|
CCSP Self-Study: CISCO Secure Virtual Private Networks (CSVPN) (Ccsp Self-Study) (2nd Revised edition)
CCSP Self-Study: Cisco Secure Virtual Private Networks (CSVPN) helps professionals and students sort out VPN options and applications by clearly presenting the information covered in the CSVPN course coupled with real-world examples. It will initially serve readers as a valuable study aid and continue to be an invaluable lab-based theory and configuration
guide for years to come. This book covers the topic of establishing Virtual Private Networks (VPNs) using Internet Protocol Security (IPSec) protocols in conjunction with long-established encryption, authentication, and hashing protocols. It concentrates on the configuration of the VPN 3000 series of products, including concentrators, hardware clients, and software clients. How does this differ from the previous edition?This new book closely follows the topics that are required for the new CSVPN 642-511 exam, whereas the previous edition is related to the 2.0 CSVPN exam (9EO-570). New in the second edition is full, detailed coverage of the VPN 3000 Concentrator, a scalable remote access platform that offers encryption, high availability, and performance far superior to similar products.
Contents:
Foreword
Introduction
1
Network Security and Virtual Private Network Technologies
Network Security Overview
Network Security as a Continuous Process
Cisco AVVID
Cisco SAFE Blueprint
Overview of VPNs and IPSec Technologies
The Need for VPNs
IPSec
IPSec Protocol Framework
How IPSec Works
Summary
Review Questions
2
Cisco VPN 3000 Concentrator Series Hardware Overview
Cisco VPN 3000 Concentrator Series Models
VPN Clients
VPN Concentrator Configuration
VPN Concentrator Placement
Network Management Solutions
Summary
Review Questions
3
Routing on the VPN 3000
Routing Capabilities of the VPN Concentrator
Static Routing
Dynamic Routing
Summary
Review Questions
4
Configuring the Cisco VPN 3000 for Remote Access Using Preshared Keys
Overview of Remote Access Using Preshared Keys
Initial Configuration of the VPN 3000 for Remote Access
Browser Configuration of the Cisco VPN 3000 Concentrator Series
More In-Depth Group Configuration Information
Configuring the Windows VPN Software Client
Summary
Review Questions
5
Configuring the Cisco VPN 3000 for Remote Access Using Digital Certificates
CA Overview
Certificate Generation
Validating Certificates
Configuring the Cisco VPN 3000 Concentrator for CA Support
CRLs
Configuring the Concentrator for a Remote-Access VPN with a Digital Certificate
Cisco Software VPN Client Certificate Support
Summary
Review Questions
6
The Cisco VPN Client Firewall Feature
Firewall Feature Overview
Are You There Feature
Stateful Firewall Feature
Central Policy Protection Feature
Software Client Firewall Statistics
Creating a Customized Firewall Policy
Summary
Review Questions
7
Configuring the Cisco 3002 Hardware Client for Remote Access
Cisco VPN 3002 Hardware Client Overview
Hardware Client Modes of Operation
Configuring the Cisco VPN 3002 with Preshared Keys
Overview of the Auto-Update Feature
Monitoring the Cisco VPN 3002 Hardware Client Software Auto-Update Feature
Summary
Review Questions
8
Configuring the Cisco 3002 Hardware Client for User and Unit Authentication
User and Unit Authentication Overview
Configuring the Hardware Client Interactive Unit Authentication Feature
Configuring the Hardware Client User Authentication Feature
Monitoring the Hardware Client User Statistics
Summary
Review Questions
9
Configuring Cisco VPN Clients for Backup Server, Load Balancing, and Reverse Route Injection
Cisco VPN Client Backup Server Feature
Configuring the Cisco VPN Client Load-Balancing Feature
Overview of the Cisco VPN Client Reverse Route Injection Feature
Summary
Review Questions
10
Configuring the Cisco 3000 Concentrator for IPSec over TCP and UDP
The IPSec and NAT Problem
Configuring IPSec over UDP
Configuring NAT-T
Configuring IPSec over TCP
Monitoring Session Statistics
Summary
Review Questions
11
Configuring LAN-to-LAN VPNs on the Cisco 3000
Overview of LAN-to-LAN VPNs
Configuring the VPN 3000 for a LAN-to-LAN VPN with Preshared Keys
Administration of LAN-to-LAN VPN Tunnels
Dealing with Multiple Subnets
Configuring the VPN 3000 for a LAN-to-LAN VPN with Digital Certificates
Summary
Review Questions
12
Network Monitoring and Administration
Monitoring on the VPN 3000
Administration of the VPN 3000
Bandwidth Management
Summary
Review Questions
13
Troubleshooting
Troubleshooting VPNs
Troubleshooting Remote-Access VPNs
Troubleshooting Preshared Key LAN-to-LAN VPNs
Troubleshooting LAN-to-LAN CA-Based VPNs
Summary
Review Questions
14
Case Study
Overview of Acme Limited
VPN Concentrator Configuration
Summary
Appendix A: Answers to the Review Questions
Appendix B: Configuring movianVPN
Index.
Brief Description:
A self-study guide based on the CCSP CSVPN 642-511 exam from Cisco Systems, this book helps students sort out VPN options and applications by presenting the information covered in the CSVPN course coupled with examples. It covers the topic of establishing Virtual Private Networks (VPNs) using Internet Protocol Security (IPSec) protocols.
|
