Cisco ISE for BYOD and Secure Unified Access, 2nd Edition

(Cisco Identity Services Engine (ISE نسل جدید سیستم شناسایی و کنترل دسترسی است که شبکه را قادر می سازد سرویس دهی را ساده تر انجام دهد و وضعیت امنیت زیرساخت را بهبود ببخشد. معماری منحصر به فرد Cisco ISE این امکان را می دهد که به صورت Real time اطلاعات شبکه ، کاربران و دستگاه ها را جمع آوری کند. سپس مدیر می تواند با استفاده از این اطلاعات برای شناسایی دسترسی به عناصر مختلف شبکه مانند سوئیچ ها ، WLAN ، VPN و … اقدام کند. Cisco ISE محصولی جدید است که راه حل ها و سرویس های مختلف امنیتی را در یک محصول به صورت یکجا برای ما فراهم می کند. این محصول کنترل دسترسی و راه حل های امنیتی را برای ارتباطات کابلی ، وایرلس و VPN را به صورت ساده و خودکار فراهم می کند.

لينک دانلود کتاب Cisco ISE for BYOD and Secure Unified Access, 2nd Edition

دانلود – حجم : 67 مگابايت

رمز فايل:

Author: Aaron Woland, Jamey Heary
Length: 912 pages
Edition: 2
List Price: $55.99
Language: English
Publisher: Cisco Press
Publication Date: 2017-06-26
ISBN-10: 1587144735
ISBN-13: 9781587144738

Using Cisco Secure Access Architecture and Cisco Identity Services Engine, you can secure and gain control of access to your networks in a Bring Your Own Device (BYOD) world.

This second edition of Cisco ISE for BYOD and Secure Unified Accesscontains more than eight brand-new chapters as well as extensively updated coverage of all the previous topics in the first edition book to reflect the latest technologies, features, and best practices of the ISE solution. It begins by reviewing today’s business case for identity solutions. Next, you walk through ISE foundational topics and ISE design. Then you explore how to build an access security policy using the building blocks of ISE. Next are the in-depth and advanced ISE configuration sections, followed by the troubleshooting and monitoring chapters. Finally, we go in depth on the new TACACS+ device administration solution that is new to ISE and to this second edition.

With this book, you will gain an understanding of ISE configuration, such as identifying users, devices, and security posture; learn about Cisco Secure Access solutions; and master advanced techniques for securing access to networks, from dynamic segmentation to guest access and everything in between.

Drawing on their cutting-edge experience supporting Cisco enterprise customers, the authors offer in-depth coverage of the complete lifecycle for all relevant ISE solutions, making this book a cornerstone resource whether you’re an architect, engineer, operator, or IT manager.

  • Review evolving security challenges associated with borderless networks, ubiquitous mobility, and consumerized IT
  • Understand Cisco Secure Access, the Identity Services Engine (ISE), and the building blocks of complete solutions
  • Design an ISE-enabled network, plan/distribute ISE functions, and prepare for rollout
  • Build context-aware security policies for network access, devices, accounting, and audit
  • Configure device profiles, visibility, endpoint posture assessments, and guest services
  • Implement secure guest lifecycle management, from WebAuth to sponsored guest access
  • Configure ISE, network access devices, and supplicants, step by step
  • Apply best practices to avoid the pitfalls of BYOD secure access
  • Set up efficient distributed ISE deployments
  • Provide remote access VPNs with ASA and Cisco ISE
  • Simplify administration with self-service onboarding and registration
  • Deploy security group access with Cisco TrustSec
  • Prepare for high availability and disaster scenarios
  • Implement passive identities via ISE-PIC and EZ Connect
  • Implement TACACS+ using ISE
  • Monitor, maintain, and troubleshoot ISE and your entire Secure Access system
  • Administer device AAA with Cisco IOS, WLC, and Nexus

Table of Contents

Part I Identity-Enabled Network: Unite!
Chapter 1 Regain Control of Your IT Security
Chapter 2 Fundamentals of AAA
Chapter 3 Introducing Cisco Identity Services Engine

Part II The Blueprint, Designing an ISE-Enabled Network
Chapter 4 The Building Blocks in an Identity Services Engine Design
Chapter 5 Making Sense of the ISE Deployment Design Options
Chapter 6 Quick Setup of an ISE Proof of Concept

Part III The Foundation, Building a Context-Aware Security Policy
Chapter 7 Building a Cisco ISE Network Access Security Policy
Chapter 8 Building a Device Security Policy
Chapter 9 Building an ISE Accounting and Auditing Policy

Part IV Let’s Configure!
Chapter 10 Profiling Basics and Visibility
Chapter 11 Bootstrapping Network Access Devices
Chapter 12 Network Authorization Policy Elements
Chapter 13 Authentication and Authorization Policies
Chapter 14 Guest Lifecycle Management
Chapter 15 Client Posture Assessment
Chapter 16 Supplicant Configuration
Chapter 17 BYOD: Self-Service Onboarding and Registration
Chapter 18 Setting Up and Maintaining a Distributed ISE Deployment
Chapter 19 Remote Access VPN and Cisco ISE
Chapter 20 Deployment Phases

Part V Advanced Secure Access Features
Chapter 21 Advanced Profiling Configuration
Chapter 22 Cisco TrustSec AKA Security Group Access
Chapter 23 Passive Identities, ISE-PIC, and EasyConnect
Chapter 24 ISE Ecosystems: The Platform eXchange Grid (pxGrid)

Part VI Monitoring, Maintenance, and Troubleshooting for Network Access AAA
Chapter 25 Understanding Monitoring, Reporting, and Alerting
Chapter 26 Troubleshooting
Chapter 27 Upgrading ISE

Part VII Device Administration
Chapter 28 Device Administration Fundamentals
Chapter 29 Configuring Device Admin AAA with Cisco IOS
Chapter 30 Configuring Device Admin AAA with Cisco WLC
Chapter 31 Configuring Device Admin AAA with Cisco Nexus Switches

Part VIII Appendixes
Appendix A Sample User Community Deployment Messaging Material
Appendix B Sample ISE Deployment Questionnaire
Appendix C Sample Switch Configurations
Appendix D The ISE CA and How Cert-Based Auth Works

  • Design

آدرس ایمیل شما منتشر نخواهد شد.