This is the Safari online edition of the printed book.

CCIE Professional Development

Network Security Technologies and Solutions

A comprehensive, all-in-one reference for Cisco network security

Yusuf Bhaiji, CCIE No. 9305

Network Security Technologies and Solutions is a comprehensive reference to the most cutting-edge security products and methodologies available to networking professionals today. This book helps you understand and implement current, state-of-the-art network security technologies to ensure secure communications throughout the network infrastructure.

With an easy-to-follow approach, this book serves as a central repository of security knowledge to help you implement end-to-end security solutions and provides a single source of knowledge covering the entire range of the Cisco network security portfolio.  The book is divided into five parts mapping to Cisco security technologies and solutions: perimeter security, identity security and access management, data privacy, security monitoring, and security management. Together, all these elements enable dynamic links between customer security policy, user or host identity, and network infrastructures.

With this definitive reference, you can gain a greater understanding of the solutions available and learn how to build integrated, secure networks in today’s modern, heterogeneous networking environment. This book is an excellent resource for those seeking a comprehensive reference on mature and emerging security tactics and is also a great study guide for the CCIE Security exam.

“Yusuf’s extensive experience as a mentor and advisor in the security technology field has honed his ability to translate highly technical information into a straight-forward, easy-to-understand format. If you’re looking for a truly comprehensive guide to network security, this is the one! ”

–Steve Gordon, Vice President, Technical Services, Cisco

Yusuf Bhaiji, CCIE No. 9305 (R&S and Security), has been with Cisco for seven years and is currently the program manager for Cisco CCIE Security certification. He is also the CCIE Proctor in the Cisco Dubai Lab. Prior to this, he was technical lead for the Sydney TAC Security and VPN team at Cisco.

• Filter traffic with access lists and implement security features on switches

• Configure Cisco IOS router firewall features and deploy ASA and PIX Firewall appliances

• Understand attack vectors and apply Layer 2 and Layer 3 mitigation techniques

• Secure management access with AAA

• Secure access control using multifactor authentication technology

• Implement identity-based network access control

• Apply the latest wireless LAN security solutions

• Enforce security policy compliance with Cisco NAC

• Learn the basics of cryptography and implement IPsec VPNs, DMVPN, GET VPN, SSL VPN, and MPLS VPN technologies

• Monitor network activity and security incident response with network and host intrusion prevention, anomaly detection, and security monitoring and correlation

• Deploy security management solutions such as Cisco Security Manager, SDM, ADSM, PDM, and IDM

• Learn about regulatory compliance issues such as GLBA, HIPPA, and SOX

This book is part of the Cisco CCIE Professional Development Series from Cisco Press, which offers expert-level instruction on network design, deployment, and support methodologies to help networking professionals manage complex networks and prepare for CCIE exams.

Category: Network Security

Covers: CCIE Security Exam

Amazon.com® Reader Reviews (Ranked by Helpfulness)

Average Amazon.com® Rating:  Based on 8 Ratings

Good but it takes more - 2009-02-03
Reviewer Rating:
The book is surely a good reference and deals with many security topics,and is up to date.
Unfortunately many links provided are not working.
However it takes far more research on Internet to prepare for CCIE Security, and in some cases (such as Transparent Firewall or Multiple Contexts) to understand better, since they are very important and somehow too shortly addressed.

Well written Easy to Use Network Security Resource...! - 2008-12-03
Reviewer Rating:
Yusef Bhaiji offers an extremely well written, easy to understand, highly descriptive solution to network security technologies and solutions from a Cisco network security stand point.
In addition to dividing the book into five parts mapping to Cisco security technologies and solutions: perimeter security, identity security and access management, data privacy, security monitoring, and security management, the book also offers a Best Practices Framework. This is accomplished by noting critical Regulatory compliance and Legislative Acts, such as GLBA - Gramm-Leach-Bliley Act, HIPAA - Health Insurance Portability and Accountability Act, SOX - Sarbanes-Oxley Act and the applicable Cisco solutions to each of these regulatory compliance and legislative acts in a clear, descriptive manner.
Specific attack vectors and mitigation techniques are described through vulnerability, threats, and exploits that are a very common threat to today's networks. In addition to describing the risk assessment, specific solutions and mitigation techniques are offered to offset these threats. A security incident response methodology discusses the specific steps which helps prepare for any security event.

Great Reference for Security technology!! - 2008-04-24
Reviewer Rating:
Yusuf does a great job at putting together all the relevant material on network security technologies in one place - and all that with comes with an easy to read guide compiled nicely into relevant chapters/parts.

Overall book is divided into five parts, and information is presented in a manner that it serves both novice and advanced readers.

a few things can be improved in a later edition, e.g.., a)allocation of breadths to the newer areas (more on zone-based FW than CBAC) and b) less repetitiveness around the subject matter (ie, overlap with other cisco titles).

All in all, a great title and highly recommended for network security professional at all levels!

Excellent Security Reference - 2008-10-03
Reviewer Rating:
This book is an excellent security reference, possessing both great scope and great depth, which is difficult to achieve in one book for such a large field.

The structure is very good, starting with an overview of security, providing the objectives of it, the reason behind it, the 'Why'. This is followed by the 'How' where it gives clear and concise overviews and explanations of the multitude of technologies complete with configuration examples and good use of diagrams and screenshots. Every chapter has a very helpful list of references for even more information. Advanced topics such as Network Admission Control (NAC), Security Monitoring and Correlation (MARS), and Attack Vectors and Mitigation are covered. Finally the book closes with the business side including security management, explanation of policies, frameworks, governance and the myriad of regulations.

As part of my preparation for the CCIE Security Written exam, I read this book and found it to be invaluable. I highly recommend this book for not just for CCIE preparation but for all levels of readers looking for one of the best books on network security.

An excellent all-around Cisco security reference! - 2008-07-08
Reviewer Rating:
When I first selected this book, I was expecting material rather specific to CCIE Security preparation. What I found after reading it, however was that it not only covered CCIE Security preparation but CCIE R/S preparation as well as many real-world security topics.

Many authors attempt to cover a wide area of technologies and wind up losing organization of their presentation of the topics. I find Yusuf's organization to be excellent and flowed very well making this an easy read. In fact, considering how many topics this book covers I am amazed at just how well it is organized, which is better than many of the technology-specific books I have read over the years. I become very annoyed with having to go back to reference past topics time and again but I did not find that I had to do that with this book and was able to continue going forward along with the topics.

I also found that this book gets right to the point. Yusuf didn't pack a lot of fluff and filler into the material. Instead you get right into the meat of the topics. Keep in mind that if you are looking for a thorough reference to take you from the very beginning of a specific topic then this book is not for you. This book is part of the "CCIE Professional Development" series and as such assumes you have at least some pre-existing knowledge in these areas. With this in mind, I find this an excellent study guide as well as a real-world reference for various areas of Cisco security.

Perhaps one of the most unique and possibly useful chapters of this book is the non-Cisco material. For example the section covering security policies is invaluable. As a consultant I see client after client without a corporate security policy and in this day and age that's trouble waiting to happen. This section discusses the value of such a policy and how to begin developing it. Another area within this chapter contains information on various regulatory compliance mandates, such as HIPPA and SOX. While this info is readily available elsewhere, Yusuf neatly summarizes the various regulations, including who is mandated to comply, penalties for not doing so and the various Cisco solutions used for compliance.

I found this book to be excellent.

Browse Similar Topics

Top Level Categories:
Networking
Security

Sub-Categories:
Networking > Security
Security > Networking