This book aims to provide the reader with the information needed to configure and understand a design that encompasses the following requirements:
Cisco ASA firewall cluster in multiple context mode.
Redundant connections from the ASA firewalls to the Nexus 9300 switches using virtual port channel (vPC).
Transparent mode and routed mode ASA contexts.
Cisco ASA FirePOWER modules in all ASA firewalls to provide intrusion prevention (IPS).
FirePOWER management using a FireSIGHT manager.
Authentication, authorization and accounting for the entire system using Cisco ACS.
All of this has been tested and is working in a real life environment in England UK.
Author:
Grant Wilson is the author of the “Cisco Pocket Guide” series of books. He is CCIE security #26667 and currently works as contractor for some of the biggest names in the business. He spent 15 years of his IT career as a Cisco trainer (CCSI) teaching many Cisco certified classes. He lives near Oxford in England with his wife and three children.
Grant runs a website which is in his kitchen and is protected by an IOS firewall, ASA firewall, IOS IPS and an IPS sensor.
He holds the following certifications:
-CCIE - Security (Cisco) - #26667
-CCSI (Cisco) - #23077
-CCSP (Cisco)
-CCNP (Cisco)
-JNCIS Security (Juniper)
-JNCIA (Juniper)
-CCSA (Checkpoint)
-CCNA (Cisco)
-CCDA (Cisco)
-MCSE (Microsoft)
-MCT (Microsoft)
-Cisco Firewall Specialist
-Cisco Content Networking Specialist
-Cisco Network Management Specialist
-Ironport certified trainer
-Cisco Borderless Networks R and S Support Specialist
-BSc Electrical and electronic engineering
-MA Digital Music Technology
Cisco ASA firewall cluster in multiple context mode.
Redundant connections from the ASA firewalls to the Nexus 9300 switches using virtual port channel (vPC).
Transparent mode and routed mode ASA contexts.
Cisco ASA FirePOWER modules in all ASA firewalls to provide intrusion prevention (IPS).
FirePOWER management using a FireSIGHT manager.
Authentication, authorization and accounting for the entire system using Cisco ACS.
All of this has been tested and is working in a real life environment in England UK.
Author:
Grant Wilson is the author of the “Cisco Pocket Guide” series of books. He is CCIE security #26667 and currently works as contractor for some of the biggest names in the business. He spent 15 years of his IT career as a Cisco trainer (CCSI) teaching many Cisco certified classes. He lives near Oxford in England with his wife and three children.
Grant runs a website which is in his kitchen and is protected by an IOS firewall, ASA firewall, IOS IPS and an IPS sensor.
He holds the following certifications:
-CCIE - Security (Cisco) - #26667
-CCSI (Cisco) - #23077
-CCSP (Cisco)
-CCNP (Cisco)
-JNCIS Security (Juniper)
-JNCIA (Juniper)
-CCSA (Checkpoint)
-CCNA (Cisco)
-CCDA (Cisco)
-MCSE (Microsoft)
-MCT (Microsoft)
-Cisco Firewall Specialist
-Cisco Content Networking Specialist
-Cisco Network Management Specialist
-Ironport certified trainer
-Cisco Borderless Networks R and S Support Specialist
-BSc Electrical and electronic engineering
-MA Digital Music Technology