.ini file creation 64—68 Logging services, CTA (Cisco Trust Agent), troubleshooting 80—81 Logging, ACS 307 Logging, ACS, failed attempts configuration 307—309 Logging, ACS, passed authentication configuration 309—311 Logging, ACS, RADIUS accounting logging 311—313 MAC, agentless hosts handling, authentication bypass 356 MAC, CTA (Cisco Trust Agent), CA certificate 47 MAC, CTA (Cisco Trust Agent), installation packages 33 MAC, CTA (Cisco Trust Agent), lab environment installation 42—44 MAC, CTA (Cisco Trust Agent), operating system support 31 MAC, management networks, medium enterprise NAC deployment 422—423 MAC, NAC-L2--802.1X authentication bypass 144—145 McAfee, supported antivirus vendors 343 Medium enterprises, business requirements 424—425 Medium enterprises, configuration steps 427 Medium enterprises, configuration steps, Altiris Quarantine solution configuration 433—434 Medium enterprises, configuration steps, audit server configuration 432—433 Medium enterprises, configuration steps, CatOS configuration 427—430 Medium enterprises, configuration steps, Cisco Secure ACS configuration 435—443 Medium enterprises, configuration steps, CSA-MC server configuration 443 Medium enterprises, configuration steps, end-user clients 443 Medium enterprises, configuration steps, Trend Micro Policy Server configuration 434 Medium enterprises, configuration steps, VPN 300 concentrator configuration 430—431
Ðåêëàìà
|
|
Î ïðîåêòå