Read an Excerpt
Welcome to ISCW! In 2006, Cisco Press contacted Scott and told him, albeit very quietly, that there was going to be a major revision of the CCNP certification exams. They then asked whether he would be interested in working on a command guide in the same fashion as his previous books for Cisco Press: the Cisco Networking Academy Program CCNA Command Quick Reference and the CCNA Portable Command Guide. The original idea was to create a single-volume command summary for all four of the new CCNP exams. However, early on in his research, Scott quickly discovered that there was far too much information in the four exams to create a single volumethat would have resulted in a book that was neither portable nor quick as a reference. So, Scott jokingly suggested that Cisco Press let him author four books, one for each exam. Well, you have to be careful what you wish for, because Cisco Press readily agreed. Realizing that this was going to be too much for one part-time author to handle, Scott quickly got his colleague Hans Roth on board as a coauthor.
This book is the third in a four-volume set that attempts to summarize the commands and concepts that you need to understand to pass one of the CCNP certification examsin this case, the Implementing Secure Converged WANs exam. It follows the format of Scott's previous books, which are in fact a cleaned-up version of his own personal engineering journala small notebook that you can carry around that contains little nuggets of information such as commands that you tend to forget, the IP addressing scheme of some remote part of the network, and little reminders about how to do something you need to do only once or twice a year that is vital to the integrity and maintenance of your network.
With the creation of two brand-new CCNP exams, the amount of new information out there is growing on an almost daily basis. There is always a new white paper to read, a new Webinar to view, another slideshow from a Networkers session that was never attended. The engineering journal can be that central repository of information that won't weigh you down as you carry it from the office or cubicle to the server and infrastructure room in some branch office.
To make this guide a more realistic one for you to use, the folks at Cisco Press have decided to continue with an appendix of blank pagespages on which you can write your own personal notes, such as your own configurations, commands that are not in this book but are needed in your world, and so on. That way this book will look less like the authors' journals and more like your own.
Networking Devices Used in the Preparation of This Book
To verify the commands in this book, many different devices were used. The following is a list of the equipment used in the writing of this book:
- C2620 router running Cisco IOS Release 12.3(7)T, with a fixed Fast Ethernet interface, a WIC-2A/S serial interface card, and an NM-1E Ethernet interface
- C2811 ISR bundle with PVDM2, CMME, a WIC-2T, FXS and FXO VICs, running Cisco IOS Release 12.4(3g)
- C2821 ISR bundle with HWICD 9ESW, a WIC-2A/S, running 12.4(16) Advanced Security IOS
- WS-C3560-24-EMI Catalyst switch, running Cisco IOS Release 12.2(25)SE
- WS-C3550-24-EMI Catalyst switch, running Cisco IOS Release 12.1(9)EA1c
- WS-C2960-24TT-L Catalyst switch, running Cisco IOS Release 12.2(25)SE
- WS-C2950-12 Catalyst switch, running version C2950-C3.0(5.3)WC(1) Enterprise Edition software
- C1760 1FE VE 4SLOT DV Mainboard Port adapter with PVDM2, CMME, WIC-2A/S, WIC-4ESW, MOD1700-VPN with 32F/128D running c1700-bk9no3r2sy7-mz.124-15.T1
- C1751 1FE VE DV Mainboard with WIC-4ESW, MOD1700-VPN with 16F/64D running c1700-advsecurityk9-mz.124-5a
- Cisco 3640 with 32F/128DRAM memory, 3 Ethernet interfaces, 2-WIC-1T running c3640-jk9o3s-mz.124-12a
These devices were not running the latest and greatest versions of Cisco IOS Software. Some of the equipment is quite old.
Those of you familiar with Cisco devices will recognize that a majority of these commands work across the entire range of the Cisco product line. These commands are not limited to the platforms and IOS versions listed. In fact, in most cases, these devices are adequate for someone to continue their studies beyond the CCNP level.
Who Should Read This Book
This book is for those people preparing for the CCNP ISCW exam, whether through self-study, on-the-job training and practice, study within the Cisco Networking Academy, or study through the use of a Cisco Training Partner. There are also some handy hints and tips along the way to make life a bit easier for you in this endeavor. This book is small enough that you will find it easy to carry around with you. Big, heavy textbooks might look impressive on your bookshelf in your office, but can you really carry them all around with you when you are working in some server room or equipment closet somewhere?
Organization of This Book
This book follows the list of objectives for the CCNP ISCW exam:
- Chapter 1, "Network Design Requirements"Offers an overview of the two different design models from Cisco: the Service-Oriented Network Architecture and the Enterprise Composite Network Model
- Chapter 2, "Connecting Teleworkers"Describes how to provision a cable modem, and how to configure a Cisco router as a PPPoE client
- Chapter 3, "Implementing Frame Mode MPLS"Describes how to configure MPLS on a router, including configuring CEF, configuring MPLS on a frame mode interface, and configuring MTU size in label switching
- Chapter 4, "IPsec VLANs"Describes how to configure, verify, and troubleshoot IPsec VLANs, including topics such as configuring IPsec, configuring GRE tunnels, creating High Availability using HSRP and stateful failover, Cisco Easy VPN Server and client, and configuring Easy VPN Server using Cisco SDM
- Chapter 5, "Cisco Device Hardening"Includes topics such as locking down routers with AutoSecure; setting login failure rates, timeouts, and multiple privilege levels; Role-Based CLI; securing your configuration files; and configuring SSH servers, syslog logging, NTP clients and servers, and AAA
- Chapter 6, "Cisco IOS Threat Defense Features"Includes topics such as configuring a basic firewall from the CLI and SDM, configuring a DMZ, and configuring inspection rules as part of an Advanced Firewall
As educators, we are always interested to hear how our students, and now readers of our books, do on both vendor exams and future studies. If you would like to contact either of us and let us know how this book helped you in your certification goals, please do so. Did we miss anything? Let us know. Contact us at email@example.com.
© Copyright Pearson Education. All rights reserved.