Cisco ASA: All-in-one Next-Generation popular Firewall, online sale IPS, and VPN Services sale

Cisco ASA: All-in-one Next-Generation popular Firewall, online sale IPS, and VPN Services sale

Cisco ASA: All-in-one Next-Generation popular Firewall, online sale IPS, and VPN Services sale
Cisco ASA: All-in-one Next-Generation popular Firewall, online sale IPS, and VPN Services sale__left
Cisco ASA: All-in-one Next-Generation popular Firewall, online sale IPS, and VPN Services sale__after

Description

Product Description

Cisco® ASA

All-in-One Next-Generation Firewall, IPS, and VPN Services, Third Edition

 

Identify, mitigate, and respond to today’s highly-sophisticated network attacks.

 

Today, network attackers are far more sophisticated, relentless, and dangerous. In response, Cisco ASA: All-in-One Next-Generation Firewall, IPS, and VPN Services has been fully updated to cover the newest techniques and Cisco technologies for maximizing end-to-end security in your environment. Three leading Cisco security experts guide you through every step of creating a complete security plan with Cisco ASA, and then deploying, configuring, operating, and troubleshooting your solution.

 

Fully updated for today’s newest ASA releases, this edition adds new coverage of ASA 5500-X, ASA 5585-X, ASA Services Module, ASA next-generation firewall services, EtherChannel, Global ACLs, clustering, IPv6 improvements, IKEv2, AnyConnect Secure Mobility VPN clients, and more. The authors explain significant recent licensing changes; introduce enhancements to ASA IPS; and walk you through configuring IPsec, SSL VPN, and NAT/PAT.

 

You’ll learn how to apply Cisco ASA adaptive identification and mitigation services to systematically strengthen security in network environments of all sizes and types. The authors present up-to-date sample configurations, proven design scenarios, and actual debugs–
all designed to help you make the most of Cisco ASA in your rapidly evolving network.

 

Jazib Frahim, CCIE® No. 5459 (Routing and Switching; Security), Principal Engineer in the Global Security Solutions team, guides top-tier Cisco customers in security-focused network design and implementation. He architects, develops, and launches new security services concepts. His books include Cisco SSL VPN Solutions and Cisco Network Admission Control, Volume II: NAC Deployment and Troubleshooting.

 

Omar Santos, CISSP No. 463598, Cisco Product Security Incident Response Team (PSIRT) technical leader, leads and mentors engineers and incident managers in investigating and resolving vulnerabilities in Cisco products and protecting Cisco customers. Through 18 years in IT and cybersecurity, he has designed, implemented, and supported numerous secure networks for Fortune® 500 companies and the U.S. government. He is also the author of several other books and numerous whitepapers and articles.

 

Andrew Ossipov, CCIE® No. 18483 and CISSP No. 344324, is a Cisco Technical Marketing Engineer focused on firewalls, intrusion prevention, and data center security. Drawing on more than 16 years in networking, he works to solve complex customer technical problems, architect new features and products, and define future directions for Cisco’s product portfolio. He holds several pending patents.

 

Understand, install, configure, license, maintain, and troubleshoot the newest ASA devices

Efficiently implement Authentication, Authorization, and Accounting (AAA) services

Control and provision network access with packet filtering, context-aware Cisco ASA next-generation firewall services, and new NAT/PAT concepts

Configure IP routing, application inspection, and QoS

Create firewall contexts with unique configurations, interfaces, policies, routing tables, and administration

Enable integrated protection against many types of malware and advanced persistent threats (APTs) via Cisco Cloud Web Security and Cisco Security Intelligence Operations (SIO)

Implement high availability with failover and elastic scalability with clustering

Deploy, troubleshoot, monitor, tune, and manage Intrusion Prevention System (IPS) features

Implement site-to-site IPsec VPNs and all forms of remote-access VPNs (IPsec, clientless SSL, and client-based SSL)

Configure and troubleshoot Public Key Infrastructure (PKI)

Use IKEv2 to more effectively resist attacks against VPNs

Leverage IPv6 support for IPS, packet inspection, transparent firewalls, and site-to-site IPsec VPNs

 

 

About the Author

Jazib Frahim, CCIE No. 5459, is a Principal Engineer in the Global Security Services Practice at Cisco. He has been with Cisco for over 15 years, with a focus on cyber-security and emerging security technologies. Jazib is also responsible for guiding customers in the design and implementation of security solutions and technologies in their networks with a focus on network security. He leads a team of solutions architects to guide them through the lifecycle of services and solutions development. Jazib has also been engaged in the development of a number of customer-focused services, such as managed threat defense, network-based identity, bring-your-own-device (BYOD), and many others. Jazib holds a bachelor’s degree in computer engineering from Illinois Institute of Technology and a master’s degree in business administration (MBA) from North Carolina State University. In addition to CISSP, Jazib also holds two CCIEs, one in routing and switching and the other in security. He has presented at many industry events, such as Cisco Live, Interop, and ISSA, on multiple occasions.

, CCIE No. 5459, is a Principal Engineer in the Global Security Services Practice at Cisco. He has been with Cisco for over 15 years, with a focus on cyber-security and emerging security technologies. Jazib is also responsible for guiding customers in the design and implementation of security solutions and technologies in their networks with a focus on network security. He leads a team of solutions architects to guide them through the lifecycle of services and solutions development. Jazib has also been engaged in the development of a number of customer-focused services, such as managed threat defense, network-based identity, bring-your-own-device (BYOD), and many others. Jazib holds a bachelor’s degree in computer engineering from Illinois Institute of Technology and a master’s degree in business administration (MBA) from North Carolina State University. In addition to CISSP, Jazib also holds two CCIEs, one in routing and switching and the other in security. He has presented at many industry events, such as Cisco Live, Interop, and ISSA, on multiple occasions.

 Omar Santos, CISSP No. 463598 is a Senior Incident Manager of Cisco’s Product Security Incident Response Team (PSIRT), where he mentors and leads engineers and incident managers during the investigation and resolution of security vulnerabilities in all Cisco products. Omar has designed, implemented, and supported numerous secure networks for Fortune 500 companies and the U.S. government. Prior to his current role, he was a technical leader within the World Wide Security Practice and Cisco’s Technical Assistance Center (TAC), where he taught, led, and mentored many engineers within both organizations. Omar is an active member of the security community, where he leads several industrywide initiatives and standards bodies. His active role helps businesses, academic institutions, state and local law enforcement agencies, and other participants that are dedicated to increasing the security of the critical infrastructure. Omar has delivered numerous technical presentations at conferences and to Cisco customers and partners, as well as many C-level executive presentations to many organizations.

is a Senior Incident Manager of Cisco’s Product Security Incident Response Team (PSIRT), where he mentors and leads engineers and incident managers during the investigation and resolution of security vulnerabilities in all Cisco products. Omar has designed, implemented, and supported numerous secure networks for Fortune 500 companies and the U.S. government. Prior to his current role, he was a technical leader within the World Wide Security Practice and Cisco’s Technical Assistance Center (TAC), where he taught, led, and mentored many engineers within both organizations. Omar is an active member of the secur

Product information

Brief content visible, double tap to read full content.
Full content visible, double tap to read brief content.

Videos

Help others learn more about this product by uploading a video!
Upload video
Brief content visible, double tap to read full content.
Full content visible, double tap to read brief content.

Customers who bought this item also bought

Customer reviews

4.5 out of 54.5 out of 5
95 global ratings

Top reviews from the United States

Translate all reviews to English
alphadog
5.0 out of 5 starsVerified Purchase
this is an excellent book for anyone who needs to troubleshoot and deploy ...
Reviewed in the United States on October 2, 2014
Technically, this is an excellent book for anyone who needs to troubleshoot and deploy the ASA firewall. I have been using working with this appliance since its inception, so even the previous edition, not nearly as complete as this book has always helped me in the theory... See more
Technically, this is an excellent book for anyone who needs to troubleshoot and deploy the ASA firewall. I have been using working with this appliance since its inception, so even the previous edition, not nearly as complete as this book has always helped me in the theory and deployment.
I have read many ASA books, but this one outshines the others, because it is truly a practical guide, not overweighted with arcane theory.
This edition contains so much useful information - it really shines with actual real world deployment scenarios, even setting up the appliance for basic network connectivity right out of the box it is worth its price. While the volume of material looks intimidating from the first glance, you only need the use the chapters as it applies to your network security requirements. But the chapters on the theory are a must read for anyone looking to learn the appliance at a more advanced level. My various job roles have required me to understand this appliance at a high technical level, and this book has provided me with many of the answers I needed for some of the most technically challenging scenarios. It is well written technically, so even an entry level firewall engineer or network administrator should be able to deploy this appliance with a basic security configuration. Also, the next generation firewalls are covered making this book current.

So five stars it is, as the real world deployment examples, technical clarity of the topics, as well as current information on the cisco''s new next generation firewalls make this a must have for your technical library on the ASA appliance.
Technically, this is an excellent book for anyone who needs to troubleshoot and deploy the ASA firewall. I have been using working with this appliance since its inception, so even the previous edition, not nearly as complete as this book has always helped me in the theory and deployment.
I have read many ASA books, but this one outshines the others, because it is truly a practical guide, not overweighted with arcane theory.
This edition contains so much useful information - it really shines with actual real world deployment scenarios, even setting up the appliance for basic network connectivity right out of the box it is worth its price. While the volume of material looks intimidating from the first glance, you only need the use the chapters as it applies to your network security requirements. But the chapters on the theory are a must read for anyone looking to learn the appliance at a more advanced level. My various job roles have required me to understand this appliance at a high technical level, and this book has provided me with many of the answers I needed for some of the most technically challenging scenarios. It is well written technically, so even an entry level firewall engineer or network administrator should be able to deploy this appliance with a basic security configuration. Also, the next generation firewalls are covered making this book current.

So five stars it is, as the real world deployment examples, technical clarity of the topics, as well as current information on the cisco''s new next generation firewalls make this a must have for your technical library on the ASA appliance.
One person found this helpful
Helpful
Report
Andrew S Hogetvedt
4.0 out of 5 starsVerified Purchase
Decent overview but overly wordy
Reviewed in the United States on April 3, 2020
I own several books by this author and I have had this book for almost four years, as well as I have used ASA/PIX for two decades. This book is starting to get dated, but still has some good information. It is about three times longer than it needs to be however as the... See more
I own several books by this author and I have had this book for almost four years, as well as I have used ASA/PIX for two decades. This book is starting to get dated, but still has some good information. It is about three times longer than it needs to be however as the author in all of his books tends to be extremely wordy without saying much. It also covers way too much ASDM for my liking, as I have always used CLI for ASAs. In 2020 it is hard to justify buying this book unless you are new to ASAs and your company still uses them.
I own several books by this author and I have had this book for almost four years, as well as I have used ASA/PIX for two decades. This book is starting to get dated, but still has some good information. It is about three times longer than it needs to be however as the author in all of his books tends to be extremely wordy without saying much. It also covers way too much ASDM for my liking, as I have always used CLI for ASAs. In 2020 it is hard to justify buying this book unless you are new to ASAs and your company still uses them.
One person found this helpful
Helpful
Report
Amazon Customer
4.0 out of 5 starsVerified Purchase
... 1st edition of this line was far from my favourite as it focused so heavily on the GUI (ASDM)
Reviewed in the United States on May 3, 2015
While thankfully the Cisco ASA has multiple book series running in parallel the 1st edition of this line was far from my favourite as it focused so heavily on the GUI (ASDM). Each revision has thankfully moved to provide more low level detail and command line structures and... See more
While thankfully the Cisco ASA has multiple book series running in parallel the 1st edition of this line was far from my favourite as it focused so heavily on the GUI (ASDM). Each revision has thankfully moved to provide more low level detail and command line structures and the 3rd is currently THE definitive guide for the latest features (ASA clustering etc.). However it still has a GUI bias that is detrimental to information delivery, basically each chapter or major sub chapter begins with a generic explanation (which is great) and then moves to actual configuration. Being a CLI guy I normally skip the ASDM sections and just want to jump to the relevant commands, but in doing so you can miss ancillary information that is explained as you go in the ASDM areas. This information should be in the input-neutral starting explanations, not just because it is my own preference to avoid the GUI but that the user has been led to believe that all relevant information is already included there. It''s very easy to miss some important minutiae.

Overall though a very good read and a great deal better than the previous editions.
While thankfully the Cisco ASA has multiple book series running in parallel the 1st edition of this line was far from my favourite as it focused so heavily on the GUI (ASDM). Each revision has thankfully moved to provide more low level detail and command line structures and the 3rd is currently THE definitive guide for the latest features (ASA clustering etc.). However it still has a GUI bias that is detrimental to information delivery, basically each chapter or major sub chapter begins with a generic explanation (which is great) and then moves to actual configuration. Being a CLI guy I normally skip the ASDM sections and just want to jump to the relevant commands, but in doing so you can miss ancillary information that is explained as you go in the ASDM areas. This information should be in the input-neutral starting explanations, not just because it is my own preference to avoid the GUI but that the user has been led to believe that all relevant information is already included there. It''s very easy to miss some important minutiae.

Overall though a very good read and a great deal better than the previous editions.
3 people found this helpful
Helpful
Report
R.Bock
5.0 out of 5 starsVerified Purchase
Great investment
Reviewed in the United States on November 9, 2014
I''m taking a class in Cisco Firewall Design at the local community college. This book is required. I have the kindle version which is definitely easier to carry than the physical book which weighs about 20 lbs. The price is also substantially lower. The only thing I miss... See more
I''m taking a class in Cisco Firewall Design at the local community college. This book is required. I have the kindle version which is definitely easier to carry than the physical book which weighs about 20 lbs. The price is also substantially lower. The only thing I miss about the physical book, is not being able to hold my place and refer back to information or topology examples in earlier sections of the book.
I''m taking a class in Cisco Firewall Design at the local community college. This book is required. I have the kindle version which is definitely easier to carry than the physical book which weighs about 20 lbs. The price is also substantially lower. The only thing I miss about the physical book, is not being able to hold my place and refer back to information or topology examples in earlier sections of the book.
2 people found this helpful
Helpful
Report
Saul Lagos
5.0 out of 5 starsVerified Purchase
Buena estructura
Reviewed in the United States on April 16, 2019
Buena informacion
Buena informacion
Helpful
Report
Translate review to English
TUTUBÁ
5.0 out of 5 starsVerified Purchase
All ok
Reviewed in the United States on December 11, 2019
All ok
All ok
Helpful
Report
Tek Nickel
5.0 out of 5 starsVerified Purchase
After cracking it you suddenly realize that 150 pages go by in a blur because the information is simply spot on and pulls you in
Reviewed in the United States on May 7, 2015
Well, when I got the book I was wondering if I would ever read all of it. After cracking it you suddenly realize that 150 pages go by in a blur because the information is simply spot on and pulls you in if you are a security fiend like I am.
Well, when I got the book I was wondering if I would ever read all of it. After cracking it you suddenly realize that 150 pages go by in a blur because the information is simply spot on and pulls you in if you are a security fiend like I am.
One person found this helpful
Helpful
Report
Ottaviani Luigi
5.0 out of 5 starsVerified Purchase
Love Cisco press, now I love my ASA too
Reviewed in the United States on July 6, 2018
I love Cisco press and this book is written so well!!! If you have an ASA, definitely get this book!
I love Cisco press and this book is written so well!!! If you have an ASA, definitely get this book!
Helpful
Report

Top reviews from other countries

Jagjit Singh Rehill
5.0 out of 5 starsVerified Purchase
Keeper
Reviewed in the United Kingdom on January 24, 2021
Once for reference. Been a go to on many occasion in my MSP days. Needs updating (2021).
Report
Alex Hynes
5.0 out of 5 starsVerified Purchase
Good detail
Reviewed in the United Kingdom on May 5, 2019
Good detail, use as a reference for work
Report
MikeN
5.0 out of 5 starsVerified Purchase
complete ASA guidebook.
Reviewed in the United Kingdom on August 12, 2016
One of the better Cisco books, this completely smashes Cisco ASA''s and has helped me settle in working on them as a Managed service in a Datacentre. Read it cover to cover - really is worth it.
One person found this helpful
Report
Neil Morris
5.0 out of 5 starsVerified Purchase
Five Stars
Reviewed in the United Kingdom on January 4, 2017
Great product. Excellent buying experience.
Report
MS
5.0 out of 5 starsVerified Purchase
good
Reviewed in the United Kingdom on August 16, 2018
good
Report
See all reviews
Brief content visible, double tap to read full content.
Full content visible, double tap to read brief content.

What other items do customers buy after viewing this item?

Brief content visible, double tap to read full content.
Full content visible, double tap to read brief content.

Customers who viewed this item also viewed

Brief content visible, double tap to read full content.
Full content visible, double tap to read brief content.

Pages with related products.

  • cisco press
  • cisco security
  • network programming
  • security certification

Cisco ASA: All-in-one Next-Generation popular Firewall, online sale IPS, and VPN Services sale

Cisco ASA: All-in-one Next-Generation popular Firewall, online sale IPS, and VPN Services sale

Cisco ASA: All-in-one Next-Generation popular Firewall, online sale IPS, and VPN Services sale

Cisco ASA: All-in-one Next-Generation popular Firewall, online sale IPS, and VPN Services sale

Cisco ASA: All-in-one Next-Generation popular Firewall, online sale IPS, and VPN Services sale

Cisco ASA: All-in-one Next-Generation popular Firewall, online sale IPS, and VPN Services sale

Cisco ASA: All-in-one Next-Generation popular Firewall, online sale IPS, and VPN Services sale

Cisco ASA: All-in-one Next-Generation popular Firewall, online sale IPS, and VPN Services sale

Cisco ASA: All-in-one Next-Generation popular Firewall, online sale IPS, and VPN Services sale