×

Uh-oh, it looks like your Internet Explorer is out of date.

For a better shopping experience, please upgrade now.

Cisco Secure Intrusion Detection System / Edition 1
     

Cisco Secure Intrusion Detection System / Edition 1

5.0 1
by Earl Carter, Rick Stiffler
 

ISBN-10: 158705034X

ISBN-13: 9781587050343

Pub. Date: 07/28/2002

Publisher: Pearson Education

Implement network surveillance system for 24-hour security with the official CSIDS Coursebook.

Cisco Secure Intrusion Detection Systems provides a clear explanation of why network security is crucial in today's converged networking environment, how the Cisco Secure Intrusion Detection System (CSIDS) improves the security on a network, and how to

Overview

Implement network surveillance system for 24-hour security with the official CSIDS Coursebook.

Cisco Secure Intrusion Detection Systems provides a clear explanation of why network security is crucial in today's converged networking environment, how the Cisco Secure Intrusion Detection System (CSIDS) improves the security on a network, and how to install and configure CSIDS. The Cisco Secure Intrusion Detection System is a real-time, network-based IDS designed to detect, report, and terminate unauthorized activity throughout a network. The industry's first and now the market-leading IDS, CSIDS is the dynamic security component of Cisco's end-to-end security product line.

  • The only book that concentrates solely on implementation of Cisco Secure Intrusion Detection Systems.
  • Full of configuration techniques and security management details.
  • Based on officially developed course materials from Cisco Systems.
  • Recommended training materials for the Cisco security specialization certification

Product Details

ISBN-13:
9781587050343
Publisher:
Pearson Education
Publication date:
07/28/2002
Series:
Cisco Qualified Specialist Training Series
Edition description:
Older Edition
Pages:
912
Product dimensions:
7.58(w) x 9.20(h) x 2.26(d)

Related Subjects

Table of Contents

Forewordxxvi
Introductionxxvii
Audiencexxvii
Organizationxxvii
Cisco Security Specialist 1xxx
Part IIntroduction to Network Security3
Chapter 1Need for Network Security5
Security Threats6
Security Concepts10
The Phases of an Attack11
Attack Methodologies15
Network Attack Points16
Hacking Tools and Techniques19
Summary29
Review Questions30
Chapter 2Cisco Security Wheel33
Securing the Network34
Monitoring Network Security42
Testing Network Security43
Improving Network Security44
Summary46
Review Questions48
Part IIIntrusion Detection and the CSIDS Environment51
Chapter 3Intrusion Detection Systems53
IDS Triggers54
IDS Monitoring Locations61
Hybrid Characteristics66
Summary67
Review Questions68
Chapter 4Cisco Secure IDS Overview71
System Function and Features72
Sensor Platforms and Modules77
Director Platforms80
Cisco Secure IDS and the PostOffice Protocol84
Summary90
Review Questions91
Part IIICSIDS Installation95
Chapter 5Cisco Secure IDS Sensor Deployment97
Preparing for Deployment: Analyzing Your Network Topology97
Executing the Deployment: Sensor Installation Considerations103
Summary112
Review Questions112
Chapter 6Cisco Secure Policy Manager Installation117
CSPM Overview117
CSPM Installation Requirements121
CSPM Installation Settings and Options124
Starting CSMP136
Summary139
Review Questions140
Chapter 74200 Series Sensor Installation Within CSPM145
Understanding the Sensor Appliance145
Configuring the Sensor Bootstrap151
Adding a Sensor to a CSPM Director158
Summary170
Review Questions171
Part IVAlarm Management and Intrusion Detection Signatures175
Chapter 8Working with Cisco Secure IDS Alarms in CSPM177
Managing Alarms178
Customizing the Event Viewer201
Preference Settings208
Connection Status Pane214
Summary221
Review Questions225
Chapter 9Understanding Cisco Secure IDS Signatures231
Signature Definition231
Signature Classes234
Signature Types235
Signature Severity237
Summary239
Review Questions241
Chapter 10Signature Series245
IP Signatures (1000 Series)245
ICMP Signatures (2000 Series)257
TCP Signatures (3000 Series)268
UDP Signatures (4000 Series)316
Web/HTTP Signatures (5000 Series)321
Cross-Protocol Signatures (6000 Series)349
String-Matching Signatures (8000 Series)374
Policy-Violation Signatures (10000 Series)378
Summary378
Review Questions379
Part VCSIDS Configuration383
Chapter 11Sensor Configuration Within CSPM385
CSPM Sensor Configuration Screens386
Basic Configuration Changes410
Log File Configuration414
Advanced Configuration Changes416
Pushing a New Configuration to Your Sensor420
Summary421
Review Questions422
Chapter 12Signature and Intrusion Detection Configuration427
Basic Signature Configuration428
Signature Templates439
Signature Filtering444
Advanced Signature Configuration451
Creating ACL Signatures455
Summary457
Review Questions458
Chapter 13IP Blocking Configurations463
Understanding ACLs464
ACL Placement Considerations471
Configuring the Sensor for IP Blocking474
Summary485
Review Questions486
Chapter 14Catalyst 6000 IDS Module Configuration489
Understanding the Catalyst 6000 IDS Module489
IDSM Ports and Traffic Flow493
Capturing Traffic495
Configuration Tasks498
Updating IDSM Components514
Troubleshooting519
Summary523
Review Questions524
Part VICisco Secure Intrusion Detection Director (CSIDD)529
Chapter 15Cisco Secure ID Director Installation531
Director Software Installation531
Starting the Director536
Sensor Configuration540
Summary549
Review Questions550
Chapter 16The Configuration File Management Utility (nrConfigure)555
Working with nrConfigure556
Host Types for Add Host Wizard560
Connecting to a Previously Configured Sensor561
Verifying That the Sensor Is Added to nrConfigure565
Verifying That the Sensor Is Added to the Cisco Secure IDS Submap566
Deleting a Sensor566
Removing the Sensor Icon567
Working with the Configuration Library568
Summary572
Review Questions573
Chapter 17Cisco IOS Firewall Intrusion Detection System577
Cisco IOS Firewall IDS and Intrusion Detection578
Supported Router Platforms580
Deployment Issues580
Signatures581
Configuration Tasks582
Summary605
Review Questions606
Part VIICisco Secure IDS Upcoming Releases611
Chapter 18Planned Cisco Secure IDS Enhancements613
Version 3.0614
Version 4.0620
Sensor Enhancements625
Cisco Secure IDS-User-Defined Signatures628
Summary634
Part VIIIAppendixes637
Appendix ADeploying Intrusion Detection: Case Studies639
Using Cisco IOS Firewall IDS639
Sending SYSLOG Data to a Cisco Secure IDS Sensor650
Managing a Router with a Cisco Secure IDS Sensor657
Cisco Secure IDS Tiered Director Hierarchy669
Setting Up Multiple IDSM Blades in the Same Chassis678
Appendix BCisco Secure IDS Architecture687
Cisco Secure IDS Software Architecture687
Cisco Secure IDS Communications693
Cisco Secure IDS Commands693
Cisco Secure IDS Directory Structure696
Cisco Secure IDS Configuration Files699
Communications712
Appendix CCisco Secure ID Director Basic Troubleshooting721
Director Problems721
Sensor Problems727
Oracle Problems728
Data Management Package Problems731
nrConfigure Problems733
Online Help and NSDB734
Appendix DCisco Secure IDS Log Files737
Levels of Logging737
Log File Naming Conventions738
Log File Locations740
Closing Active Files740
Archived Log Files740
Event Record Fields740
Appendix EAdvanced Tips749
Correcting a Sensor That Does Not Sniff749
Using the Sensor COM Port for Console Access757
Excluding False-Positive Alarms759
Appendix FCisco Secure IDS Signature Structures and Implementations765
Appendix GCisco Secure IDS Signatures and Recommended Alarm Levels779
General Signatures780
Connection Signatures790
String Signatures793
ACL Signatures794
Appendix HCisco IOS Firewall IDS Signature List797
Information Signatures798
Attack Signatures799
Appendix ICisco Secure Communications Deployment Worksheet803
Appendix JGlossary807
Appendix KAnswers to Review Questions815
Chapter 1 Answers815
Chapter 2 Answers816
Chapter 3 Answers817
Chapter 4 Answers818
Chapter 5 Answers819
Chapter 6 Answers820
Chapter 7 Answers821
Chapter 8 Answers823
Chapter 9 Answers825
Chapter 10 Answers826
Chapter 11 Answers827
Chapter 12 Answers828
Chapter 13 Answers830
Chapter 14 Answers831
Chapter 15 Answers833
Chapter 16 Answers834
Chapter 17 Answers834
Index837

Customer Reviews

Average Review:

Post to your social network

     

Most Helpful Customer Reviews

See all customer reviews

Cisco Secure Intrusion Detection System 5 out of 5 based on 0 ratings. 1 reviews.
Guest More than 1 year ago
This was an excellent book that explains the IDS concepts clearly and in a way that is easy to comprehend. The layout makes it easy to review for the exam!