CCNP ISCW Portable Command Guide (Portable Command Guide Series)

Overview

CCNP ISCW Portable Command Guide

All the ISCW 642-825 commands in one compact, portable resource

Scott Empson

Hans Roth

Preparing for the CCNP certification? Working as a network professional? Here are all the CCNP-level commands for the ISCW exam you need in one condensed, portable resource. The CCNP ISCW Portable Command Guide is filled ...

See more details below
Available through our Marketplace sellers.
Other sellers (Paperback)
  • All (10) from $1.99   
  • New (1) from $145.00   
  • Used (9) from $1.99   
Close
Sort by
Page 1 of 1
Showing All
Note: Marketplace items are not eligible for any BN.com coupons and promotions
$145.00
Seller since 2014

Feedback rating:

(162)

Condition:

New — never opened or used in original packaging.

Like New — packaging may have been opened. A "Like New" item is suitable to give as a gift.

Very Good — may have minor signs of wear on packaging but item works perfectly and has no damage.

Good — item is in good condition but packaging may have signs of shelf wear/aging or torn packaging. All specific defects should be noted in the Comments section associated with each item.

Acceptable — item is in working order but may show signs of wear such as scratches or torn packaging. All specific defects should be noted in the Comments section associated with each item.

Used — An item that has been opened and may show signs of wear. All specific defects should be noted in the Comments section associated with each item.

Refurbished — A used item that has been renewed or updated and verified to be in proper working condition. Not necessarily completed by the original manufacturer.

New
Brand new.

Ships from: acton, MA

Usually ships in 1-2 business days

  • Standard, 48 States
  • Standard (AK, HI)
Page 1 of 1
Showing All
Close
Sort by
Sending request ...

Overview

CCNP ISCW Portable Command Guide

All the ISCW 642-825 commands in one compact, portable resource

Scott Empson

Hans Roth

Preparing for the CCNP certification? Working as a network professional? Here are all the CCNP-level commands for the ISCW exam you need in one condensed, portable resource. The CCNP ISCW Portable Command Guide is filled with valuable, easy-to-access information and is portable enough for use whether you’re in the server room or the equipment closet.

This book can help you memorize commands and concepts as you work to pass the CCNP ISCW exam (642-825). The guide summarizes all CCNP certification-level Cisco IOS Software commands, keywords, command arguments, and associated prompts, providing you with tips and examples of how to apply the commands to real-world scenarios. Sample configurations throughout the book provide you with a better understanding of how these commands are used in simple network designs.

The topics in this portable command guide cover how to do the following:

  • Implement basic teleworker services
  • Implement Frame-Mode MPLS
  • Implement a site-to-site IPsec VPN
  • Describe network security strategies
  • Implement Cisco Device Hardening
  • Implement Cisco IOS Firewall
  • Describe and configure Cisco IOS IPS

Scott Empson is currently the assistant program chair of the bachelor of applied information systems technology degree program at the Northern Alberta Institute of Technology in Edmonton, Alberta, Canada, teaching Cisco routing, switching, and network design courses in certificate, diploma, and applied degree programs at the post-secondary level.

Hans Roth is an instructor in the electrical/electronic engineering technology department at Red River College in Winnipeg, Canada.

  • Access all CCNP ISCW commands–use as a quick, offline resource for research and solutions
  • Logical “how-to” topic groupings provide one-stop research
  • Great for review before taking the CCNP ISCW certification exam
  • Compact size makes it easy to carry with you, wherever you go
  • “Create your own journal” section with blank, lined pages allows you to personalize the book for your needs

This book is part of the Cisco Press Certification Self-Study Product Family, which offers readers a self-paced study routine for Cisco certification exams. Titles in the Cisco Press Certification Self-Study Product Family are part of a recommended learning program from Cisco that includes simulation and hands-on training from authorized

Cisco Learning Partners and self-study products from Cisco Press.

Category: Cisco Press–Cisco Certification

Covers: CCNP ISCW Certification 642-825

Read More Show Less

Product Details

  • ISBN-13: 9781587201868
  • Publisher: Cisco Press
  • Publication date: 3/28/2008
  • Series: Portable Command Guide Series
  • Pages: 174
  • Product dimensions: 5.90 (w) x 8.90 (h) x 0.60 (d)

Meet the Author

Scott Empson is the associate chair of the bachelor of applied information systems technology degree program at the Northern Alberta Institute of Technology in Edmonton,

Alberta, Canada, where he teaches Cisco routing, switching, and network design courses in a variety of different programs–certificate, diploma, and applied degree–at the postsecondary

level. Scott is also the program coordinator of the Cisco Networking Academy at NAIT, a Regional Academy covering central and northern Alberta. He has earned three undergraduate degrees: a bachelor of arts, with a major in English; a bachelor of education, again with a major in English/language arts; and a bachelor of applied information systems technology, with a major in network management. He currently holds several industry certifications, including CCNP, CCAI, and Network+. Prior to instructing at NAIT, he was a junior/senior high school English/language arts/computer science teacher at different schools throughout northern Alberta. Scott lives in Edmonton, Alberta, with his wife Trina and two children Zachariah and Shaelyn, where he enjoys reading and training in the martial art of tae kwon do.

Hans Roth is an instructor in the Electrical/Electronic Engineering Technology department at Red River College in Winnipeg, Manitoba, Canada. Hans has been with the college for

11 years and teaches in both the electronic technology and IT areas. He has been with the Cisco Networking Academy since 2000, teaching CCNP curricula. Previous to teaching

Hans spent 15 years in R&D/product development designing microcontroller-based control systems for consumer products as well as for the automotive and agricultural industries.

Read More Show Less

Read an Excerpt

IntroductionIntroduction

Welcome to ISCW! In 2006, Cisco Press contacted Scott and told him, albeit very quietly, that there was going to be a major revision of the CCNP certification exams. They then asked whether he would be interested in working on a command guide in the same fashion as his previous books for Cisco Press: the Cisco Networking Academy Program CCNA Command Quick Reference and the CCNA Portable Command Guide. The original idea was to create a single-volume command summary for all four of the new CCNP exams. However, early on in his research, Scott quickly discovered that there was far too much information in the four exams to create a single volume—that would have resulted in a book that was neither portable nor quick as a reference. So, Scott jokingly suggested that Cisco Press let him author four books, one for each exam. Well, you have to be careful what you wish for, because Cisco Press readily agreed. Realizing that this was going to be too much for one part-time author to handle, Scott quickly got his colleague Hans Roth on board as a coauthor.

This book is the third in a four-volume set that attempts to summarize the commands and concepts that you need to understand to pass one of the CCNP certification exams—in this case, the Implementing Secure Converged WANs exam. It follows the format of Scott's previous books, which are in fact a cleaned-up version of his own personal engineering journal—a small notebook that you can carry around that contains little nuggets of information such as commands that you tend to forget, the IP addressing scheme of some remote part of the network, and little reminders about how to do something you need to do only once or twice a year that is vital to the integrity and maintenance of your network.

With the creation of two brand-new CCNP exams, the amount of new information out there is growing on an almost daily basis. There is always a new white paper to read, a new Webinar to view, another slideshow from a Networkers session that was never attended. The engineering journal can be that central repository of information that won't weigh you down as you carry it from the office or cubicle to the server and infrastructure room in some branch office.

To make this guide a more realistic one for you to use, the folks at Cisco Press have decided to continue with an appendix of blank pages—pages on which you can write your own personal notes, such as your own configurations, commands that are not in this book but are needed in your world, and so on. That way this book will look less like the authors' journals and more like your own.

Networking Devices Used in the Preparation of This Book

To verify the commands in this book, many different devices were used. The following is a list of the equipment used in the writing of this book:

  • C2620 router running Cisco IOS Release 12.3(7)T, with a fixed Fast Ethernet interface, a WIC-2A/S serial interface card, and an NM-1E Ethernet interface
  • C2811 ISR bundle with PVDM2, CMME, a WIC-2T, FXS and FXO VICs, running Cisco IOS Release 12.4(3g)
  • C2821 ISR bundle with HWICD 9ESW, a WIC-2A/S, running 12.4(16) Advanced Security IOS
  • WS-C3560-24-EMI Catalyst switch, running Cisco IOS Release 12.2(25)SE
  • WS-C3550-24-EMI Catalyst switch, running Cisco IOS Release 12.1(9)EA1c
  • WS-C2960-24TT-L Catalyst switch, running Cisco IOS Release 12.2(25)SE
  • WS-C2950-12 Catalyst switch, running version C2950-C3.0(5.3)WC(1) Enterprise Edition software
  • C1760 1FE VE 4SLOT DV Mainboard Port adapter with PVDM2, CMME, WIC-2A/S, WIC-4ESW, MOD1700-VPN with 32F/128D running c1700-bk9no3r2sy7-mz.124-15.T1
  • C1751 1FE VE DV Mainboard with WIC-4ESW, MOD1700-VPN with 16F/64D running c1700-advsecurityk9-mz.124-5a
  • Cisco 3640 with 32F/128DRAM memory, 3 Ethernet interfaces, 2-WIC-1T running c3640-jk9o3s-mz.124-12a

These devices were not running the latest and greatest versions of Cisco IOS Software. Some of the equipment is quite old.

Those of you familiar with Cisco devices will recognize that a majority of these commands work across the entire range of the Cisco product line. These commands are not limited to the platforms and IOS versions listed. In fact, in most cases, these devices are adequate for someone to continue their studies beyond the CCNP level.

Who Should Read This Book

This book is for those people preparing for the CCNP ISCW exam, whether through self-study, on-the-job training and practice, study within the Cisco Networking Academy, or study through the use of a Cisco Training Partner. There are also some handy hints and tips along the way to make life a bit easier for you in this endeavor. This book is small enough that you will find it easy to carry around with you. Big, heavy textbooks might look impressive on your bookshelf in your office, but can you really carry them all around with you when you are working in some server room or equipment closet somewhere?

Organization of This Book

This book follows the list of objectives for the CCNP ISCW exam:

  • Chapter 1, "Network Design Requirements"—Offers an overview of the two different design models from Cisco: the Service-Oriented Network Architecture and the Enterprise Composite Network Model
  • Chapter 2, "Connecting Teleworkers"—Describes how to provision a cable modem, and how to configure a Cisco router as a PPPoE client
  • Chapter 3, "Implementing Frame Mode MPLS"—Describes how to configure MPLS on a router, including configuring CEF, configuring MPLS on a frame mode interface, and configuring MTU size in label switching
  • Chapter 4, "IPsec VLANs"—Describes how to configure, verify, and troubleshoot IPsec VLANs, including topics such as configuring IPsec, configuring GRE tunnels, creating High Availability using HSRP and stateful failover, Cisco Easy VPN Server and client, and configuring Easy VPN Server using Cisco SDM
  • Chapter 5, "Cisco Device Hardening"—Includes topics such as locking down routers with AutoSecure; setting login failure rates, timeouts, and multiple privilege levels; Role-Based CLI; securing your configuration files; and configuring SSH servers, syslog logging, NTP clients and servers, and AAA
  • Chapter 6, "Cisco IOS Threat Defense Features"—Includes topics such as configuring a basic firewall from the CLI and SDM, configuring a DMZ, and configuring inspection rules as part of an Advanced Firewall
Did We Miss Anything?

As educators, we are always interested to hear how our students, and now readers of our books, do on both vendor exams and future studies. If you would like to contact either of us and let us know how this book helped you in your certification goals, please do so. Did we miss anything? Let us know. Contact us at ccnpguide@empson.ca.

© Copyright Pearson Education. All rights reserved.

Read More Show Less

Table of Contents

Chapter 1 Network Design Requirements 1

Cisco Service-Oriented Network Architecture 1

Cisco Enterprise Composite Network Model 2

Chapter 2 Connecting Teleworkers 3

Configuration Example: DSL Using PPPoE 3

Step 1: Configure PPPoE (External Modem) 5

Virtual Private Dial-Up Network (VPDN) Programming 5

Step 2: Configure the Dialer Interface 6

For Password Authentication Protocol (PAP) 7

For Challenge Handshake Authentication Protocol (CHAP) 7

Step 3: Define Interesting Traffic and Specify Default

Routing 7

Step 4a: Configure NAT Using an ACL 8

Step 4b: Configure NAT Using a Route Map 9

Step 5: Configure DHCP Service 10

Step 6: Apply NAT Programming 10

Step 7: Verify a PPPoE Connection 11

Configuring PPPoA 11

Step 1: Configure PPPoA on the WAN Interface (Using

Subinterfaces) 12

Step 2: Configure the Dialer Interface 13

For Password Authentication Protocol (PAP) 13

For Challenge Handshake Authentication Protocol (CHAP) 13

Step 3: Verify a PPPoA Connection 14

Configuring a Cable Modem Connection 15

Step 1: Configure WAN Connectivity 16

Step 2: Configure Local DHCP Service 17

Step 3: Configure NAT Using a Route Map 18

Step 4: Configure Default Routing 18

Step 5: Apply NAT Programming 19

Configuring L2 Bridging Using a Cisco Cable Modem HWIC 19

Step 1: Configure Global Bridging Parameters 19

Step 2: Configure WAN to LAN Bridging 20

Configuring L3 Routing Using a Cisco Cable Modem HWIC 20

Step 1: Remove Bridge Group Programming from All Interfaces 21

Step 2: Configure LAN Connectivity 21

Step 3: Configure WAN Connectivity 21

Chapter 3 Implementing Frame Mode MPLS 23

Configuring Cisco Express Forwarding 23

Verifying CEF 24

Troubleshooting CEF 24

Configuring MPLS on a Frame Mode Interface 25

Configuring MTU Size in Label Switching 26

Configuration Example: Configuring Frame Mode MPLS 27

R1 Router 27

R2 Router 28

R3 Router 30

Chapter 4 IPsec VPNs 33

Configuring a Teleworker to Branch Office VPN Using CLI 34

Step 1: Configure the ISAKMP Policy (IKE Phase 1) 35

Step 2: Configure Policies for the Client Group(s) 35

Step 3: Configure the IPsec Transform Sets (IKE Phase 2, Tunnel Termination) 36

Step 4: Configure Router AAA and Add VPN Client

Users 36

Step 5: Create VPN Client Policy for Security Association Negotiation 37

Step 6: Configure the Crypto Map (IKE Phase 2) 37

Step 7: Apply the Crypto Map to the Interface 38

Step 8: Verify the VPN Service 38

Configuring IPsec Site-to-Site VPNs Using CLI 39

Step 1: Configure the ISAKMP Policy (IKE Phase 1) 39

Step 2: Configure the IPsec Transform Sets (IKE Phase 2,

Tunnel Termination) 40

Step 3: Configure the Crypto ACL (Interesting Traffic, Secure

Data Transfer) 40

Step 4: Configure the Crypto Map (IKE Phase 2) 41

Step 5: Apply the Crypto Map to the Interface (IKE Phase 2) 42

Step 6: Configure the Firewall Interface ACL 42

Step 7: Verify the VPN Service 42

Configuring IPsec Site-to-Site VPNs Using SDM 43

Configuring GRE Tunnels over IPsec 46

Step 1: Create the GRE Tunnel 46

Step 2: Specify the IPsec VPN Authentication Method 47

Step 3: Specify the IPsec VPN IKE Proposals 47

Step 4: Specify the IPsec VPN Transform Sets 48

Step 5a: Specify Static Routing for the GRE over IPsec Tunnel 49

Step 5b: Specify Routing with OSPF for the GRE over IPsec

Tunnel 49

Step 6: Enable the Crypto Programming at the Interfaces 50

Configuring a Static IPsec Virtual Tunnel Interface 50

Step 1: Configure EIGRP AS 1 51

Step 2: Configure Static Routing 51

Step 3: Create IKE Policies and Peers 52

Step 4: Create IPsec Transform Sets 54

Step 5: Create an IPsec Profile 54

Step 6: Create the IPsec Virtual Tunnel Interface 55

Configuring High Availability VPNs 56

Step 1: Configure Hot Standby Routing Protocol Configuration on HSRP1 58

Step 2: Configure Site-to-Site VPN on HSRP1 59

HSRP1 Configuration 59

Tunnel Traffic Filter 59

Key Exchange Policy 60

Addressing, Authentication Credentials, and Transform Set 60

IPsec Tunnel 60

HSRP2 Configuration 61

Tunnel Traffic Filter 61

Key Exchange Policy 61

Addressing, Authentication Credentials, and Transform Set 61

IPsec Tunnel 61

Step 3: Add Programming for Crypto Redundancy Configuration 62

Step 4: Define the Interdevice Communication Protocol (HSRP1 and HSRP) 63

Step 5: Apply the Programming at the Interface 65

Configuring Easy VPN Server Using Cisco SDM 65

Implementing the Cisco VPN Client 69

Chapter 5 Cisco Device Hardening 71

Disabling Unneeded Services and Interfaces 72

Disabling Commonly Configured Management Services 74

Disabling Path Integrity Mechanisms 74

Disabling Features Related to Probes and Scans 75

Terminal Access Security 75

Gratuitous and Proxy Address Resolution Protocol 76

Disabling IP Directed Broadcasts 76

Locking Down Routers with AutoSecure 76

Optional AutoSecure Parameters 82

Locking Down Routers with Cisco SDM 83

SDM Security Audit Wizard 83

One-Step Lockdown 88

Setting Cisco Passwords and Password Security 90

Securing ROMMON 94

Setting a Login Failure Rate 95

Setting Timeouts 97

Setting Multiple Privilege Levels 97

Configuring Banner Messages 98

Role-Based CLI 100

Secure Configuration Files 102

Tips for Using Access Control Lists 103

Using ACLs to Filter Network Traffic to Mitigate Threats 104

IP Address Spoofing: Inbound 104

IP Address Spoofing: Outbound 106

DoS TCP SYN Attacks: Blocking External Attacks 107

DoS TCP SYN Attacks: Using TCP Intercept 108

DoS Smurf Attacks 109

Filtering ICMP Messages: Inbound 110

Filtering ICMP Messages: Outbound 111

Filtering UDP Traceroute Messages 112

Mitigating Dedicated DoS Attacks with ACLs 113

Mitigating TRIN00 114

Mitigating Stacheldraht 115

Mitigating Trinity v3 117

Mitigating SubSeven 118

Configuring an SSH Server for Secure Management and

Reporting 121

Configuring Syslog Logging 122

Configuring an SNMP Managed Node 123

Configuring NTP Clients and Servers 125

Configuration Example: NTP 127

Winnipeg Router (NTP Source) 127

Brandon Router (Intermediate Router) 128

Dauphin Router (Client Router) 128

Configuring AAA on Cisco Routers Using CLI 129

TACACS+ 129

RADIUS 130

Authentication 130

Authorization 131

Accounting 131

Configuring AAA on Cisco Routers Using SDM 132

Chapter 6 Cisco IOS Threat Defense Features 139

Configuring an IOS Firewall from the CLI 139

Step 1: Choose the Interface and Packet Direction to Inspect 140

Step 2: Configure an IP ACL for the Interface 140

Step 3: Set Audit Trails and Alerts 141

Step 4: Define the Inspection Rules 142

Step 5: Apply the Inspection Rules and the ACL to the Outside Interface 143

Step 6: Verify the Configuration 144

Troubleshooting the Configuration 145

Configuring a Basic Firewall Using SDM 145

Configuring an Advanced Firewall Using SDM 149

Verifying Firewall Activity Using CLI 158

Verifying Firewall Activity Using SDM 158

Configuring Cisco IOS Intrusion Prevention System from the CLI 160

Step 1: Specify the Location of the SDF 161

Step 2: Configure the Failure Parameter 161

Step 3: Create an IPS Rule, and Optionally Apply an ACL 162

Step 4: Apply the IPS Rule to an Interface 162

Step 5: Verify the IPS Configuration 163

IPS Enhancements 163

Configuring Cisco IOS IPS from the SDM 165

Viewing Security Device Event Exchange Messages Through SDM 170

Tuning Signatures Through SDM 171

Appendix Create Your Own Journal Here 175

Read More Show Less

Preface

IntroductionIntroduction

Welcome to ISCW! In 2006, Cisco Press contacted Scott and told him, albeit very quietly, that there was going to be a major revision of the CCNP certification exams. They then asked whether he would be interested in working on a command guide in the same fashion as his previous books for Cisco Press: the Cisco Networking Academy Program CCNA Command Quick Reference and the CCNA Portable Command Guide. The original idea was to create a single-volume command summary for all four of the new CCNP exams. However, early on in his research, Scott quickly discovered that there was far too much information in the four exams to create a single volume—that would have resulted in a book that was neither portable nor quick as a reference. So, Scott jokingly suggested that Cisco Press let him author four books, one for each exam. Well, you have to be careful what you wish for, because Cisco Press readily agreed. Realizing that this was going to be too much for one part-time author to handle, Scott quickly got his colleague Hans Roth on board as a coauthor.

This book is the third in a four-volume set that attempts to summarize the commands and concepts that you need to understand to pass one of the CCNP certification exams—in this case, the Implementing Secure Converged WANs exam. It follows the format of Scott's previous books, which are in fact a cleaned-up version of his own personal engineering journal—a small notebook that you can carry around that contains little nuggets of information such as commands that you tend to forget, the IP addressing scheme of some remote part of the network, and little reminders abouthow to do something you need to do only once or twice a year that is vital to the integrity and maintenance of your network.

With the creation of two brand-new CCNP exams, the amount of new information out there is growing on an almost daily basis. There is always a new white paper to read, a new Webinar to view, another slideshow from a Networkers session that was never attended. The engineering journal can be that central repository of information that won't weigh you down as you carry it from the office or cubicle to the server and infrastructure room in some branch office.

To make this guide a more realistic one for you to use, the folks at Cisco Press have decided to continue with an appendix of blank pages—pages on which you can write your own personal notes, such as your own configurations, commands that are not in this book but are needed in your world, and so on. That way this book will look less like the authors' journals and more like your own.

Networking Devices Used in the Preparation of This Book

To verify the commands in this book, many different devices were used. The following is a list of the equipment used in the writing of this book:


  • C2620 router running Cisco IOS Release 12.3(7)T, with a fixed Fast Ethernet interface, a WIC-2A/S serial interface card, and an NM-1E Ethernet interface

  • C2811 ISR bundle with PVDM2, CMME, a WIC-2T, FXS and FXO VICs, running Cisco IOS Release 12.4(3g)

  • C2821 ISR bundle with HWICD 9ESW, a WIC-2A/S, running 12.4(16) Advanced Security IOS

  • WS-C3560-24-EMI Catalyst switch, running Cisco IOS Release 12.2(25)SE

  • WS-C3550-24-EMI Catalyst switch, running Cisco IOS Release 12.1(9)EA1c

  • WS-C2960-24TT-L Catalyst switch, running Cisco IOS Release 12.2(25)SE

  • WS-C2950-12 Catalyst switch, running version C2950-C3.0(5.3)WC(1) Enterprise Edition software

  • C1760 1FE VE 4SLOT DV Mainboard Port adapter with PVDM2, CMME, WIC-2A/S, WIC-4ESW, MOD1700-VPN with 32F/128D running c1700-bk9no3r2sy7-mz.124-15.T1

  • C1751 1FE VE DV Mainboard with WIC-4ESW, MOD1700-VPN with 16F/64D running c1700-advsecurityk9-mz.124-5a

  • Cisco 3640 with 32F/128DRAM memory, 3 Ethernet interfaces, 2-WIC-1T running c3640-jk9o3s-mz.124-12a

These devices were not running the latest and greatest versions of Cisco IOS Software. Some of the equipment is quite old.

Those of you familiar with Cisco devices will recognize that a majority of these commands work across the entire range of the Cisco product line. These commands are not limited to the platforms and IOS versions listed. In fact, in most cases, these devices are adequate for someone to continue their studies beyond the CCNP level.

Who Should Read This Book

This book is for those people preparing for the CCNP ISCW exam, whether through self-study, on-the-job training and practice, study within the Cisco Networking Academy, or study through the use of a Cisco Training Partner. There are also some handy hints and tips along the way to make life a bit easier for you in this endeavor. This book is small enough that you will find it easy to carry around with you. Big, heavy textbooks might look impressive on your bookshelf in your office, but can you really carry them all around with you when you are working in some server room or equipment closet somewhere?

Organization of This Book

This book follows the list of objectives for the CCNP ISCW exam:

  • Chapter 1, "Network Design Requirements"—Offers an overview of the two different design models from Cisco: the Service-Oriented Network Architecture and the Enterprise Composite Network Model

  • Chapter 2, "Connecting Teleworkers"—Describes how to provision a cable modem, and how to configure a Cisco router as a PPPoE client

  • Chapter 3, "Implementing Frame Mode MPLS"—Describes how to configure MPLS on a router, including configuring CEF, configuring MPLS on a frame mode interface, and configuring MTU size in label switching

  • Chapter 4, "IPsec VLANs"—Describes how to configure, verify, and troubleshoot IPsec VLANs, including topics such as configuring IPsec, configuring GRE tunnels, creating High Availability using HSRP and stateful failover, Cisco Easy VPN Server and client, and configuring Easy VPN Server using Cisco SDM

  • Chapter 5, "Cisco Device Hardening"—Includes topics such as locking down routers with AutoSecure; setting login failure rates, timeouts, and multiple privilege levels; Role-Based CLI; securing your configuration files; and configuring SSH servers, syslog logging, NTP clients and servers, and AAA

  • Chapter 6, "Cisco IOS Threat Defense Features"—Includes topics such as configuring a basic firewall from the CLI and SDM, configuring a DMZ, and configuring inspection rules as part of an Advanced Firewall

Did We Miss Anything?

As educators, we are always interested to hear how our students, and now readers of our books, do on both vendor exams and future studies. If you would like to contact either of us and let us know how this book helped you in your certification goals, please do so. Did we miss anything? Let us know. Contact us at ccnpguide@empson.ca.


© Copyright Pearson Education. All rights reserved.

Read More Show Less

Customer Reviews

Be the first to write a review
( 0 )
Rating Distribution

5 Star

(0)

4 Star

(0)

3 Star

(0)

2 Star

(0)

1 Star

(0)

Your Rating:

Your Name: Create a Pen Name or

Barnes & Noble.com Review Rules

Our reader reviews allow you to share your comments on titles you liked, or didn't, with others. By submitting an online review, you are representing to Barnes & Noble.com that all information contained in your review is original and accurate in all respects, and that the submission of such content by you and the posting of such content by Barnes & Noble.com does not and will not violate the rights of any third party. Please follow the rules below to help ensure that your review can be posted.

Reviews by Our Customers Under the Age of 13

We highly value and respect everyone's opinion concerning the titles we offer. However, we cannot allow persons under the age of 13 to have accounts at BN.com or to post customer reviews. Please see our Terms of Use for more details.

What to exclude from your review:

Please do not write about reviews, commentary, or information posted on the product page. If you see any errors in the information on the product page, please send us an email.

Reviews should not contain any of the following:

  • - HTML tags, profanity, obscenities, vulgarities, or comments that defame anyone
  • - Time-sensitive information such as tour dates, signings, lectures, etc.
  • - Single-word reviews. Other people will read your review to discover why you liked or didn't like the title. Be descriptive.
  • - Comments focusing on the author or that may ruin the ending for others
  • - Phone numbers, addresses, URLs
  • - Pricing and availability information or alternative ordering information
  • - Advertisements or commercial solicitation

Reminder:

  • - By submitting a review, you grant to Barnes & Noble.com and its sublicensees the royalty-free, perpetual, irrevocable right and license to use the review in accordance with the Barnes & Noble.com Terms of Use.
  • - Barnes & Noble.com reserves the right not to post any review -- particularly those that do not follow the terms and conditions of these Rules. Barnes & Noble.com also reserves the right to remove any review at any time without notice.
  • - See Terms of Use for other conditions and disclaimers.
Search for Products You'd Like to Recommend

Recommend other products that relate to your review. Just search for them below and share!

Create a Pen Name

Your Pen Name is your unique identity on BN.com. It will appear on the reviews you write and other website activities. Your Pen Name cannot be edited, changed or deleted once submitted.

 
Your Pen Name can be any combination of alphanumeric characters (plus - and _), and must be at least two characters long.

Continue Anonymously
Sort by: Showing 1 Customer Reviews
  • Anonymous

    Posted April 20, 2008

    VERY VERY HIGHLY RECOMMENDED!!

    Are you preparing for the CCNP ISCW exam? If you are, then this book is for you. Authors Scott Empson and Hans Roth, have done an outstanding job of summarizing the commands and concepts that you need to understand to pass the Implementing Secure Converged WANs exam. Empson and Roth, begin by giving you an overview of the two different design models from Cisco: The Service-Oriented Network Architecture and the Enterprise Composite Network Model. Then, the authors describe how to provision a cable modem, and how to configure a Cisco router as a PPPoE client. They also describe how to configure MPLS on a router, including configuring MPLS on a frame mode interface, and configuring MTU size in label switching. The authors continue by describing how to configure, verify and troubleshoot IPsec VLANs. Next, they discuss topics such as locking down routers with AutoSecure. Finally, the authors discuss how to configure a basic firewall from the CLI and SDM and how to configure inspection rules as part of an Advanced Firewall. To verify the commands used in this most excellent book, many different devices were used. Perhaps more importantly, these devices are adequate for someone to continue their studies beyond the CCNP level.

    Was this review helpful? Yes  No   Report this review
Sort by: Showing 1 Customer Reviews

If you find inappropriate content, please report it to Barnes & Noble
Why is this product inappropriate?
Comments (optional)