This chapter covers some of today's most widely used technologies that enable network administrators to ensure that sensitive data is secured from unauthorized sources.
Cisco security products are also covered, as are all the fundamental foundation topics you need to understand to master the security CCIE Security written exam.
This chapter covers the following topics:
■ Advanced Security Concepts—Describes advanced security policies in demilitarized zones (DMZs).
■ Packet Filtering, Proxies, NAT, and PAT—Explains packet filtering, proxies, and how to hide addresses using Network Address Translation (NAT) and Port Address Translation (PAT).
■ Cisco PIX Firewall and Cisco IOS Firewall Feature Set—Covers the Cisco PIX Firewall and the Cisco IOS Firewall feature set available on Cisco routers. Includes information on IOS authentication proxies.
■ Public Key Infrastructure—Covers PKI, followed by a description of VPN networks and a typical design example.
■ Virtual Private Networks—Explains how a VPN enables IP traffic to travel securely over a public TCP/IP network by encrypting all traffic from one network to another.
■ Network-Based Intrusion Detection System—Covers network intrusion detection, signatures, and how IDS can be used to thwart intruders.
■ Cisco Security Agent and Host-Based IDS—Describes Cisco Security Agent (CSA), the front-line defense in the Cisco self-healing strategy of defending networks.
■ Cisco Threat Response—Introduces the Cisco technology that provides an automated response when networks have been compromised. Covers some of the advanced features available on Cisco power networks.
Was this article helpful?