View Larger Image	Umer Khan Syngress, Paperback, Published April 2005, 548 pages, ISBN 1597490040
	List Price: $49.95 Our Price: $35.50 You Save: $14.45 (29% Off)
	Availability: Out-Of-Stock

Write a Review and tell the world about this title!

People who purchase this book frequently purchase:

• Securing Your Business with Cisco ASA and PIX Firewalls; Greg Abelar, $31.50, 21% Off!
• Cisco PIX Firewalls; Richard A. Deal, $30.50, 39% Off!
• DNS on Windows Server 2003; Cricket Liu, et al, $32.95, 18% Off!
• Microsoft Windows Server 2003 PKI and Certificate Security; Brian Komar, $36.95, 38% Off!

• Networking/Communications : Cisco Routers
• Enterprise Computing : Security

• Syngress

This completely updated bestseller covers Cisco PIX Security Appliance Software Version 7.0, as well as the entire family of Cisco PIX 500 Series Firewalls. The book clearly explains how to leverage the integrated remote access and site-to-site VPN capabilities found in PIX Firewalls. It also illustrates how to securely extend your network to tele-workers, remote and satellite offices, business partners, suppliers, and customers. The authors thoroughly document all enhancements to PIX 7.0, including virtual LAN (VLAN)-based virtual interfaces, OSPF Dynamic Routing over VPNs, Secure Hypertext Transfer Protocol (HTTPS) Authentication Proxy, Local User Authentication Database for Network and VPN Access, Advanced Encryption Standard (AES), Support for VPN Accelerator Card+ (VAC+), DHCP Server Support on Multiple Interfaces. Special attention is paid to intrusion protection configuration.

· Create Multiple Security Contexts
Create virtual firewalls within a single appliance, each with its own set of security policies, logical interfaces, and administrative domain.

· Utilize PIX 7.0’s Advanced Active Failover Design
Create an easy-to-manage, high-availability solution using geographically separated appliances, that continuously synchronize their connection state and device configuration data.

· Sleep Easy with Scheduled System Reloads
Schedule PIX security appliance reloads at specific times to better manage network downtime and remote-access VPN connections more efficiently.

· Secure Communications with SSHv2 and Secure Copy Protocol
Use SSHv2 to securely manage PIX appliances and begin using SCP for secure file transfer between appliances.

· Take Advantage of the New ASDM
With ASDM all you need is a Web browser to deploy, configure, and monitor a PIX appliance, or to setup a VPN.

· Deploy OSPF Dynamic Routing
Use OSPF to detect service outages and automatically reroute your network and VPN traffic for optimal performance and flexibility.

· Realize the Benefits of IPv6
PIX 7.0 provides IPv6-enabled inspection services for HTTP, FTP, SMTP, ICMP, TCP, and UDP.

· Manage and Contain Malicious Attacks
Use your PIX firewall to protect against SYN Floods, malicious fragmentation of traffic, and excessive connection establishment by configuring limits.

· Download the Bonus, Complete E-Book for PIX Software 6.x
If you are migrating from 6.x or running a mixed environment, download a FREE copy of Syngress’s best-selling PIX 6.x book.

Your Solutions Membership Gives You Access to:

A comprehensive FAQ page that consolidates all of the key points of this book into an easy-to-search Web page

“From the Author” Forum where the authors post timely updates and links to related sites

Downloadable chapters from these best-selling books:

Configuring NetScreen Firewalls

Dr. Tom Shinder's Configuring ISA Server 2004

Microsoft Log Parser Toolkit

Google Hacking for Penetration Testers

Table of Contents

Introduction to Security and Firewalls

Introduction to PIX Firewalls

PIX Firewall Operations

Adaptive Security Device Manager

Application Inspection

Filtering, Intrusion Detection, and Attack Management

Services

Configuring Authentication, Authorization, and Accounting

PIX Firewall Management

Configuring Virtual Private Networking

Configuring Failover

Troubleshooting and Performance Monitoring

Charles Riley has co-authored and edited several books including Routing and Configuring Cisco Voice over IP, Second Edition, and The Best Damn Cisco Internetworking Book Period (Syngress Publishing, ISBN: 1-931836-91-4). He has designed and implemented robust networking solutions for large Fortune 500 and privately held companies. Charles started as an U.S. Army telecommunications specialist at Fort Huachuca, Arizona, eventually finishing his Army career as the network manager of the 7th Army Training Command in Grafenwoehr, Germany. Charles graduated from the University of Central Florida in 1989.

Michael Sweeney (CCNA, CCDA, CCNP, MCSE, SCP) is the owner of the Network Security consulting firm Packetattack.com. Packetattack.com specialties are network design and troubleshooting, wireless network design, security and analysis. The Packetattack team uses such industry standard tools such as NAI Sniffer, AiroPeekNX and Airmagnet. Packetattack.com also provides digital forensic analysis services. Michael has been a contributing author for Syngress for the books Cisco Security Specialist Guide to PIX Firewalls, ISBN: 1-931836-63-9, Cisco Security Specialist Guide to Secure Intrusion Detection Systems, ISBN: 1-932266-69-0 and Building DMZs For Enterprise Networks, ISBN: 1-931836-88-4. Through PacketPress, Michael has also published Securing Your Network Using Linux, ISBN: 1411621778.

Brian Browne (CISSP) is the Principal Consultant with Edoxa, Inc., and provides both strategic and technical information security consulting. He has 14 years of experience in the field of information security and is skilled in all phases, from security management through hands-on implementation. His specific security experience includes Sarbanes-Oxley and HIPAA gap analysis and remediation, vulnerability assessments, network security, firewall architecture, virtual private networks (VPN), UNIX security, Windows Active Directory security, and public key infrastructure (PKI). He also conducts application performance assessments and network capacity planning using Opnet IT Guru.

Daniel Kligerman (B.Sc, CCSE, CCIE #13999) is the Manager of the Data Diagnostic Centre at TELUS National Systems, responsible for the support and management of enterprise customers' data and VoIP networks. Daniel is the technical editor of Check Point Next Generation with Application Intelligence Security Administration (Syngress, ISBN: 1-932266-89-5), and the contributing author of Building DMZs for Enterprise Networks (Syngress, ISBN: 1-931836-88-4), Check Point NG VPN-1/Firewall-1 Advanced Configuration and Troubleshooting (Syngress, ISBN: 1-931836-97-3), Nokia Network Security Solutions Handbook (Syngress, ISBN: 1-931836-70-1), and Check Point Next Generation Security Administration (Syngress, ISBN: 1-928994-74-1).

Thorsten Behrens (CCMSE, CCSE+, CCNA, CNE) is a Senior Security Engineer with Integralis' Managed Security Services Team. Thorsten’s specialties include Check Point FireWall-1, Cisco PIX, and ISS RealSecure. Thorsten is a German national who delights his neighbors in Springfield, MA with bagpipe practice sessions.

Ido Dubrawsky (CCNA, CCDA, SCSA, CISSP) is a Senior Security Consultant with SBC's Callisma consulting practice. Previously Ido was a Network Security Architect working in the SAFE architecture group of Cisco Systems, Inc. His responsibilities include research into network security design and implementation. Previously, Ido was a member of Cisco's Secure Consulting Services in Austin, TX where he conducted security posture assessments and penetration tests for clients as well as provided technical consulting for security design reviews. Ido was one of the co-developers of the Secure Consulting Services wireless network assessment toolset. His strengths include Cisco routers and switches, PIX firewalls, the Cisco Intrusion Detection System, and the Solaris operating system. His specific interests are in vulnerability assessments, penetration testing, freeware intrusion detection systems, and network performance monitoring. Ido holds a bachelor's and master's degree from the University of Texas at Austin in Aerospace Engineering and is a longtime member of USENIX and SAGE. He has written numerous articles covering Solaris security and network security for Sysadmin as well as the online SecurityFocus. He is a contributor to Hack Proofing Sun Solaris 8 (Syngress Publishing, ISBN: 1-928994-44-X) and Hack Proofing Your Network, Second Edition (Syngress, ISBN: 1-928994-70-9).

Umer Khan (CCIE #7410, MCSE, SCSA, SCNA, CCA, SCE, CNX) is the Manager of Networking, Telecommunications, and Windows Infrastructure at Broadcom Corporation (www.broadcom.com), where he enjoys the challenging and fast-paced IT environment. Umer's teams are responsible for the design, implementation, and support of a broad range of Broadcom’s global IT infrastructure, some of which include LAN, MAN, WAN, 802.11 wireless, PBX, VoIP, VPN, firewall, cellular, Windows server, Active Directory, Citrix, Microsoft Exchange, SQL, IIS, Biztalk, VMware, authentication, content load balancing, caching, audio/video conferencing, and audio/video distribution technologies. Umer has contributed towards several publications, including the Sun Certified System Administrator for Solaris 8 Study Guide (ISBN: 007-212369-9) and Sniffer Pro: Network Optimization and Troubleshooting Handbook (Syngress, ISBN: 193-183657-4). He was also the technical editor for Cisco Security Specialist’s Guide to PIX Firewalls (Syngress, ISBN: 1-931836-63-9).

Aug 5, 2005     A review from St Louis
Terrible
Not worth the money. You could learn as much from the free Cisco documentation. Poorly worded and poorly organized.

Forgot your password? FAQs Shipping Options Returns Your Orders Your Account