... Advanced Host Intrusion Prevention with CSA Chad Sullivan, CCIE No 6394 Paul Mauvais Jeff Asher Cisco Press 800 East 96th Street Indianapolis, IN 46290 USA Advanced Host Intrusion Prevention ... capabilities CSA can play several roles within your network, such as personal firewall, host intrusion prevention, application control, security policy enforcement, and so on...
Ngày tải lên: 03/06/2014, 01:11
... Espionage Insiders 10 Legislation 10 HIPAA 11 Sarbanes-Oxley SB -13 86 12 VISA PCI 13 Summary Chapter 12 13 Cisco Security Agent: The Solution Capabilities 14 15 CSA Component Architecture 16 Security ... Summary 10 1 10 0 10 0 90 xii Part III CSA Installation 10 4 Chapter CSA MC Server Installation 10 6 Implementation Options 10 7 Option 1: Single Server CSA MC Deplo...
Ngày tải lên: 14/08/2014, 18:21
downloads advanced host intrusion prevention with csa phần 2 potx
... policy Figure 2- 2 displays a CSA MC view of the Operating System—Base Protection— Windows policy configuration Figure 2- 2 Policy Configuration View Policies as a grouping mechanism within CSA contain ... SP6A Windows 20 00 (Professional, Server, Advanced Server) SP0-4 Windows XP (Professional, Home) SP0 -2 Windows 20 03 (Standard, Enterprise, Web, Small Business) Sun Solaris (64 bi...
Ngày tải lên: 14/08/2014, 18:21
downloads advanced host intrusion prevention with csa phần 3 ppt
... Microsoft Word Patch#1 234 , there were issues with saving files Do we need, therefore, to try disabling CSA temporarily to see if the problems are caused by Microsoft Word or by our CSA policies? You ... — If you install CSA on servers, they all start with a common operating system image when they are set up, or are they all uniquely configured? As with desktops, if you start with...
Ngày tải lên: 14/08/2014, 18:21
downloads advanced host intrusion prevention with csa phần 4 docx
... Figure 5-1 Host Display Screen of Cisco Security Agent Version 4. 5 Figure 5-1 shows a typical display of a host detail screen in CSA version 4. 5 You receive information about the host and about ... nearing capacity CSA MC clears hosts out of its database that have not polled in a couple weeks (the expectation is that the host is no longer in service) If a host is removed fro...
Ngày tải lên: 14/08/2014, 18:21
en CCNAS v11 ch01 modern network security threats
... wide-open world of the Internet, the networks of today are more open © 2012 Cisco and/or its affiliates All rights reserved Threats • There are four primary classes of threats to network security: ... affiliates All rights reserved 31 Trends Driving Network Security • Increase of network attacks • Increased sophistication of attacks • Increased dependence on the network • Wirel...
Ngày tải lên: 12/10/2015, 02:40
en CCNAS v11 ch02 securing network devices
... be utilized: – Enforce minimum password length: security passwords min-length – Disable unattended connections: exec-timeout – Encrypt config file passwords: service password-encryption © 2012 ... occurs and when Authenticate access – Ensure that access is granted only to authenticated users, groups, and services – Limit the number of failed login attempts and the time between logins © ... re...
Ngày tải lên: 12/10/2015, 02:43
en CCNAS v11 ch03 authentication, authorization, and accounting
... auxiliary, and console login, exec, and enable commands Packet (interface mode) Dial-up and VPN access including asynchronous and ISDN (BRI and PRI) ppp and network commands © 2012 Cisco and/ or its ... AAA Accounting Remote Client Cisco Secure ACS Server AAA Router 1.When a user has been authenticated, the AAA accounting process generates a start message to begin the accoun...
Ngày tải lên: 12/10/2015, 02:46
en CCNAS v11 ch04 implementing firewall technologies
... statement is added to the end Without sequence numbers the only way to add a statement between existing entries was to delete the ACL and recreate it • • Likewise, the only way to delete an entry ... to fully implement a security policy Order of statements: – ACLs have a policy of first match; when a statement is matched, the list is no longer examined – Ensure that statements at the top ......
Ngày tải lên: 12/10/2015, 02:52
en CCNAS v11 ch05 implementing intrusion prevention
... Event Monitoring and Management There are two key functions of event monitoring and management: Real-time event monitoring and management Analysis based on archived information (reporting) Event ... Features Sensors are connected to network segments A single sensor can monitor many hosts Sensors are network appliances tuned for intrusion detection analysis The operating system is “hardened....
Ngày tải lên: 12/10/2015, 02:54
en CCNAS v11 ch06 securing the local area network
... the frames to the wrong VLAN – The first switch strips the first tag off the frame and forwards the frame – The second switch then forwards the packet to the destination based on the VLAN identifier ... managing online users The Cisco NAM manages the Cisco NAS, which is the enforcement component of the Cisco NAC Appliance Cisco NAC Appliance Agent (NAA) – – Optiona...
Ngày tải lên: 12/10/2015, 02:56
en CCNAS v11 ch07 cryptographic systems
... reserved Authentication • Data nonrepudiation is a similar service that allows the sender of a message to be uniquely identified • This means that a sender / device cannot deny having been the source ... Cipher • When Julius Caesar sent messages to his generals, he didn't trust his messengers • He encrypted his messages by replacing every letter: – A with a D – B with an E – and so on • His g...
Ngày tải lên: 12/10/2015, 02:58
en CCNAS v11 ch08 implementing virtual private networks
... Conventional Private Networks © 2012 Cisco and/or its affiliates All rights reserved 15 Virtual Private Networks © 2012 Cisco and/or its affiliates All rights reserved 16 VPNs • A Virtual Private Network ... does not provide confidentiality (encryption) – It is appropriate to use when confidentiality is not required or permitted – All text is transported unencrypted • It only en...
Ngày tải lên: 12/10/2015, 03:02
en CCNAS v11 ch09 managing a secure network
... username scpADMIN privilege 15 password scpPa55W04D ip domain-name scp.cisco.com crypto key generate rsa general-keys modulus 1024 aaa new-model aaa authentication login default local aaa authorization ... steps: – Step Enable AAA with the aaa new-model global configuration command – Step Define a named list of authentication methods, with the aaa authentication login {default |list-name} m...
Ngày tải lên: 12/10/2015, 03:06
en CCNAS v11 ch10 implementing the cisco adaptive security appliance (ASA)
... the pre-installed licenses creates a permanent license – – The permanent license is activated by installing a permanent activation key using the activation-key command Only one permanent license ... conf t ciscoasa(config)# hostname CCNAS- ASA CCNAS- ASA(config)# domain-name ccnasecurity.com CCNAS- ASA(config)# enable password class CCNAS- ASA(config)# passwd cisco CCNAS- ASA(con...
Ngày tải lên: 12/10/2015, 03:09