Self-Defending Networks: The Next Generation of Network Security

Paperback (Print)
Used and New from Other Sellers
Used and New from Other Sellers
from $1.99
Usually ships in 1-2 business days
(Save 95%)
Other sellers (Paperback)
  • All (6) from $1.99   
  • New (2) from $11.95   
  • Used (4) from $1.99   
Sort by
Page 1 of 1
Showing All
Note: Marketplace items are not eligible for any coupons and promotions
Seller since 2006

Feedback rating:



New — never opened or used in original packaging.

Like New — packaging may have been opened. A "Like New" item is suitable to give as a gift.

Very Good — may have minor signs of wear on packaging but item works perfectly and has no damage.

Good — item is in good condition but packaging may have signs of shelf wear/aging or torn packaging. All specific defects should be noted in the Comments section associated with each item.

Acceptable — item is in working order but may show signs of wear such as scratches or torn packaging. All specific defects should be noted in the Comments section associated with each item.

Used — An item that has been opened and may show signs of wear. All specific defects should be noted in the Comments section associated with each item.

Refurbished — A used item that has been renewed or updated and verified to be in proper working condition. Not necessarily completed by the original manufacturer.

"Oversized softcover. Cisco Press, ISBN: 1587052539. Pristine condition. No wear. No crease on spine. No markings. No remainder mark. Shipped with USPS tracking. Shipped by ... Airmail to addresses outside the U.S." Read more Show Less

Ships from: Holmdel, NJ

Usually ships in 1-2 business days

  • Standard, 48 States
  • Standard (AK, HI)
Seller since 2008

Feedback rating:


Condition: New

Ships from: Chicago, IL

Usually ships in 1-2 business days

  • Standard, 48 States
  • Standard (AK, HI)
Page 1 of 1
Showing All
Sort by


Protect your network with self-regulating network security solutions that combat both internal and external threats.

  • Provides an overview of the security components used to design proactive network security
  • Helps network security professionals understand what the latest tools and techniques can do and how they interact
  • Presents detailed information on how to use integrated management to increase security
  • Includes a design guide with step-by-step implementation instructions

Self-Defending Networks: The Next Generation of Network Security helps networking professionals understand how to deploy an end-to-end, integrated network security solution. It presents a clear view of the various components that can be used throughout the network to not only monitor traffic but to allow the network itself to become more proactive in preventing and mitigating network attacks. This security primer provides unique insight into the entire range of Cisco security solutions, showing what each element is capable of doing and how all of the pieces work together to form an end-to-end Self-Defending Network. While other books tend to focus on individual security components, providing in-depth configuration guidelines for various devices and technologies, Self-Defending Networks instead presents a high-level overview of the entire range of technologies and techniques that comprise the latest thinking in proactive network security defenses. This book arms network security professionals with the latest information on the comprehensive suite of Cisco security tools and techniques. Network Admission Control, Network Infection Containment, Dynamic Attack Mitigation, DDoS Mitigation, Host Intrusion Prevention, and Integrated Security Management are all covered, providing the most complete overview of various security systems. It focuses on leveraging integrated management, rather than including a device-by-device manual to implement self-defending networks.

Read More Show Less

Product Details

  • ISBN-13: 9781587052538
  • Publisher: Cisco Press
  • Publication date: 9/14/2006
  • Series: Networking Technology: Security Series
  • Edition description: New Edition
  • Pages: 239
  • Product dimensions: 7.42 (w) x 9.30 (h) x 0.68 (d)

Meet the Author

Duane De Capite is a product line manager in the Security and Technology Group (STG) at Cisco Systems,

Inc., and has been working with security and management teams for the past five years. Duane has

also held marketing and engineering roles in IOS, storage networking, content networking, and management

at Cisco. Prior to Cisco, Duane worked at IBM as a software developer. Duane holds an M.B.A.

degree from the University of North Carolina at Chapel Hill and a B.S. degree in engineering from North

Carolina State University, Summa Cum Laude. Duane has also completed graduate coursework toward an

M.S. in engineering at Stanford University. Duane lives with his family in Chapel Hill, North Carolina.

Read More Show Less

Table of Contents



Chapter 1 Understanding Types of Network Attacks and Defenses

Categorizing Network Attacks



Trojan Horse


Distributed Denial-of-Service



Understanding Traditional Network Defenses

Router Access Lists


Intrusion Detection Systems

Virtual Private Networks

Antivirus Programs

Introducing Cisco Self-Defending Networks

DDoS Mitigation

Intrusion Prevention Systems

Adaptive Security Appliance

Incident Control Service

Network Admission Control

IEEE 802.1x

Host Intrusion Prevention: CSA

Cisco Security Centralized Management



Chapter 2 Mitigating Distributed Denial-of-Service Attacks

Understanding Types of DDoS Attacks

DDoS Mitigation Overview

Using Cisco Traffic Anomaly Detector

Configuring the Traffic Anomaly Detector

Zone Creation

Traffic Anomaly Detector Zone Filters

Policy Template

Learning Phase

Detecting and Reporting Traffic Anomalies

Configuring Cisco Guard


Zone Creation and Synchronization

Cisco Guard Zone Filters

Zone Traffic Diversion

Learning Phase

Activating Zone Protection

Generating Attack Reports



Chapter 3 Cisco Adaptive Security Appliance Overview


Intrusion Prevention Service

Launch ASDM for IPS Configuration

Configure Service Policy Rules

Define IPS Signatures

Protocol Inspection Services

HTTP Inspection Engine



Configuring Content Security and Control Security

Content Security and Control Services Module (CSC-SSM) Setup


URL Blocking

URL Filtering


File Blocking




Content Filtering

File Transfer



Chapter 4 Cisco Incident Control Service

Implementing Outbreak Management with Cisco ICS

Outbreak Management Summary

Information and Statistics on Network Threats from Trend Micro

New Outbreak Management Task

Outbreak Settings

Displaying Outbreak Reports

OPACL Settings

Exception List

Report Settings

Watch List Settings

Automatic Outbreak Management Task

Displaying Devices

Device List

Add Device

Viewing Logs

Incident Log Query

Event Log Query

Outbreak Log Query

Log Maintenance



Chapter 5 Demystifying 802.1x

Fundamentals of 802.1x

Introducing Cisco Identity-Based Networking Services

Machine Authentication

802.1x and NAC

Using EAP Types






VPN and 802.1x



Chapter 6 Implementing Network Admission Control

Network Admission Control Overview

NAC Framework Benefits

NAC Framework Components

Endpoint Security Application

Posture Agent

Network Access Devices

Policy Server

Management and Reporting Tools

Operational Overview

Network Admission for NAC-enabled Endpoints

Endpoint Attempts to Access the Network

NAD Notifies Policy Server

Cisco Secure ACS Compares Endpoint to NAC Policy

Cisco Secure ACS Forwards Information to Partner Policy Servers

Cisco Secure ACS Makes a Decision

Cisco Secure ACS Sends Enforcement Actions

NAD Enforces Actions

Posture Agent Actions

Endpoint Polled for Change of Compliance

Revalidation Process

Network Admission for NAC Agentless Hosts

Deployment Models

LAN Access Compliance

WAN Access Compliance

Remote Access Compliance



Chapter 7 Network Admission Control Appliance

NAC Appliance Features

NAC Appliance Manager

Device Management

CCA Servers


Clean Access

Switch Management

User Management





Chapter 8 Managing the Cisco Security Agent

Management Center for Cisco Security Agents

Deploying Cisco Secure Agent Kits

Displaying the End-Station Hostname in the Device Groups

Reviewing Policies

Attaching Rules to a Policy

Generating and Deploying Rules

Using Event Monitor

Running Cisco Security Agent Analysis

Cisco Security Agent


System Security



Chapter 9 Cisco Security Manager

Getting Started

Device View

Add Device

Configure Access Conrol Lists (ACLs) from Device View

Configuring Interface Roles

Apply Access Control List (ACL) Rules to Multiple Devices

Invoking the Policy Query

Using Analysis and Hit Count Functions

Map View

Showing Devices on the Topology Map

Adding Cloud Networks and Hosts to the Topology Map

Configuring Firewall Access Control List (ACLs) Rules from Topology Map

Policy View

Access Control List (ACL) Rules Security Policy

Policy Inheritance and Mandatory Security Policies

IPS Management

Object Manager

Value Override Per Device



Chapter 10 Cisco Security Monitoring, Analysis, and Response System

Understanding Cisco Security MARS Features

Summary Dashboard


Displaying Path of Incident and Mitigating the Attack

Hotspot Graph and Attack Diagram





Cisco Security Manager Linkages



1587052539, TOC, 8/14/2006

Read More Show Less

Customer Reviews

Be the first to write a review
( 0 )
Rating Distribution

5 Star


4 Star


3 Star


2 Star


1 Star


Your Rating:

Your Name: Create a Pen Name or

Barnes & Review Rules

Our reader reviews allow you to share your comments on titles you liked, or didn't, with others. By submitting an online review, you are representing to Barnes & that all information contained in your review is original and accurate in all respects, and that the submission of such content by you and the posting of such content by Barnes & does not and will not violate the rights of any third party. Please follow the rules below to help ensure that your review can be posted.

Reviews by Our Customers Under the Age of 13

We highly value and respect everyone's opinion concerning the titles we offer. However, we cannot allow persons under the age of 13 to have accounts at or to post customer reviews. Please see our Terms of Use for more details.

What to exclude from your review:

Please do not write about reviews, commentary, or information posted on the product page. If you see any errors in the information on the product page, please send us an email.

Reviews should not contain any of the following:

  • - HTML tags, profanity, obscenities, vulgarities, or comments that defame anyone
  • - Time-sensitive information such as tour dates, signings, lectures, etc.
  • - Single-word reviews. Other people will read your review to discover why you liked or didn't like the title. Be descriptive.
  • - Comments focusing on the author or that may ruin the ending for others
  • - Phone numbers, addresses, URLs
  • - Pricing and availability information or alternative ordering information
  • - Advertisements or commercial solicitation


  • - By submitting a review, you grant to Barnes & and its sublicensees the royalty-free, perpetual, irrevocable right and license to use the review in accordance with the Barnes & Terms of Use.
  • - Barnes & reserves the right not to post any review -- particularly those that do not follow the terms and conditions of these Rules. Barnes & also reserves the right to remove any review at any time without notice.
  • - See Terms of Use for other conditions and disclaimers.
Search for Products You'd Like to Recommend

Recommend other products that relate to your review. Just search for them below and share!

Create a Pen Name

Your Pen Name is your unique identity on It will appear on the reviews you write and other website activities. Your Pen Name cannot be edited, changed or deleted once submitted.

Your Pen Name can be any combination of alphanumeric characters (plus - and _), and must be at least two characters long.

Continue Anonymously

    If you find inappropriate content, please report it to Barnes & Noble
    Why is this product inappropriate?
    Comments (optional)