Ãëàâíàÿ    Ex Libris    Êíèãè    Æóðíàëû    Ñòàòüè    Ñåðèè    Êàòàëîã    Wanted    Çàãðóçêà    ÕóäËèò    Ñïðàâêà    Ïîèñê ïî èíäåêñàì    Ïîèñê    Ôîðóì   
blank
Àâòîðèçàöèÿ

       
blank
Ïîèñê ïî óêàçàòåëÿì

blank
blank
blank
Êðàñîòà
blank
Frahim J., White D., Santos O. — Cisco Network Admission Control, Volume II: Deployment and Troubleshooting
Frahim J., White D., Santos O. — Cisco Network Admission Control, Volume II: Deployment and Troubleshooting



Îáñóäèòå êíèãó íà íàó÷íîì ôîðóìå



Íàøëè îïå÷àòêó?
Âûäåëèòå åå ìûøêîé è íàæìèòå Ctrl+Enter

Íàçâàíèå: Cisco Network Admission Control, Volume II: Deployment and Troubleshooting

Àâòîðû: Frahim J., White D., Santos O.

Àííîòàöèÿ:

Secure the network edge with the premier book on NAC deployment and management
* The first book on deploying and managing the Cisco NAC solution
* Addresses the security risks of remote and mobile computer users connecting to corporate networks
* Enables end-point products (i.e. PCs, servers, and PDAs) to communicate security information, allowing networks to restrict access of non-compliant devices to the rest of the network

Network Admission Control (NAC), a set of technologies and solutions built on an industry initiative led by Cisco, uses the network infrastructure to enforce security policy compliance on all devices seeking to access network computing resources, thereby limiting damage from emerging security threats. Customers using NAC can allow network access only to compliant and trusted end-point devices (PCs, servers, and PDAs, for example) and can restrict the access of noncompliant devices. The purpose of Cisco Network Admission Control Volume II is to provide a comprehensive guide on how to deploy and troubleshoot phase 2 of NAC to protect networks from attacks and threats and to ultimately create a self-defending network. By highlighting what protection NAC provides when a virus outbreak occurs, this book is a guide for any network professional who manages network security and monitors organizational infrastructure for day-zero threats.


ßçûê: en

Ðóáðèêà: Òåõíîëîãèÿ/

Ñòàòóñ ïðåäìåòíîãî óêàçàòåëÿ: Ãîòîâ óêàçàòåëü ñ íîìåðàìè ñòðàíèö

ed2k: ed2k stats

Ãîä èçäàíèÿ: 2006

Êîëè÷åñòâî ñòðàíèö: 624

Äîáàâëåíà â êàòàëîã: 11.12.2007

Îïåðàöèè: Ïîëîæèòü íà ïîëêó | Ñêîïèðîâàòü ññûëêó äëÿ ôîðóìà | Ñêîïèðîâàòü ID
blank
Ïðåäìåòíûé óêàçàòåëü
Medium enterprises, major NAC solution highlights      425—427
Medium enterprises, NAC deployment overview      419 421
Medium enterprises, NAC deployment overview, management network      422—423
Medium enterprises, NAC deployment overview, quarantine network      423
Medium enterprises, NAC deployment overview, user network      421
Medium enterprises, troubleshooting, NAC on Catalyst 6500 switch      444—446
Medium enterprises, troubleshooting, NAC on VPN 3000 concentrator      446—448
Medium enterprises, troubleshooting, secure ACS logging      448
Meetinghouse AEGIS SecureConnect client      See Cisco Secure Services Client
Mode-config assignment, IPSec remote-access tunnels      189
Monitoring, agentless hosts      375—376
Monitoring, agentless hosts, CS-ACS logs      376
Monitoring, agentless hosts, NADs      377—378
Monitoring, Layer 3 NAC      168—169
Monitoring, medium enterprises, NAC on Catalyst 6500 switch      444—446
Monitoring, medium enterprises, NAC on VPN 3000 concentrator      446—448
Monitoring, medium enterprises, secure ACS logging      448
Monitoring, NAC components      23—24
Monitoring, security appliances      229
Monitoring, security appliances, NAC sessions      235—238
Monitoring, security appliances, remote-access IPSec tunnel from agentless client      232—234
Monitoring, security appliances, remote-access IPSec tunnel from CTA client      234—235
Monitoring, security appliances, remote-access IPSec tunnel without NAC      230—232
Monitoring, VPN 3000 series concentrators      200
Monitoring, VPN 3000 series concentrators remote-access IPSec tunnel from agentless client      203—205
Monitoring, VPN 3000 series concentrators remote-access IPSec tunnel from CTA client      205—207
Monitoring, VPN 3000 series concentrators remote-access IPSec tunnel without NAC      200—203
NAC (Network Admission Control)      5
NAC (Network Admission Control), basics      5—7
NAC (Network Admission Control), basics, Phase I      7—8
NAC (Network Admission Control), basics, Phase II      9—11
NAC (Network Admission Control), basics, program participation      12
NAC (Network Admission Control), components, analysis      23—24
NAC (Network Admission Control), components, Cisco Secure Access Control Server      22
NAC (Network Admission Control), components, CSA (Cisco Security Agent)      14—15
NAC (Network Admission Control), components, CTA (Cisco Trust Agent)      12—14
NAC (Network Admission Control), components, monitoring      23—24
NAC (Network Admission Control), components, NADs (Network Access Devices)      15—22
NAC (Network Admission Control), components, reporting      23—24
NAC agentless host (NAH)      11
NAC Infected/Quarantine      531
NAC Layer 2 802.1X, agentless hosts      299—300
NAC Layer 2 802.1X, architecture      139—141
NAC Layer 2 802.1X, configuration, CatOS      144
NAC Layer 2 802.1X, configuration, Cisco IOS      142—144
NAC Layer 2 802.1X, Mac authentication bypass      144—145
NAC Layer 2 802.1X, troubleshooting      145—147
NAC Layer 2 802.1X, wireless access point configuration      147—150
NAC Layer 2 IP, agentless hosts      299
NAC Layer 2 IP, architecture      123—125
NAC Layer 2 IP, configuration, CatOS      130—132
NAC Layer 2 IP, configuration, Cisco IOS      126—129
NAC Layer 2 IP, configuration, nonresponsive hosts      132—133
NAC Layer 2 IP, troubleshooting, debug commands      137—139
NAC Layer 2 IP, troubleshooting, EoU logging      136—137
NAC Layer 2 IP, troubleshooting, show commands      133—136
NAC Posture, CSA (Cisco Security Agent)      336—338
NAC-L2--802.1X      9
NAC-L2--802.1X, agentless hosts      299—300
NAC-L2--802.1X, architecture      139—141
NAC-L2--802.1X, attributes      18
NAC-L2--802.1X, configuration, CatOS      144
NAC-L2--802.1X, configuration, Cisco IOS      142—144
NAC-L2--802.1X, large enterprise NAC configuration      464—466
NAC-L2--802.1X, Mac authentication bypass      144—145
NAC-L2--802.1X, troubleshooting      145—147
NAC-L2--802.1X, wireless access point configuration      147—150
NAC-L2-IP      9
NAC-L2-IP, agentless hosts      299
NAC-L2-IP, architecture      123—125
NAC-L2-IP, attributes      18
NAC-L2-IP, configuration, CatOS      130—132
NAC-L2-IP, configuration, Cisco IOS      126—129
NAC-L2-IP, configuration, nonresponsive hosts      132—133
NAC-L2-IP, troubleshooting, debug commands      137—139
NAC-L2-IP, troubleshooting, EoU logging      136—137
NAC-L2-IP, troubleshooting, show commands      133—136
NAC-L3-IP, agentless hosts      299
NAC-related parameters, security appliance configuration      221—222
NAC-related parameters, security appliance configuration, authentication configuration      224
NAC-related parameters, security appliance configuration, exception list      228
NAC-related parameters, security appliance configuration, global parameter setup      222—223
NAC-related parameters, security appliance configuration, user group policy      225—227
NAC-related parameters, VPN 3000 series concentrators      193
NAC-related parameters, VPN 3000 series concentrators, global parameter setup      193
NAC-related parameters, VPN 3000 series concentrators, NAC exception list      194—198
NAC-related parameters, VPN 3000 series concentrators, user group enabling      198—200
NADs (Network Access Devices)      15—16 250
NADs (Network Access Devices), ACS configuration      250—251
NADs (Network Access Devices), agentless host handling, exception lists      355—356
NADs (Network Access Devices), catalyst switches      17—20
NADs (Network Access Devices), Cisco 5500 series Adaptive Security Appliances      21
NADs (Network Access Devices), Cisco IOS routers      16—17
NADs (Network Access Devices), monitoring agentless hosts      377—378
NADs (Network Access Devices), PIX 500 series security appliances      21
NADs (Network Access Devices), VPN 3000 series concentrators      20 175
NADs (Network Access Devices), VPN 3000 series concentrators, architecture      175—180
NADs (Network Access Devices), VPN 3000 series concentrators, configuration steps      181—200
NADs (Network Access Devices), VPN 3000 series concentrators, testing solutions      200—207
NADs (Network Access Devices), wireless device support      21—22
NAFs (network access filters)      295—297
NAH (NAC agentless host)      11
NAPs (network access profiles)      286
NAPs (network access profiles), ACS      286—288
NAPs (network access profiles), ACS, Authentication policy      289—290
NAPs (network access profiles), ACS, Authorization policy      294—295
NAPs (network access profiles), ACS, configuration      262—264
NAPs (network access profiles), ACS, Posture Validation policy      290—293
NAPs (network access profiles), ACS, Protocols policy      288—289
NDGs (Network Device Groups)      249—250
Network Access Agent and Posture Plug-in, Altiris remediation      386—387
Network access devices      See NADs
Network access filters (NAFs)      295—297
Network access profiles      See NAPs
Network Admission Control      See NAC
Network Device Groups (NDGs)      249—250
Network Discovery, Altiris      384
Network profiles, configuring Administrative Client      94—100
Network topology, large enterprises, branch office      454—456
Network topology, large enterprises, headquarters      457—463
Network topology, large enterprises, regional office      456
Networks, small businesses      397—398
no eou revalidate command      167
Nonresponsive hosts, NAC-L2-IP configuration      132—133
Notification Server, Altiris remediation, adding      386
Notification Server, Altiris remediation, posture policy      387—388
Notification strings, ACS posture validation      276
Operating systems, CTA deployment      31—32
Operating systems, maintaining policies      491—492
Parameters, Layer 3 NAC      162
Parameters, Layer 3 NAC configuration      166—168
Passwords, troubleshooting Cisco Secure Services Client      119
PatchLink, remediation solutions      388—389
Periodic revalidations, NAC Phase II      11
Phase I, NAC rollout      7—8
Phase II, NAC rollout      9—11
Phases, deployment best practices      481—482
Phases, final deployment strategy      487—488
Phases, initial tuning      486
Phases, lab testing      483—485
Phases, pilot site      486
Phases, readiness assessment      482—483
Phases, test plans      485
Phases, user assessment      483
Pilot sites, NAC deployment phase      486
PIX 500 series security appliances, NADs (Network Access Devices)      21
PIX security appliances, architecture      211
PIX security appliances, architecture stateful failover      211
PIX security appliances, architecture, NAC exception lists      212
PIX security appliances, configuration      212—213
PIX security appliances, configuration, NAC-related parameters      221—228
PIX security appliances, configuration, VPN      213—221
PIX security appliances, configuration, VPN client      221
PIX security appliances, testing      229
PIX security appliances, testing, NAC session monitoring      235—238
PIX security appliances, testing, remote-access IPSec tunnel from agentless client      232—234
PIX security appliances, testing, remote-access IPSec tunnel from CTA client      234—235
PIX security appliances, testing, remote-access IPSec tunnel without NAC      230—232
PIX, configuring forward events      526—527
PIX, defining reporting device      524—526
PIX, event sending to CS-MARS      524
Pn (Protego Networks)      497
Policies, ACS NAPs, Authentication      289—290
Policies, ACS NAPs, Authorization      294—295
Policies, ACS NAPs, Posture Validation      290—293
Policies, ACS NAPs, Protocols      288—289
Policies, ACS posture validation      266—267 270—272
Policies, maintaining      491
Policies, maintaining, antivirus      492
Policies, maintaining, operating system      491—492
Policies, maintaining, remediation servers      492
Policy-based ACLs, ACS posture enforcement      281
Posture enforcement, ACS, downloadable IP ACLs      276—279
Posture enforcement, ACS, policy-based ACLs      281
Posture enforcement, ACS, RACs (RADIUS authorization components)      282—286
Posture enforcement, ACS, VLAN assignment      280—281
Posture plug-ins, antivirus software      344—345
Posture tokens, CTA (Cisco Trust Agent) troubleshooting      81—82
Posture validation option      184
Posture Validation policy, ACS NAPs      290—293
Posture validation, ACS      264—266
Posture validation, ACS, antivirus servers      274
Posture validation, ACS, audit servers      274
Posture validation, ACS, deleting rule      276
Posture validation, ACS, notification string      276
Posture validation, ACS, policies      266—267 270 272
Posture validation, ACS, rule cloning      275—276
Posture validation, ACS, rule ordering      275
Posture validation, creating policies      436—437
Posture validation, Layer 3 NAC      156
Posture validation, rule configuration      441—442
Postures, CTA Scripting Interface      57
Postures, CTA Scripting Interface, executing      62—63
Postures, CTA Scripting Interface, use requirements      58—62
Postures, NAC-L2--802.1X validation, architecture      139—141
Postures, NAC-L2--802.1X validation, configuration      142—144
Postures, NAC-L2--802.1X validation, Mac authentication bypass      144—145
Postures, NAC-L2--802.1X validation, troubleshooting      145—147
Postures, NAC-L2--802.1X validation, wireless access point configuration      147—150
Postures, NAC-L2-IP validation, architecture      123—125
Postures, NAC-L2-IP validation, configuration      126—133
Postures, NAC-L2-IP validation, troubleshooting      133—139
production environment deployment      75—76
Production networks, CTA (Cisco Trust Agent), deployment      70—72
Production networks, CTA (Cisco Trust Agent), deployment, Linux      76—77
Production networks, CTA (Cisco Trust Agent), deployment, Mac      75—76
Production networks, CTA (Cisco Trust Agent), deployment, Windows      72—75
Protego Networks (pn)      497
Protocols policy, ACS NAPs      288—289
QualysGuard Scanner Appliance, configuration      363—366
QualysGuard Scanner Appliance, defining      368—369
QualysGuard Scanner Appliance, event sending to CS-MARS      527—528
QualysGuard Scanner Appliance, installation      362—363
QualysGuard Scanner Appliance, monitoring agentless hosts      375—376
QualysGuard Scanner Appliance, root certificate      373—374
Quarantine networks, medium enterprise NAC deployment      423
RACs (RADIUS authorization components)      282—286
RADIUS authorization components (RACs)      282—286
RADIUS, ACS configuration      251—252
RADIUS, Layer 3 NAC configuration      160—161
Radius-server host command      160
Radius-server key command      160
Readiness assessment, NAC deployment phase      482—483
Regional offices, large enterprise network topology      456
Remediations, Altiris      381—384
Remediations, Altiris, adding Notification Server      386
Remediations, Altiris, exception policies      387
Remediations, Altiris, importing attribute files      385
Remediations, Altiris, Network Access Agent and Posture Plug-in      386—387
Remediations, Altiris, Network Discovery      384
Remediations, Altiris, posture policy on Notification Server      387—388
Remediations, PatchLink      388—389
Remediations, servers, maintaining policies      492
Remote access VPNs, headquarter network topology      460
Remote-access attributes, security appliance configuration      214—216
Replication, ACS      313
Replication, large enterprise NAC configuration      466—471
Reporting, NAC components      23—24
Reports, CS-MARS      528—529
Reports, CS-MARS, agentless hosts      532—533
Reports, CS-MARS, scheduling      533—534
Reports, CS-MARS, top hosts      531
Reports, CS-MARS, top tokens      530
Revalidation timers      200 226
Routers, NADs (Network Access Devices)      16—17
Sales department, headquarter network topology      459
Scripting Interfaces, CTA (Cisco Trust Agent)      57
Scripting Interfaces, CTA (Cisco Trust Agent), executing      62—63
Scripting Interfaces, CTA (Cisco Trust Agent), use requirements      58—62
SDNI (Self-Defending Network Initiative)      5
Section      49—55
SecureMe, Inc., business requirements      424—425
SecureMe, Inc., large enterprise network topology, branch office      454—456
SecureMe, Inc., large enterprise network topology, headquarters      457—463
SecureMe, Inc., large enterprise network topology, regional office      456
SecureMe, Inc., major NAC solution highlights      425—427
SecureMe, Inc., NAC configuration steps      427
SecureMe, Inc., NAC configuration steps, Altiris Quarantine solution configuration      433—434
SecureMe, Inc., NAC configuration steps, audit server configuration      432—433
SecureMe, Inc., NAC configuration steps, CatOs configuration      427—430
SecureMe, Inc., NAC configuration steps, Cisco Secure ACS configuration      435—443
SecureMe, Inc., NAC configuration steps, CSA-MC server configuration      443
SecureMe, Inc., NAC configuration steps, end-user clients      443
SecureMe, Inc., NAC configuration steps, Trend Micro Policy Server configuration      434
SecureMe, Inc., NAC configuration steps, VPN 3000 concentrator configuration      430—431
SecureMe, Inc., NAC deployment overview      419—421
SecureMe, Inc., NAC deployment overview, management network      422—423
SecureMe, Inc., NAC deployment overview, quarantine network      423
SecureMe, Inc., NAC deployment overview, user network      421
SecureMe, Inc., troubleshooting, NAC on Catalyst 6500 switch      444—446
SecureMe, Inc., troubleshooting, NAC on VPN 3000 concentrator      446—448
SecureMe, Inc., troubleshooting, secure ACS logging      448
Security appliances, architecture      211
Security appliances, architecture, NAC exception lists      212
Security appliances, architecture, stateful failover      211
Security appliances, configuration      212—213
Security appliances, configuration, NAC-related parameters      221—228
Security appliances, configuration, VPN      213—221
Security appliances, testing      229
Security appliances, testing, NAC session monitoring      235—238
Security appliances, testing, remote-access IPSec tunnel from agentless client      232—234
Security appliances, testing, remote-access IPSec tunnel from CTA client      234—235
Security appliances, testing, remote-access IPSec tunnel without NAC      230—232
Security policies, large enterprise business requirements      452—453
Security, CTA (Cisco Trust Agent)      12
Self-Defending Network Initiative (SDNI)      5
Service password-encryption command      161
Shared Object Files, posture plug-in      344
Show commands, Layer 3 NAC monitoring      168
Show commands, troubleshooting, large enterprise NAC      473—474
Show commands, troubleshooting, NAC small business deployment      411—412
Show commands, troubleshooting, NAC-L2-IP      133—136
Show eou all command      134 168 377—378 411 444
Show eou config command      136 445
Show eou ip command      169 411 445
Show policy group all command      444
Small business, configuring NAC      399
Small business, configuring NAC, Cisco Secure ACS      399—405
Small business, configuring NAC, end-user clients      405—406
Small business, configuring NAC, switches      406—410
1 2 3 4
blank
Ðåêëàìà
blank
blank
HR
@Mail.ru
       © Ýëåêòðîííàÿ áèáëèîòåêà ïîïå÷èòåëüñêîãî ñîâåòà ìåõìàòà ÌÃÓ, 2004-2024
Ýëåêòðîííàÿ áèáëèîòåêà ìåõìàòà ÌÃÓ | Valid HTML 4.01! | Valid CSS! Î ïðîåêòå