Download the free Kindle app and start reading Kindle books instantly on your smartphone, tablet or computer – no Kindle device required. Learn more
Read instantly on your browser with Kindle Cloud Reader.
Using your mobile phone camera, scan the code below and download the Kindle app.
Enter your mobile phone or email address
By pressing ‘Send link’, you agree to Amazon's Conditions of Use.
You consent to receive an automated text message from or on behalf of Amazon about the Kindle App at your mobile number above. Consent is not a condition of any purchase. Message and data rates may apply.
Cisco Firewalls (Cisco Press Networking Technology Series) 1st Edition, Kindle Edition
Concepts, design and deployment for Cisco Stateful Firewall solutions
“ In this book, Alexandre proposes a totally different approach to the important subject of firewalls: Instead of just presenting configuration models, he uses a set of carefully crafted examples to illustrate the theory in action. A must read!” —Luc Billot, Security Consulting Engineer at Cisco
Cisco Firewalls thoroughly explains each of the leading Cisco firewall products, features, and solutions, and shows how they can add value to any network security design or operation. The author tightly links theory with practice, demonstrating how to integrate Cisco firewalls into highly secure, self-defending networks. Cisco Firewalls shows you how to deploy Cisco firewalls as an essential component of every network infrastructure. The book takes the unique approach of illustrating complex configuration concepts through step-by-step examples that demonstrate the theory in action. This is the first book with detailed coverage of firewalling Unified Communications systems, network virtualization architectures, and environments that include virtual machines. The author also presents indispensable information about integrating firewalls with other security elements such as IPS, VPNs, and load balancers; as well as a complete introduction to firewalling IPv6 networks. Cisco Firewalls will be an indispensable resource for engineers and architects designing and implementing firewalls; security administrators, operators, and support professionals; and anyone preparing for the CCNA Security, CCNP Security, or CCIE Security certification exams.
Alexandre Matos da Silva Pires de Moraes, CCIE No. 6063, has worked as a Systems Engineer for Cisco Brazil since 1998 in projects that involve not only Security and VPN technologies but also Routing Protocol and Campus Design, IP Multicast Routing, and MPLS Networks Design. He coordinated a team of Security engineers in Brazil and holds the CISSP, CCSP, and three CCIE certifications (Routing/Switching, Security, and Service Provider). A frequent speaker at Cisco Live, he holds a degree in electronic engineering from the Instituto Tecnológico de Aeronáutica (ITA – Brazil).
· Create advanced security designs utilizing the entire Cisco firewall product family
· Choose the right firewalls based on your performance requirements
· Learn firewall configuration fundamentals and master the tools that provide insight about firewall operations
· Properly insert firewalls in your network’s topology using Layer 3 or Layer 2 connectivity
· Use Cisco firewalls as part of a robust, secure virtualization architecture
· Deploy Cisco ASA firewalls with or without NAT
· Take full advantage of the classic IOS firewall feature set (CBAC)
· Implement flexible security policies with the Zone Policy Firewall (ZPF)
· Strengthen stateful inspection with antispoofing, TCP normalization, connection limiting, and IP fragmentation handling
· Use application-layer inspection capabilities built into Cisco firewalls
· Inspect IP voice protocols, including SCCP, H.323, SIP, and MGCP
· Utilize identity to provide user-based stateful functionality
· Understand how multicast traffic is handled through firewalls
· Use firewalls to protect your IPv6 deployments
This security book is part of the Cisco Press Networking Technology Series. Security titles from Cisco Press help networking professionals secure critical data and resources, prevent and mitigate network attacks, and build end-to-end, self-defending networks.
Kindle Monthly Deals
New deals each month starting at $1.49. Learn more
About the Author
Alexandre Matos da Silva Pires de Moraes, CCIE No. 6063, has worked as a systems engineer for Cisco Brazil since 1998, in projects that involve not only security and VPN technologies but also routing protocol and campus design, IP multicast routing, and MPLS networks design. He has supported large enterprise and public sector accounts and, for almost three years, coordinated a team of Security engineers in Brazil. Alexandre holds the CISSP, CCSP, and 03 CCIE certifications (routing/switching, security, and service provider). Alexandre, a frequent speaker at Cisco Live, graduated in electronic engineering from the Instituto Tecnológico de Aeronáutica (ITA ― Brazil) and has never hidden his sincere passion for mathematics (mainly the fields of synthetic geometry and trigonometry). Alexandre maintains a personal blog in which he discusses topics related to networking and security technologies at http://alexandremspmoraes.wordpress.com/.--This text refers to an out of print or unavailable edition of this title.
Alexandre has worked with Cisco security technologies since the year 2000 and is a well recognized expert in the LATAM security community. He is a frequent speaker at Cisco Networkers and other security conferences and has helped in training partners and customers in Brazil. In this book, he proposes a totally different approach to the important subject of firewalls: Instead of just presenting configuration models, he uses a set of carefully crafted examples to illustrate the theory in action. From the configuration fundamentals to advanced topics such as voice inspection, multicast, IPv6 and identity-based firewalls, the book unveils important details about the operations of Cisco firewall solutions, enabling the reader to better use this knowledge on security design. A must-read !
--Luc Billot, Security Consulting Engineer at Cisco (Emerging Markets and European Market)
I think that Alexandre's book could have the alternative title 'Cisco Firewalls Illustrated.' The way in which he links theory and practice is really insightful and greatly helps in understanding individual features and making better use of them for security design. Definitely a reference work in the subject !
--Louis Senecal, CCIE 2198, Consulting Systems Engineer, Cisco (Canada)
In this fully illustrated tour of the world of Cisco Firewalls, Alexandre devotes a great deal of attention to data center-related topics. Network virtualization architecture and the protection of environments that include virtual machines figure among the important subjects covered in the book. For those that want to benefit from virtualization without compromising security, this work is highly recommended.
--David Gonzalez, CISSP #99462, Consulting Systems Engineer at Cisco ( LATAM)--This text refers to an out of print or unavailable edition of this title.
- ASIN : B0055O2H5C
- Publisher : Cisco Press; 1st edition (6 June 2011)
- Language : English
- File size : 11312 KB
- Simultaneous device usage : Up to 5 simultaneous devices, per publisher limits
- Text-to-Speech : Enabled
- Screen Reader : Supported
- Enhanced typesetting : Enabled
- X-Ray : Not Enabled
- Word Wise : Not Enabled
- Print length : 912 pages
- Customer Reviews:
Review this product
Top reviews from other countries
On each topic the author starts with sometimes not so brief description of the underlying technologies he examines but also includes output from captures and debug commands.
I would recommend this book to anyone thinking to start or already has an experience with Cisco firewalls.
I haven’t given 5 stars as sometimes I thing the book spend way too much analysis on a topic (i.e. voice). Don’t forget that this is a 1000 page book.
Also there is not too much reference on other security devices (such as IPS, SWG etc). We shouldn’t forget that this book only focuses on the firewall aspect of the network security.
[...] (by Zeljka Zorz).
"There used to be a time when firewalls were considered a full proof solution for protecting networks, and that time is long gone. History has taught us there are no silver bullets
when it comes to computer and information security, but firewalls are still a great and versatile tool in the hands of those who know how to use them effectively. "Cisco Firewalls"
will tell you how.
The theory behind this book is that the reader should learn what every firewall feature brings to the table so that he could make an informed and correct decision when dealing with his own firewall situation.
In order to do that, the author covers both ASA-centric and IOS-based firewall deployments, and addresses the motivations for the use of features of each of those two types clearly.
The chapter on additional protection mechanisms is very interesting, and so are those that deal with application inspection and that of voice protocols.
It's helpful to point out at this point that advanced users are welcome to skip through chapters, but others should stick to the order given to them by the author, since many of the chapter build on the knowledge introduced in the previous one(s).
The most important thing about this book is that the it's chock full of meaningful and handy examples. This is not a simple handbook - it aims at making the reader think for himself, and make the connection between theory and practice easy and natural.
The last three chapters deal with how IP multicast tasks and the introduction of the IPv6 standard influence the choices on firewall features, and the book ends with a chapter that deals with security design. It is not overly comprehensive, and here is definitely where I could have enjoyed reading more about how new trends like mobility and cloud computing affect the notion of using firewall to protect the future borderless network. But, perhaps that is a subject for another book.
This book is a must read for everyone who is charged with designing, implementing and deploying firewall solutions, and especially if they are Cisco's.
The author has had the interesting notion of using troubleshooting tools to help show how the various firewall features work, so that, in fact, troubleshooting is "performed"
throughout the book instead of at the end - and you'll be grateful for that"