Cisco ASA: All-in-One Firewall, IPS, Anti-X, and VPN Adaptive Security Appliance (2nd Edition) [Paperback]

Jazib Frahim (Author), Omar Santos (Author)

Book Description

Publication Date: January 8, 2010 | ISBN-10: 1587058197 | ISBN-13: 978-1587058196 | Edition: 2

For organizations of all sizes, the Cisco ASA product family offers powerful new tools for maximizing network security. Cisco ASA: All-in-One Firewall, IPS, Anti-X and VPN Adaptive Security Appliance, Second Edition, is Cisco's authoritative practitioner's guide to planning, deploying, managing, and troubleshooting security with Cisco ASA. Written by two leading Cisco security experts, this book presents each Cisco ASA solution in depth, offering comprehensive sample configurations, proven troubleshooting methodologies, and debugging examples. Readers will learn about the Cisco ASA Firewall solution and capabilities; secure configuration and troubleshooting of site-to-site and remote access VPNs; Intrusion Prevention System features built into Cisco ASA's Advanced Inspection and Prevention Security Services Module (AIP-SSM); and Anti-X features in the ASA Content Security and Control Security Services Module (CSC-SSM). This new edition has been updated with detailed information on the latest ASA models and features.

 

• Everything network professionals need to know to identify, mitigate, and respond to network attacks with Cisco ASA
• Includes detailed configuration examples, with screenshots and command line references
• Covers the ASA 8.2 release
• Presents complete troubleshooting methodologies and architectural references

Editorial Reviews

About the Author

Jazib Frahim CCIE # 5459, is Technical Leader in the Worldwide Security Services Practice of Cisco's Advanced Services for Network Security. He was previously Technical Lead for Cisco's TAC Security team, leading twenty engineers in resolving complicated security and VPN technologies. He is author of Cisco Network Admission Control, Volume II and Cisco SSL VPN Solutions. Omar Santos Senior Network Security Engineer and Incident Manager at Cisco's Product Security Incident Response Team, has designed, implemented, and supported secure networks for Fortune 500 companies and the U.S. government, including the Marine Corps and DOD.

Product Details

• Paperback: 1152 pages
• Publisher: Cisco Press; 2 edition (January 8, 2010)
• Language: English
• ISBN-10: 1587058197
• ISBN-13: 978-1587058196
• Product Dimensions: 9 x 7.3 x 2.3 inches
• Shipping Weight: 4.1 pounds (View shipping rates and policies)
• Average Customer Review: 4.3 out of 5 stars  See all reviews (13 customer reviews)
• Amazon Best Sellers Rank: #228,086 in Books (See Top 100 in Books)

Customer Reviews

Most Helpful Customer Reviews

7 of 7 people found the following review helpful:

5.0 out of 5 stars Excellent Resource for Cisco ASA admins and for CCIE Security Candidates, February 28, 2010

By 

Shahid Shafi (San Diego) - See all my reviews
(REAL NAME)   

This review is from: Cisco ASA: All-in-One Firewall, IPS, Anti-X, and VPN Adaptive Security Appliance (2nd Edition) (Paperback)

This book is written by Omar Santos and Jazib Frahim and both of them are leading Security engineers from Cisco Systems. Hence you are in extremely capable hands and the book is worth every penny. Having said that, the book is huge (over 1000 pages) and it may not be feasible to read it cover to cover but it is filled with excellent information. It is comprised of 20 chapters emphasizing five key technology areas including Cisco ASA product overview and firewall portfolio, Firewall technology, IPS, Content Security (URL Filtering, Anti-X etc) and VPNs.

The book is filled with configuration examples for both CLI and ASDM GUI. It covers ASA 8.2 code and hence the content is extremely current, fresh and relevant. The book explains firewall theory, implementation, tuning and troubleshooting in great detail, making it an excellent resource for Cisco ASA administrators and CCIE Security candidates as the lab test ASA firewall in great detail.

I bought this book to learn more about firewall virtualization and transparent firewalls. The book spends over 100 pages on these two technologies and cover them with great detail. Virtualization is configured step by step using both CLI and ASDM and then important troubleshooting commands are also covered. Transparent firewalls are clearly explained with detailed configuration examples. Also the chapter contains a table showing readers how routed mode firewalls differ from transparent firewalls and what features are not supported when ASA is running in transparent mode.

Only minor complaint I have is the book should dedicate one more chapter for a detailed case study and showcase all technologies like Site to Site VPNs, Remote Access VPNs, SSL VPNs, IPS, AntiX, Tranparent Firewalls and Virtual Firewalls at the same time by showing a enterprise network with one head office and two branch offices. This will help readers to see all technologies in action at the same time and further clarify things.

Overall I am extremely satisfied with this product and strongly endorse it for CCIE Security candidates and Cisco ASA administrators as their one stop resource for Cisco ASA firewalls.

6 of 6 people found the following review helpful:

2.0 out of 5 stars Old version, July 12, 2011

By 

K. Howanitz - See all my reviews
(REAL NAME)   

Amazon Verified Purchase

This review is from: Cisco ASA: All-in-One Firewall, IPS, Anti-X, and VPN Adaptive Security Appliance (2nd Edition) (Paperback)

The book is a well written introduction for the Cisco ASA 5500 series. Wish the Index was more thorough, and some sections you have to skip around to complete. This later complain though may in part be because this book covers the ASA IOS versions 8.2 and before, and some major changes came with version 8.3. (At the time of this review, the current version is 8.4.) This does not matter much for some of the basic setup operations, such as interface & logging setup, but NAT/PAT and ACE/ACL setup has changed dramatically. Since those are two fundamental areas of firewall setup, what would otherwise be 4 or 5 star book, drops to a 2 or 3 star review, especially considering that most organizations are not going to want to run old versions of IOS on their security devices.

There is some documentation on the updated version available online, but especially when it comes to examples, I think they are not real written. Would be happy to purchase an updated copy of this book to add to my bookshelf that would cover version 8.4.

4 of 4 people found the following review helpful:

5.0 out of 5 stars Excellent resource for ASA management, April 3, 2010

By 

Kristy M. Westphal - See all my reviews
(REAL NAME)   

This review is from: Cisco ASA: All-in-One Firewall, IPS, Anti-X, and VPN Adaptive Security Appliance (2nd Edition) (Paperback)

The sheer weight of this book intimidates you right out of the box! However, once you open it up and start reading, you realize that you have an excellent reference for the Cisco ASA product. From the beginning where the book introduces you to the overall solution to where it spends a chapter on each of the components mentioned in the title (even better- some have much more in-depth coverage) to the end where an entire section is dedicated to configuring the Virtual Private Networks, this book provides the necessary information to securely set up and use this important appliance.

I liked many aspects of this book, but when I initially cracked it open and saw the product overview alone, I knew that this was the type of book that I needed if I wanted to maintain this type of solution. Why? Well, this particular section walked you through the different models of the ASA product line, complete with pictures of each and diagrams of where and what all the different features are. This is the type of information that you don't need every day, but when you need it you typically end up scrounging for it on the web, taking considerable time and effort away from your troubleshooting efforts.

The rest of the book is equally detailed, providing the step by step information that you need to set up the important features of this product. Throughout the sections that explain the features, you find notes about default settings and other limitations that the feature may encounter. Architecture diagrams and screen shots also help the reader to understand what they are actually doing rather than just barking out orders and having the setup be dictated.

Lastly, to clear up one mystery that puzzled me from the start: Anti-X isn't a new fangled threat that we need to worry about. It appears that description covers the anti-spam, anti-virus and anti-spyware configurations of the features that the box provides.

If you have an ASA appliance, then this book will be invaluable in your support of this device.