SØG - mellem flere end 8 millioner bøger:

Søg på: Titel, forfatter, forlag - gerne i kombination.
Eller blot på isbn, hvis du kender dette.

Viser: Cisco ISE for BYOD and Secure Unified Access

Cisco ISE for BYOD and Secure Unified Access, 2. udgave

Cisco ISE for BYOD and Secure Unified Access Vital Source e-bog

Aaron Woland og Jamey Heary
(2017)
Pearson International
295,00 kr.
Leveres umiddelbart efter køb
Cisco ISE for BYOD and Secure Unified Access, 2. udgave

Cisco ISE for BYOD and Secure Unified Access Vital Source e-bog

Aaron Woland og Jamey Heary
(2017)
Pearson International
359,00 kr.
Leveres umiddelbart efter køb
Cisco ISE for BYOD and Secure Unified Access, 2. udgave

Cisco ISE for BYOD and Secure Unified Access Vital Source e-bog

Aaron Woland og Jamey Heary
(2017)
Pearson International
422,00 kr.
Leveres umiddelbart efter køb
Cisco ISE for BYOD and Secure Unified Access

Cisco ISE for BYOD and Secure Unified Access

Aaron Woland og Jamey Heary
(2017)
Sprog: Engelsk
Pearson Education, Limited
599,00 kr.
ikke på lager, Bestil nu og få den leveret
om ca. 10 hverdage

Detaljer om varen

  • 2. Udgave
  • Vital Source 90 day rentals (dynamic pages)
  • Udgiver: Pearson International (Juni 2017)
  • Forfattere: Aaron Woland og Jamey Heary
  • ISBN: 9780134586694R90
Fully updated: The complete guide to Cisco Identity Services Engine solutions Using Cisco Secure Access Architecture and Cisco Identity Services Engine, you can secure and gain control of access to your networks in a Bring Your Own Device (BYOD) world. This second edition of Cisco ISE for BYOD and Secure Unified Accesscontains more than eight brand-new chapters as well as extensively updated coverage of all the previous topics in the first edition book to reflect the latest technologies, features, and best practices of the ISE solution. It begins by reviewing today’s business case for identity solutions. Next, you walk through ISE foundational topics and ISE design. Then you explore how to build an access security policy using the building blocks of ISE. Next are the in-depth and advanced ISE configuration sections, followed by the troubleshooting and monitoring chapters. Finally, we go in depth on the new TACACS+ device administration solution that is new to ISE and to this second edition. With this book, you will gain an understanding of ISE configuration, such as identifying users, devices, and security posture; learn about Cisco Secure Access solutions; and master advanced techniques for securing access to networks, from dynamic segmentation to guest access and everything in between. Drawing on their cutting-edge experience supporting Cisco enterprise customers, the authors offer in-depth coverage of the complete lifecycle for all relevant ISE solutions, making this book a cornerstone resource whether you’re an architect, engineer, operator, or IT manager. ·         Review evolving security challenges associated with borderless networks, ubiquitous mobility, and consumerized IT ·         Understand Cisco Secure Access, the Identity Services Engine (ISE), and the building blocks of complete solutions ·         Design an ISE-enabled network, plan/distribute ISE functions, and prepare for rollout ·         Build context-aware security policies for network access, devices, accounting, and audit ·         Configure device profiles, visibility, endpoint posture assessments, and guest services ·         Implement secure guest lifecycle management, from WebAuth to sponsored guest access ·         Configure ISE, network access devices, and supplicants, step by step ·         Apply best practices to avoid the pitfalls of BYOD secure access ·         Set up efficient distributed ISE deployments ·         Provide remote access VPNs with ASA and Cisco ISE ·         Simplify administration with self-service onboarding and registration ·         Deploy security group access with Cisco TrustSec ·         Prepare for high availability and disaster scenarios ·         Implement passive identities via ISE-PIC and EZ Connect ·         Implement TACACS+ using ISE ·         Monitor, maintain, and troubleshoot ISE and your entire Secure Access system ·         Administer device AAA with Cisco IOS, WLC, and Nexus  
Licens varighed:
Bookshelf online: 90 dage fra købsdato.
Bookshelf appen: 90 dage fra købsdato.

Udgiveren oplyser at følgende begrænsninger er gældende for dette produkt:
Print: -1 sider kan printes ad gangen
Copy: højest -1 sider i alt kan kopieres (copy/paste)

Detaljer om varen

  • 2. Udgave
  • Vital Source 180 day rentals (dynamic pages)
  • Udgiver: Pearson International (Juni 2017)
  • Forfattere: Aaron Woland og Jamey Heary
  • ISBN: 9780134586694R180
Fully updated: The complete guide to Cisco Identity Services Engine solutions Using Cisco Secure Access Architecture and Cisco Identity Services Engine, you can secure and gain control of access to your networks in a Bring Your Own Device (BYOD) world. This second edition of Cisco ISE for BYOD and Secure Unified Accesscontains more than eight brand-new chapters as well as extensively updated coverage of all the previous topics in the first edition book to reflect the latest technologies, features, and best practices of the ISE solution. It begins by reviewing today’s business case for identity solutions. Next, you walk through ISE foundational topics and ISE design. Then you explore how to build an access security policy using the building blocks of ISE. Next are the in-depth and advanced ISE configuration sections, followed by the troubleshooting and monitoring chapters. Finally, we go in depth on the new TACACS+ device administration solution that is new to ISE and to this second edition. With this book, you will gain an understanding of ISE configuration, such as identifying users, devices, and security posture; learn about Cisco Secure Access solutions; and master advanced techniques for securing access to networks, from dynamic segmentation to guest access and everything in between. Drawing on their cutting-edge experience supporting Cisco enterprise customers, the authors offer in-depth coverage of the complete lifecycle for all relevant ISE solutions, making this book a cornerstone resource whether you’re an architect, engineer, operator, or IT manager. ·         Review evolving security challenges associated with borderless networks, ubiquitous mobility, and consumerized IT ·         Understand Cisco Secure Access, the Identity Services Engine (ISE), and the building blocks of complete solutions ·         Design an ISE-enabled network, plan/distribute ISE functions, and prepare for rollout ·         Build context-aware security policies for network access, devices, accounting, and audit ·         Configure device profiles, visibility, endpoint posture assessments, and guest services ·         Implement secure guest lifecycle management, from WebAuth to sponsored guest access ·         Configure ISE, network access devices, and supplicants, step by step ·         Apply best practices to avoid the pitfalls of BYOD secure access ·         Set up efficient distributed ISE deployments ·         Provide remote access VPNs with ASA and Cisco ISE ·         Simplify administration with self-service onboarding and registration ·         Deploy security group access with Cisco TrustSec ·         Prepare for high availability and disaster scenarios ·         Implement passive identities via ISE-PIC and EZ Connect ·         Implement TACACS+ using ISE ·         Monitor, maintain, and troubleshoot ISE and your entire Secure Access system ·         Administer device AAA with Cisco IOS, WLC, and Nexus  
Licens varighed:
Bookshelf online: 180 dage fra købsdato.
Bookshelf appen: 180 dage fra købsdato.

Udgiveren oplyser at følgende begrænsninger er gældende for dette produkt:
Print: -1 sider kan printes ad gangen
Copy: højest -1 sider i alt kan kopieres (copy/paste)

Detaljer om varen

  • 2. Udgave
  • Vital Source 365 day rentals (dynamic pages)
  • Udgiver: Pearson International (Juni 2017)
  • Forfattere: Aaron Woland og Jamey Heary
  • ISBN: 9780134586694R365
Fully updated: The complete guide to Cisco Identity Services Engine solutions Using Cisco Secure Access Architecture and Cisco Identity Services Engine, you can secure and gain control of access to your networks in a Bring Your Own Device (BYOD) world. This second edition of Cisco ISE for BYOD and Secure Unified Accesscontains more than eight brand-new chapters as well as extensively updated coverage of all the previous topics in the first edition book to reflect the latest technologies, features, and best practices of the ISE solution. It begins by reviewing today’s business case for identity solutions. Next, you walk through ISE foundational topics and ISE design. Then you explore how to build an access security policy using the building blocks of ISE. Next are the in-depth and advanced ISE configuration sections, followed by the troubleshooting and monitoring chapters. Finally, we go in depth on the new TACACS+ device administration solution that is new to ISE and to this second edition. With this book, you will gain an understanding of ISE configuration, such as identifying users, devices, and security posture; learn about Cisco Secure Access solutions; and master advanced techniques for securing access to networks, from dynamic segmentation to guest access and everything in between. Drawing on their cutting-edge experience supporting Cisco enterprise customers, the authors offer in-depth coverage of the complete lifecycle for all relevant ISE solutions, making this book a cornerstone resource whether you’re an architect, engineer, operator, or IT manager. ·         Review evolving security challenges associated with borderless networks, ubiquitous mobility, and consumerized IT ·         Understand Cisco Secure Access, the Identity Services Engine (ISE), and the building blocks of complete solutions ·         Design an ISE-enabled network, plan/distribute ISE functions, and prepare for rollout ·         Build context-aware security policies for network access, devices, accounting, and audit ·         Configure device profiles, visibility, endpoint posture assessments, and guest services ·         Implement secure guest lifecycle management, from WebAuth to sponsored guest access ·         Configure ISE, network access devices, and supplicants, step by step ·         Apply best practices to avoid the pitfalls of BYOD secure access ·         Set up efficient distributed ISE deployments ·         Provide remote access VPNs with ASA and Cisco ISE ·         Simplify administration with self-service onboarding and registration ·         Deploy security group access with Cisco TrustSec ·         Prepare for high availability and disaster scenarios ·         Implement passive identities via ISE-PIC and EZ Connect ·         Implement TACACS+ using ISE ·         Monitor, maintain, and troubleshoot ISE and your entire Secure Access system ·         Administer device AAA with Cisco IOS, WLC, and Nexus  
Licens varighed:
Bookshelf online: 5 år fra købsdato.
Bookshelf appen: 5 år fra købsdato.

Udgiveren oplyser at følgende begrænsninger er gældende for dette produkt:
Print: -1 sider kan printes ad gangen
Copy: højest -1 sider i alt kan kopieres (copy/paste)

Detaljer om varen

  • Paperback: 912 sider
  • Udgiver: Pearson Education, Limited (August 2017)
  • Forfattere: Aaron Woland og Jamey Heary
  • ISBN: 9781587144738
Fully updated: The complete guide to Cisco Identity Services Engine solutions


Using Cisco Secure Access Architecture and Cisco Identity Services Engine, you can secure and gain control of access to your networks in a Bring Your Own Device (BYOD) world.


This second edition of Cisco ISE for BYOD and Secure Unified Accesscontains more than eight brand-new chapters as well as extensively updated coverage of all the previous topics in the first edition book to reflect the latest technologies, features, and best practices of the ISE solution. It begins by reviewing today's business case for identity solutions. Next, you walk through ISE foundational topics and ISE design. Then you explore how to build an access security policy using the building blocks of ISE. Next are the in-depth and advanced ISE configuration sections, followed by the troubleshooting and monitoring chapters. Finally, we go in depth on the new TACACS+ device administration solution that is new to ISE and to this second edition.


With this book, you will gain an understanding of ISE configuration, such as identifying users, devices, and security posture; learn about Cisco Secure Access solutions; and master advanced techniques for securing access to networks, from dynamic segmentation to guest access and everything in between.


Drawing on their cutting-edge experience supporting Cisco enterprise customers, the authors offer in-depth coverage of the complete lifecycle for all relevant ISE solutions, making this book a cornerstone resource whether you're an architect, engineer, operator, or IT manager.


- Review evolving security challenges associated with borderless networks, ubiquitous mobility, and consumerized IT

- Understand Cisco Secure Access, the Identity Services Engine (ISE), and the building blocks of complete solutions

- Design an ISE-enabled network, plan/distribute ISE functions, and prepare for rollout

- Build context-aware security policies for network access, devices, accounting, and audit

- Configure device profiles, visibility, endpoint posture assessments, and guest services

- Implement secure guest lifecycle management, from WebAuth to sponsored guest access

- Configure ISE, network access devices, and supplicants, step by step

- Apply best practices to avoid the pitfalls of BYOD secure access

- Set up efficient distributed ISE deployments

- Provide remote access VPNs with ASA and Cisco ISE

- Simplify administration with self-service onboarding and registration

- Deploy security group access with Cisco TrustSec

- Prepare for high availability and disaster scenarios

- Implement passive identities via ISE-PIC and EZ Connect

- Implement TACACS+ using ISE

- Monitor, maintain, and troubleshoot ISE and your entire Secure Access system

- Administer device AAA with Cisco IOS, WLC, and Nexus

Normal 0 false false false EN-US X-NONE X-NONE

Introduction xxix
Part I Identity-Enabled Network: Unite!
Chapter 1 Regain Control of Your IT Security 1 Security: Still a Weakest-Link Problem 2 Cisco Identity Services Engine 3 Sources for Providing Identity and Context Awareness 5 Unleash the Power of Centralized Policy 6 Summary 8
Chapter 2 Fundamentals of AAA 9 Triple-A 10 Compare and Select AAA Options 10 Device Administration 11 Network Access 12 TACACS+ 13 TACACS+ Authentication Messages 14 TACACS+ Authorization and Accounting Messages 15 RADIUS 17 AV Pairs 20 Change of Authorization 20 Comparing RADIUS and TACACS+ 21 Summary 21
Chapter 3 Introducing Cisco Identity Services Engine 23 Architecture Approach to Centralized and Dynamic Network Security Policy Enforcement 23 Cisco Identity Services Engine Features and Benefits 26 ISE Platform Support and Compatibility 30 Cisco Identity Services Engine Policy Construct 30 ISE Authorization Rules 33 Summary 34
Part II The Blueprint, Designing an ISE-Enabled Network
Chapter 4 The Building Blocks in an Identity Services Engine Design 35 ISE Solution Components Explained 35 Infrastructure Components 36 Policy Components 42 Endpoint Components 42 ISE Personas 43 ISE Licensing, Requirements, and Performance 45 ISE Licensing 45 ISE Requirements 46 ISE Performance 47 ISE Policy-Based Structure Explained 48 Summary 49
Chapter 5 Making Sense of the ISE Deployment Design Options 51 Centralized Versus Distributed Deployment 52 Centralized Deployment 52 Distributed Deployment 55 Summary 58
Chapter 6 Quick Setup of an ISE Proof of Concept 59 Deploy ISE for Wireless in 15 Minutes 59 Wireless Setup Wizard Configuration 60 Guest Self-Registration Wizard 61 Secure Access Wizard 65 Bring Your Own Device (BYOD) Wizard 67 Deploy ISE to Gain Visibility in 15 Minutes 69 Visibility Setup Wizard 69 Configuring Cisco Switches to Send ISE Profiling Data 73 Summary 75
Part III The Foundation, Building a Context-Aware Security Policy
Chapter 7 Building a Cisco ISE Network Access Security Policy 77 Components of a Cisco ISE Network Access Security Policy 78 Network Access Security Policy Checklist 79 Involving the Right People in the Creation of the Network Access Security Policy 79 Determining the High-Level Goals for Network Access Security 81 Common High-Level Network Access Security Goals 82 Network Access Security Policy Decision Matrix 84 Defining the Security Domains 85 Understanding and Defining ISE Authorization Rules 87 Commonly Configured Rules and Their Purpose 88 Establishing Acceptable Use Policies 89 Host Security Posture Assessment Rules to Consider 91 Sample NASP Format for Documenting ISE Posture Requirements 96 Common Checks, Rules, and Requirements 97 Method for Adding Posture Policy Rules 98 Research and Information 98 Establishing Criteria to Determine the Validity of a Security Posture Check, Rule, or Requirement in Your Organization 99 Method for Determining What Posture Policy Rules a Particular Security Requirement Should Be Applied To 100 Method for Deploying and Enforcing Security Requirements 101 Defining Dynamic Network Access Privileges 102 Enforcement Methods Available with ISE 102 Commonly Used Network Access Policies 103 Summary 105
Chapter 8 Building a Device Security Policy 107 ISE Device Profiling 107 ISE Profiling Policies 109 ISE Profiler Data Sources 110 Using Device Profiles in Authorization Rules 111 Threat-Centric NAC 111 Using TC-NAC as
Part of Your Incident Response Process 113 Summary 116
Chapter 9 Building an ISE Accounting and Auditing Policy 117 Why You Need Accounting and Auditing for ISE 117 Using PCI DSS as Your ISE Auditing Framework 118 ISE Policy for PCI
10.1: Ensuring Unique Usernames and Passwords 126 ISE Policy for PCI
10.2 and
10.3: Audit Log Collection 128 ISE Policy for PCI
10.5.3,
10.5.4, and
10.7: Ensure the Integrity and Confidentiality of Audit Log Data 129 ISE Policy for PCI
10.6: Review Audit Data Regularly 130 Cisco ISE User Accounting 131 Summary 132
Part IV Let''s Configure!
Chapter 10 Profiling Basics and Visibility 133 Understanding Profiling Concepts 133 ISE Profiler Work Center 137 ISE Profiling Probes 137 Probe Configuration 138 DHCP and DHCPSPAN Probes 140 RADIUS Probe 142 Network Scan (NMAP) Probe 143 DNS Probe 147 SNMPQUERY and SNMPTRAP Probes 148 Active Directory Probe 149 HTTP Probe 150 HTTP Profiling Without Probes 152 NetFlow Probe 152 Infrastructure Configuration 153 DHCP Helper 153 SPAN Configuration 156 VLAN ACL Captures 157 Device Sensor 157 VMware Configurations to Allow Promiscuous Mode 159 Profiling Policies 160 Profiler Feed Service 160 Configuring the Profiler Feed Service 160 Verifying the Profiler Feed Service 162 Offline Manual Update 164 Endpoint Profile Policies 167 Context Visibility 169 Logical Profiles 178 ISE Profiler and CoA 179 Global CoA 180 Per-Profile CoA 181 Global Profiler Settings 182 Configure SNMP Settings for Probes 182 Endpoint Attribute Filtering 182 NMAP Scan Subnet Exclusions 183 Profiles in Authorization Policies 183 Endpoint Identity Groups 183 EndPointPolicy 187 Importing Profiles 187 Verifying Profiling 189 The Dashboard 189 Endpoints Dashboard 189 Context Visibility 190 Device Sensor Show Commands 191 Triggered NetFlow: A Woland-Santuka Pro Tip 191 Summary 194
Chapter 11 Bootstrapping Network Access Devices 195 Cisco Catalyst Switches 195 Global Configuration Settings for Classic IOS and IOS
15.x Switches 196 Configure Certificates on a Switch 196 Enable the Switch HTTP/HTTPS Server 197 Global AAA Commands 198 Global RADIUS Commands 199 Create Local Access Control Lists for Classic IOS and IOS
15.x 202 Global
802.1X Commands 204 Global Logging Commands (Optional) 204 Global Profiling Commands 205 Interface Configuration Settings for Classic IOS and IOS
15.x Switches 207 Configure Interfaces as Switch Ports 208 Configure Flexible Authentication and High Availability 208 Configure Authentication Settings 211 Configure Authentication Timers 212 Apply the Initial ACL to the Port and Enable Authentication 213 Configuration Settings for C3PL Switches 213 Why Use C3PL? 213 Global Configuration for C3PL 216 Global RADIUS Commands for C3PL 217 Configure Local ACLs and Local Service Templates 219 Global
802.1X Commands 220 C3PL Fundamentals 221 Configure the C3PL Policies 222 Cisco Wireless LAN Controllers 225 AireOS Features and Version History 225 Configure the AAA Servers 226 Add the RADIUS Authentication Servers 226 Add the RADIUS Accounting Servers 227 Configure RADIUS Fallback (High Availability) 229 Configure the Airespace ACLs 229 Create the Web Authentication Redirection ACL 230 Add Google URLs for ACL Bypass 231 Create the Dynamic Interfaces for the Client VLANs 232 Create the Employee Dynamic Interface 233 Create the Guest Dynamic Interface 234 Create the Wireless LANs 236 Create the Guest WLAN 236 Create the Corporate SSID 240 Summary 245
Chapter 12 Network Authorization Policy Elements 247 ISE Authorization Policy Elements 247 Authorization Results 251 Configuring Authorization Downloadable ACLs 251 Configuring Authorization Profiles 253 Summary 256
Chapter 13 Authentication and Authorization Policies 257 Relationship Between Authentication and Authorization 257 Enable Policy Sets 258 Authentication Policy Goals 261 Accept Only Allowed Protocols 261 Route to the Correct Identity Store 261 Validate the Identity 261 Pass the Request to the Authorization Policy 262 Understanding Authentication Policies 262 Conditions 263 Allowed Protocols 266 Authentication Protocol Primer 268 Identity Store 271 Options 272 Common Authentication Policy Examples 272 Using the Wireless SSID 272 Remote-Access VPN 277 Alternative ID Stores Based on EAP Type 278 Authorization Policies 280 Goals of Authorization Policies 280 Understanding Authorization Policies 280 Role-Specific Authorization Rules 286 Authorization Policy Example 286 Employee and Corporate Machine Full-Access Rule 286 Internet Only for Mobile Devices 288 Employee Limited Access Rule 292 Saving Attributes for Reuse 295 Summary 297
Chapter 14 Guest Lifecycle Management 299 Overview of ISE Guest Services 301 Hotspot Guest Portal Configuration 302 Sponsored Guest Portal Configuration 304 Create an Active Directory Identity Store 304 Create ISE Guest Types 305 Create Guest Sponsor Groups 307 Authentication and Authorization Guest Policies 310 Guest Pre-Authentication Authorization Policy 310 Guest Post-Authent
De oplyste priser er inkl. moms

Polyteknisk Boghandel

har gennem mere end 50 år været studieboghandlen på DTU og en af Danmarks førende specialister i faglitteratur.

 

Vi lagerfører et bredt udvalg af bøger, ikke bare inden for videnskab og teknik, men også f.eks. ledelse, IT og meget andet.

Læs mere her


Trykt eller digital bog?

Ud over trykte bøger tilbyder vi tre forskellige typer af digitale bøger:

 

Vital Source Bookshelf: En velfungerende ebogsplatform, hvor bogen downloades til din computer og/eller mobile enhed.

 

Du skal bruge den gratis Bookshelf software til at læse læse bøgerne - der er indbygget gode værktøjer til f.eks. søgning, overstregning, notetagning mv. I langt de fleste tilfælde vil du samtidig have en sideløbende 1825 dages online adgang. Læs mere om Vital Source bøger

 

Levering: I forbindelse med købet opretter du et login. Når du har installeret Bookshelf softwaren, logger du blot ind og din bog downloades automatisk.

 

 

Adobe ebog: Dette er Adobe DRM ebøger som downloades til din lokale computer eller mobil enhed.

 

For at læse bøgerne kræves særlig software, som understøtter denne type. Softwaren er gratis, men du bør sikre at du har rettigheder til installere software på den maskine du påtænker at anvende den på. Læs mere om Adobe DRM bøger

 

Levering: Et download link sendes pr email umiddelbart efter købet.

 


Ibog: Dette er en online bog som kan læses på udgiverens website. 

Der kræves ikke særlig software, bogen læses i en almindelig browser.

 

Levering: Vores medarbejder sender dig en adgangsnøgle pr email.

 

Vi gør opmærksom på at der ikke er retur/fortrydelsesret på digitale varer.