The book consists of 20 chapters. Each chapter builds upon the chapter that precedes it. The chapters that cover specific commands and configurations include case studies or practice configurations. Chapter 20 includes additional case studies and configuration examples that might or might not work—it is up to you to determine if the configurations fulfill the requirement and why.
This book was written as a guide to help you prepare for the SNPA certification exam. It is a tool—not the entire toolbox. That is to say, you must use this book with other references (specifically Cisco TAC) to help you prepare for the exam. Remember that successfully completing the exam makes a great short-term goal. Being very proficient at what you do should always be your ultimate goal.
xxvii
The chapters of this book cover the following topics:
■ Chapter 1, “Network Security”—Chapter 1 provides an overview of network security, including the process and potential threats, and discusses how network security has become increasingly more important to business as companies become more intertwined and their network perimeters continue to fade. Chapter 1 discusses the network security policy and two Cisco programs that can assist companies with the design and
implementation of sound security policies, processes, and architecture.
■ Chapter 2, “Firewall Technologies and the Cisco Security Appliance”—Chapter 2 covers the different firewall technologies and the Cisco Security Appliance. It examines the design of the Security Appliance and discusses some security advantages of that design.
■ Chapter 3, “Cisco Security Appliance”—Chapter 3 deals with the design of the Security Appliance in greater detail. This chapter lists the different models of the Security Appliance and their intended applications. It discusses the various features available with each model and how each model should be implemented.
■ Chapter 4, “System Management/Maintenance”—Chapter 4 covers the installation and configuration of the Security Appliance IOS. This chapter covers the different
configuration options that allow for remote management of the Security Appliance.
■ Chapter 5, “Understanding Cisco Security Appliance Translation and Connection”—
This chapter covers the different transport protocols and how they are handled by the Security Appliance. It also discusses network addressing and how the Security Appliance can alter node or network addresses to secure those elements.
■ Chapter 6, “Getting Started with the Cisco Security Appliance Family of Firewalls”—
This chapter is the meat of the Security Appliance: basic commands required to get the Security Appliance operational. It discusses the methods for connecting to the Security Appliance and some of the many configuration options available with the Security Appliance.
■ Chapter 7, “Configuring Access”—Chapter 7 introduces the different configurations that enable you to control access to your network(s) using the Security Appliance. It also covers some of the specific configurations required to allow certain protocols to pass through the firewall.
■ Chapter 8, “Modular Policy Framework”—Chapter 8 explains a new method of subdividing map-based policies to allow a more granular control over access to PIX-protected networks and systems.
■ Chapter 9, “Secure Contexts”—Chapter 9 introduces the creation of virtual firewalls using separate security contexts. It also explains the benefits of multiple separate firewalls versus a single universal firewall.
■ Chapter 10, “Syslog and the Cisco Security Appliance”—Chapter 10 covers the logging functions of the Security Appliance and the configuration required to allow the Security Appliance to log to a syslog server.
■ Chapter 11, “Routing and the Cisco Security Appliance”—Chapter 11 discusses routing with the Security Appliance, the routing protocols supported by the Security Appliance, and how to implement them.
■ Chapter 12, “Cisco Security Appliance Failover”—Chapter 12 details the advantages of a redundant firewall configuration and the steps required to configure two Security Appliances in the failover mode.
■ Chapter 13, “Virtual Private Networks”—Many businesses have multiple locations that must be interconnected. Chapter 13 explains the different types of secure connections of virtual private networks (VPN) that can be configured between the Security Appliance and other VPN endpoints. It covers the technologies and protocols used for creating and maintaining VPNs across public networks.
■ Chapter 14, “Configuring Access VPNs”—Chapter 14 discusses how the Security Appliance is used for creating remote-access VPNs.
■ Chapter 15, “Adaptive Security Device Manager”—The PIX Firewall can now be managed using a variety of different tools. The Adaptive Security Device Manager is a web-based graphical user interface (GUI) that can be used to manage the Security Appliance.
■ Chapter 16, “Content Filtering on the Cisco Security Appliance”—It is a common practice for hackers to embed attacks into the content of a web page. Certain types of program code are especially conducive to this type of attack because of their interactive nature. Chapter 16 discusses these types of code and identifies their dangers.
■ Chapter 17, “Overview of AAA and the Cisco Security Appliance”—It is extremely important to ensure that only authorized users are accessing your network. Chapter 17 discusses the different methods for configuring the Security Appliance to interact with authentication, authorization, and accounting (AAA) services. This chapter also introduces the Cisco Secure Access Control Server (Cisco Secure ACS), which is the Cisco AAA server package.
■ Chapter 18, “Configuration of AAA on the Cisco Security Appliance”—Chapter 18 discusses the specific configuration on the Security Appliance for communication with the AAA server, including the Cisco Secure ACS. It covers the implementation, functionality, and troubleshooting of AAA on the PIX Firewall.
■ Chapter 19, “IPS and Advanced Protocol Handling”—Many different attacks can be launched against a network and its perimeter security devices. Chapter 19 explains some of the most common attacks and how the Security Appliance can be configured to repel such an attack.
xxix
■ Chapter 20, “Case Study and Sample Configuration”—This chapter consists of two case studies that enable you to practice configuring the firewall to perform specific functions.
One section includes configurations that may or may not work. You will be asked to determine if the configuration will work correctly and why or why not. The certification exam asks specific questions about configuration of the Security Appliance. It is very important to become intimately familiar with the different commands and components of the Security Appliance configuration.
Each chapter follows the same format and incorporates the following tools to assist you by assessing your current knowledge and emphasizing specific areas of interest within the chapter:
■ “Do I Know This Already?” Quiz—Each chapter begins with a quiz to help you assess your current knowledge of the subject. The quiz is broken down into specific areas of emphasis that allow you to best determine where to focus your efforts when working through the chapter.
■ Foundation Topics—The foundation topics are the core sections of each chapter. They focus on the specific protocol, concept, or skills you must master to prepare successfully for the examination.
■ Foundation Summary—Near the end of each chapter, the foundation topics are summarized into important highlights from the chapter. In many cases, the foundation summaries are broken into charts, but in some cases the important portions from each chapter are simply restated to emphasize their importance within the subject matter.
Remember that the foundation portions are in the book to assist you with your exam preparation. It is very unlikely that you will be able to complete the certification exam successfully by studying just the foundation topics and foundation summaries, although they are good tools for last-minute preparation just before taking the exam.
■ Q&A—Each chapter ends with a series of review questions to test your understanding of the material covered. These questions are a great way not only to ensure that you understand the material but also to exercise your ability to recall facts.
■ Case Studies/Scenarios—The chapters that deal more with configuration of the Security Appliance have brief scenarios included. These scenarios are there to help you
understand the different configuration options and how each component can affect another component within the configuration of the firewall. The final chapter of this book is dedicated to case studies/scenarios.
■ CD-Based Practice Exam—On the CD included with this book, you will find a practice test with more than 200 questions that cover the information central to the SNPA exam.
With the customizable testing engine, you can take a sample exam that focuses on particular topic areas or randomizes the questions. Each test question includes a link that points to a related section in an electronic Portable Document Format (PDF) copy of the book, also included on the CD.
Figure I-1 depicts the best way to navigate through the book. If you feel that you already have a sufficient understanding of the subject matter in a chapter, you should test yourself with the
“Do I Know This Already?” quiz. Based on your score, you should determine whether to complete the entire chapter or to move on to the “Foundation Summary” and “Q&A”
sections. It is always recommended that you go through the entire book rather than skip around. It is not possible to know too much about a topic. Only you will know how well you really understand each topic—until you take the exam, and then it might be too late.
Figure I-1 Completing the Chapter Material