View Larger Image	John Roland, Mark J. Newcomb Cisco Press, Hardcover, Bk&CD edition, Published April 2003, 450 pages, ISBN 1587200708
	List Price: $49.95 Our Price: $27.25 You Save: $22.70 (45% Off)
	Availability: Out-Of-Stock

Read an online sample chapter: Chapter 4: Configuring Cisco VPN 3000 for Remote Access Using Preshared Keys       Copyright © Cisco Systems, Inc. Published by Cisco Press. Written permission from the publisher is required for any use of this material.

Write a Review and tell the world about this title!

People who purchase this book frequently purchase:

• CCSP SNRS Exam Certification Guide (CCSP Self-Study) (Exam 642-502); Greg Bastien, et al, $35.50, 45% Off!
• CCSP Self-Study: Cisco Secure PIX Firewalls Advanced (CSPFA), 2nd Edition (642-521); Behzad Behtash, $34.95, 30% Off!
• Cisco QOS Exam Certification Guide, 2nd Edition (CCVP, IP Telephony 642-642 Self-Study); Wendell Odom, et al, $40.95, 45% Off!
• Network Security Fundamentals; Gert De Laet, et al, $38.50, 30% Off!

• * Series - Exam Study : Exam Certification Guides
• Certification : CCSP
• Networking/Communications : Virtual Private Networks
• Enterprise Computing : Security

• Cisco Press

Coverage of the CSVPN topics enables you to identify and fill your knowledge gaps before the exam date. You'll learn about:

• Configuring Cisco VPN 3000 concentrators and VPN 3002 Hardware Clients for remote access
  
• Enabling secure VPNs using IPSec technologies
  
• Peer authentication using preshared keys and digital certificates
  
• Using Network Address Translation (NAT) and Port Address Translation (PAT) over VPNs
  
• Administering and monitoring VPN concentrators in remote-access and LAN-to-LAN networksUtilizing IPSec protocols and features
  
• Configuring VPN Client personal firewall support through the VPN concentrator
  
• Integrated unit and interactive user authentication through the Cisco VPN 3002 Hardware Client

Becoming a CCSP distinguishes you as part of an exclusive group of experts, ready to take on today's most challenging security tasks. Installation and configuration of Cisco VPN 3000 Series concentrators and Cisco VPN 3002 Hardware Clients are critical tasks in today's network environments, especially as reliance on the public Internet as an extension of business networks increases. Whether you are seeking a Cisco VPN Specialist Certification or the full-fledged CCSP Certification, learning what you need to know to pass the CSVPN (Cisco Secure Virtual Private Networks) exam qualifies you to keep your company's network safe while meeting its business needs.

CCSP Cisco Secure VPN Exam Certification Guide is a comprehensive study tool that enables you to master the concepts and technologies required for success on the CSVPN exam. Each chapter of the CCSP Cisco Secure VPN Exam Certification Guide tests your knowledge of the exam subjects through sections that detail exam topics to master and areas that highlight essential subjects for quick reference and review. Challenging chapter-ending review questions and exercises test your knowledge of the subject matter, reinforce key concepts, and provide you with the opportunity to apply what you've learned in the chapter. In addition, a final chapter of scenarios pulls together concepts from all the chapters to ensure you can apply your knowledge in a real-world environment. The companion CD-ROM testing engine enables you to take practice exams that mimic the real testing environment, focus on particular topic areas, and refer to the electronic text for review.

This book is part of a recommended learning path from Cisco Systems that can include simulation and hands-on training from authorized Cisco Learning Partners and self-study products from Cisco Press. To find out more about instructor-led training, e-learning, and hands-on instruction offered by authorized Cisco Learning Partners worldwide, please visit www.cisco.com/go/authorizedtraining.

Companion CD-ROM

Table of Contents

Introduction.

1. All About the Cisco Certified Security Professional.

How This Book Can Help You Pass the CCSP Cisco Secure VPN Exam. Overview of CCSP Certification and Required Exams. The Cisco Secure VPN Exam. Topics on the Cisco Secure VPN Exam. Recommended Training Path for the CCSP Certification. Using This Book to Pass the Exam. Final Exam Preparation Tips.

2. Overview of VPN and IPSec Technologies.

How to Best Use This Chapter. “Do I Know This Already?” Quiz. Cisco VPN Product Line. Enabling VPN Applications Through Cisco Products. An Overview of IPSec Protocols. Establishing VPNs with IPSec. Table of Protocols Used with IPSec. IPSec Preconfiguration Processes. Creating VPNs with IPSec.

3. Cisco VPN 3000 Concentrator Series Hardware Overview.

How to Best Use This Chapter. “Do I Know This Already?” Quiz. Major Advantages of Cisco VPN 3000 Series Concentrators. Cisco Secure VPN Concentrators: Comparison and Features. Cisco Secure VPN Client Features. Table of Cisco VPN 3000 Concentrators. Table of Cisco VPN 3000 Concentrator Capabilities.

4. Configuring Cisco VPN 3000 for Remote Access Using Preshared Keys.

How to Best Use This Chapter. “Do I Know This Already?” Quiz. Using VPNs for Remote Access with Preshared Keys. VPN Concentrator Configuration. Installing and Configuring the VPN Client. Types of Preshared Keys. VPN 3000 Concentrator CLI Quick Configuration Steps. VPN 3000 Concentrator Browser-Based Manager Quick Configuration Steps. VPN Client Installation Steps. VPN Client Configuration Steps. VPN Client Program Options. Limits for Number of Groups and Users. Complete Configuration Table of Contents. Complete Administration Table of Contents. Complete Monitoring Table of Contents. Scenario 4-1. Scenario 4-2. Scenario 4-1 Answers. Scenario 4-2 Answers.

5. Configuring Cisco VPN 3000 for Remote Access Using Digital Certificates.

How to Best Use This Chapter. “Do I Know This Already?” Quiz. Digital Certificates and Certificate Authorities. Digital Certificate Support Through the VPN 3000 Concentrator Series Manager. Configuring the VPN Client for CA Support. PKCS #10 Certificate Request Fields. X.509 Identity Certificate Fields. Types of Digital Certificates. Types of CA Organization. Certificate Validation and Authentication Process. Internet-Based Certificate Authorities. Certificate Management Applications. Scenario 5-1. Scenario 5-2. Scenario 5-1 Answers. Scenario 5-2 Answers.

6. Configuring the Cisco VPN Client Firewall Feature.

How to Best Use This Chapter. “Do I Know This Already?” Quiz. Cisco VPN Client Firewall Feature Overview. Firewall Configuration Overview. Configuring Firewall Filter Rules. Configuring the Stateful Firewall. Configuring the VPN Concentrator for Firewall Usage. Monitoring VPN Client Firewall Statistics. Enabling Automatic Client Update Through the Cisco VPN 3000 Concentrator Series Manager. Cisco VPN Client Firewall Feature Overview. Stateful Firewall (Always On) Feature. Cisco Integrated Client. Centralized Protection Policy. Are You There Feature. Configuring Firewall Filter Rules. Action. Configuring the Stateful Firewall. Configuring the VPN Concentrator for Firewall Usage. Firewall. Firewall Policy. Monitoring VPN Client Firewall Statistics. Scenario 6-1. Scenario 6-1 Answers.

7. Monitoring and Administering the VPN 3000 Series Concentrator.

How Best to Use This Chapter. “Do I Know This Already?” Quiz. Administering the Cisco VPN 3000 Series Concentrator. Monitoring the Cisco VPN 3000 Series Concentrator. Administering the Cisco VPN 3000 Series Concentrator. Administer Sessions. Software Update. System Reboot. Ping. Monitoring Refresh. Access Rights. Administrators. Access Control List. Access Settings. AAA Servers. Authentication. File Management. Certificate Manager. Monitoring the Cisco VPN 3000 Series Concentrator. System Status. Sessions. Top Ten Lists. Statistics. MIB II Statistics.

8. Configuring Cisco 3002 Hardware Client for Remote Access.

How to Best Use This Chapter. “Do I Know This Already?” Quiz. Configure Preshared Keys. Unit and User Authentication for the VPN 3002 Hardware Client. Configure Preshared Keys. Troubleshooting IPSec. Client and LAN Extension Modes. Split Tunnel. Configuring Individual User Authentication on the VPN 3000 Concentrator. Scenario 8-1. Scenario 8-2. Scenario 8-1 Answers. Scenario 8-2 Answers.

9. Configuring Scalability Features of the VPN 3002 Hardware Client.

How to Best Use This Chapter. “Do I Know This Already?” Quiz. VPN 3002 Hardware Client Reverse Route Injection. VPN 3002 Hardware Client Backup Servers. VPN 3002 Hardware Client Load Balancing. Overview of Port Address Translation. IPSec on the VPN 3002 Hardware Client. Configuring Auto-Update for the VPN 3002 Hardware Client. Monitoring Auto-Update Events. Table of RRI Configurations. Backup Servers. Load Balancing. Comparing NAT and PAT. IPSec Over TCP/IP. IPSec Over UDP. Troubleshooting IPSec. Auto-Update. Scenario 9-1. Scenario 9-1 Answers.

10. Cisco VPN 3000 LAN-to-LAN with Preshared Keys.

How to Best Use This Chapter. “Do I Know This Already?” Quiz. Overview of LAN-to-LAN VPN. LAN-to-LAN Configuration. SCEP Overview. Maximum Certificates. Enrollment Variables.

11. Scenarios.

Example Corporation. Site Descriptions. Scenario 11-1The Basics. Scenario 11-2Portland. Scenario 11-3Seattle. Scenario 11-4Memphis. Scenario 11-5Richmond. Scenario 11-6Terry and Carol. Scenario 11-1 Answers. Scenario 11-2 Answers. Scenario 11-3 Answers. Scenario 11-4 Answers. Scenario 11-5 Answers. Scenario 11-6 Answers.

Appendix A. Answers to the “Do I Know This Already?” Quizzes and Q&A Sections.

Index.

About the Authors

John Roland, CCNP, CCDP, CSS-1, is a security specialist for Ajilon Consulting and has worked in the IT field for more than 22 years. He has experience in COBOL programming on IBM mainframes, LAN/WAN implementation on military networks, and developing Cisco certification training materials.

Mark Newcomb, CCNP, CCDP, is the owner and lead Security Engineer for Secure Networks in Spokane, Wash. Mark has more than 20 years experience in the networking industry, focusing on the financial and medical industries. Mark is a frequent contributor and reviewer for Cisco Press books.

Jan 15, 2004     Frank Misak from Michigan
Needs More...
Like other Cisco Press materials, this book does not cover the subject material in entirety if you are looking to pass the associated exam. I found this book lacking some in content, however this is remedied by going to Cisco’s site for more information. I found the examples and illustrations to be very helpful, especially since there is a lot of GUI work with the concentrator software. This book coupled with resources on Cisco’s site should adequately prepare the reader for the exam. The accompanying study CD with this book needs some serious attention, as it has numerous errors and I felt the content was only fair. Coverage of the 3002 hardware client is missing, yet heavily emphasized on the CSVPN 642-511 exam. If you have a good working knowledge of the current Cisco VPN product line and technology, you should do fine with just this book as your guide. However if this is the only material you are studying from and do not have experience with the concentrators or client software, make certain you take in as much info off from Cisco’s site as you can. Overall I would rate this Cisco Press publication a 3+ out of 5, due to the fact there is a lot of material that isn’t covered, and the accompanying CD seems to have a high number of inconsistencies. Compared to the PIX Firewall Advanced book, also from Cisco Press, this book is definitely inferior. I found that book to be much better organized and detailed compared to the Cisco Secure VPN book. I felt the authors knew the material however maybe could have added more information to include the latest VPN devices and client software; especially in the detail necessary to pass Cisco’s tough exams.

Forgot your password? FAQs Shipping Options Returns Your Orders Your Account