CISCO IOS ACCESS LISTS
Ouvrage 9781565923850 : CISCO IOS ACCESS LISTS
Cisco routers are used widely both on the Internet
and in corporate intranets. At the same time, the
Cisco Internet Operating System (IOS) has grown to
be very large and complex, and Cisco
documentation fills several volumes.
Cisco IOS Access Lists focuses on a critical aspect
of the Cisco IOS--access lists. Access lists are
central to the task of securing routers and
networks, and administrators cannot implement access
control policies or traffic routing policies
without them. Access lists are used to specify both the
targets of network policies and the policies
themselves. They specify packet filtering for firewalls all
over the Internet.
Cisco IOS Access Lists covers three critical areas:
Intranets - The book serves as an introduction
and a reference for network engineers
implementing routing policies within Intranet
networking.
Firewalls - The book is a supplement and
companion reference to books such as Brent
Chapman's Building Internet Firewalls. Packet
filtering is an integral part of many firewall
architectures, and Cisco Access Lists
describes common packet filtering tasks and provides a
"bag of tricks" for firewall implementers.
The Internet - This book is also a guide to
the complicated world of route maps. Route maps
are an arcane BGP construct necessary to make
high level routing work on the Internet.
Cisco IOS Access Lists differs from other Cisco
router titles in that it focuses on practical instructions
for setting router access policies. The details of
interfaces and routing protocol settings are not
discussed
Jeff Sedayao is a network engineer with Intel
Online Services, the web and application hosting
division of Intel Corporation. From 1987 through
1999, he worked on architecting and maintaining Intel's
Internet connectivity, starting with a simple 2400
bps e-mail link through CSNET and ending up with
multiple sites connecting to the Internet with
multiple ISPs at multi-megabit speeds. He has always
been fascinated with policy and policy
implementation, ranging from using Cisco IOS access lists for
routing and firewall policies to sendmail
configurations and address space design. As part of Intel
Online Services, his main interests are with
network usage and performance issues, DNS and e-mail
implementation, and addressing and routing policy.
Table of Contents
Preface
1: Network Policies and Cisco Access Lists
Policy sets
The policy toolkit
2: Access List Basics
Standard access lists
Extended access lists
More on matching
Building and maintaining access lists
Named access lists
3: Implementing Security Policies
Router resource control
Packet filtering and firewalls
Alternatives to access lists
4: Implementing Routing Policies
Fundamentals of route filtering
Implementing routing modularity
Implementing route preferences
Alternatives to access lists
5: Debugging Access Lists
Router resource access control lists
Packet-filtering access control lists
Route-filtering access control lists
6: Route Maps
Other access list types
Generic route map format
Interior routing protocols and policy routing
BGP
Debugging route maps and BGP
7: Case Studies
A WAN case study
A firewall case study
An Internet routing case study
A: Extended Access List Protocols and Qualifiers
B: Binary and Mask Tables
C: Common Application Ports
Index
Auteur : SEDAYAO
Editeur : O'REILLY
Nombre de pages : 260
Date de publication : 07 2001
Toute la sélection
Toutes les sélections
Toute la sélection
Site réalisé en partenariat avec Courbis
(Courbis - alternate link), acteur de l'Internet depuis 1988...
Le Monde En Tique