• Quản trị mạng - Services in a converged wanQuản trị mạng - Services in a converged wan

    Cisco Enterprise Architecture This is an expansion of the hierarchical model that further divides the enterprise network into Physical areas Logical areas Functional areas Selecting the appropriate WAN technology requires considering some of the following: WAN’s purpose Geographic scope of WAN Traffic requirements If WAN uses a public or ...

    ppt18 trang | Chia sẻ: nguyenlam99 | Ngày: 09/01/2019 | Lượt xem: 968 | Lượt tải: 0

  • Quản trị mạng - Implementing the cisco adaptive security appliance (asa)Quản trị mạng - Implementing the cisco adaptive security appliance (asa)

    The management interface depends on the model of ASA: – Cisco ASA 5505 - The management switch port can be any port, except for Ethernet 0/0. – Cisco ASA 5510 and higher - The interface to connect is Management 0/0

    pdf50 trang | Chia sẻ: nguyenlam99 | Ngày: 09/01/2019 | Lượt xem: 1107 | Lượt tải: 0

  • Quản trị mạng - Chapter 9: Managing a secure networkQuản trị mạng - Chapter 9: Managing a secure network

    The security policy is an integral component of an organization’s network security design and implementation. It answers questions about what assets are to be protected and how to protect them. • A security policy typically consists of a goverming policy, a technical policy, and an end-user policy. • Standards, guidelines, and procedures cont...

    pdf82 trang | Chia sẻ: nguyenlam99 | Ngày: 09/01/2019 | Lượt xem: 1105 | Lượt tải: 0

  • Quản trị mạng - Chapter 8: Implementing virtual private networksQuản trị mạng - Chapter 8: Implementing virtual private networks

    Describe the purpose and operation of VPN types • Describe the purpose and operation of GRE VPNs • Describe the components and operations of IPsec VPNs • Configure and verify a site-to-site IPsec VPN with preshared key authentication using CLI • Configure and verify a site-to-site IPsec VPN with preshared key authentication using CCP • Configu...

    pdf124 trang | Chia sẻ: nguyenlam99 | Ngày: 09/01/2019 | Lượt xem: 1169 | Lượt tải: 1

  • Quản trị mạng - Chapter 7: Cryptographic systemsQuản trị mạng - Chapter 7: Cryptographic systems

    To authenticate each other, users have to obtain the certificate of the CA and their own certificate. These steps require the out-of-band verification of the processes. Public-key systems use asymmetric keys whe one is public and the other one is private. Key management is simplified because two users can freely exchange the certificates. Th...

    pdf104 trang | Chia sẻ: nguyenlam99 | Ngày: 09/01/2019 | Lượt xem: 1334 | Lượt tải: 0

  • Quản trị mạng - Chapter 6: Securing the local area networkQuản trị mạng - Chapter 6: Securing the local area network

    Modern enterprise networks deploy wireless, VoIP, and SAN devices that require specialized security solutions. • Wireless technologies are the most prone to network attacks. A number of technologies have evolved to miligate these attacks. • With the increased adoption of VoIP, serveral security considerations specific to VoIP technology have ...

    pdf143 trang | Chia sẻ: nguyenlam99 | Ngày: 09/01/2019 | Lượt xem: 1149 | Lượt tải: 0

  • Quản trị mạng - Chapter 5: Implementing intrusion preventionQuản trị mạng - Chapter 5: Implementing intrusion prevention

    Signatures may need to be tuned to a specifc netwok. • Continuously monitor an IPS solution to ensure that it is providing an adequate level of protection. • Implement Cisco IOS IPS using CLI or SDM • Modify IPS signatures using CLI or SDM • Use various CLI commends to verify and monitor a Cisco IOS IPS configuration. Học việ

    pdf83 trang | Chia sẻ: nguyenlam99 | Ngày: 09/01/2019 | Lượt xem: 1123 | Lượt tải: 0

  • Quản trị mạng - Chapter 4: Implementing firewall technologiesQuản trị mạng - Chapter 4: Implementing firewall technologies

    Zone-Based Policy Firewall (ZPF) , introduced in 2006, is the state of the art in modern firewalling. • ZPF operation centers around the creation of zones associated with various security levels. • Implementing ZPF with CLI is much more structured and easier to understand than CBAC . ZPF utilizes class maps and policy maps enabled by C3PL. •...

    pdf132 trang | Chia sẻ: nguyenlam99 | Ngày: 09/01/2019 | Lượt xem: 1195 | Lượt tải: 0

  • Quản trị mạng - Chapter 3: Authentication, authorization, and accountingQuản trị mạng - Chapter 3: Authentication, authorization, and accounting

    In large or complex networks, AAA authentication can be implemented using server-based AAA. • AAA servers can use RADIUS or TACACS+ protocols to communicate with client routers. • The Cisco Access Control Server (ACS) can be used to provide AAA server services. • Server-based AAA authentication can be configured using CLI or SDM. • Server-b...

    pdf78 trang | Chia sẻ: nguyenlam99 | Ngày: 09/01/2019 | Lượt xem: 1195 | Lượt tải: 0

  • Quản trị mạng - Chapter 2: Securing network devicesQuản trị mạng - Chapter 2: Securing network devices

    Released in IOS version 12.3, Cisco AutoSecure is a feature that is initiated from the CLI and executes a script. • AutoSecure first makes recommendations for fixing security vulnerabilities and then modifies the security configuration of the router. • There are three forwarding plane services and functions: 1. Enables Cisco Express Forwardin...

    pdf175 trang | Chia sẻ: nguyenlam99 | Ngày: 09/01/2019 | Lượt xem: 1245 | Lượt tải: 0