Cisco Secure Firewall Services Module (FWSM)

4.4 avg rating
( 5 ratings by Goodreads )
 
9781587053535: Cisco Secure Firewall Services Module (FWSM)
View all copies of this ISBN edition:
 
 

Cisco Secure Firewall Services Module (FWSM)

 

Best practices for securing networks with FWSM

 

Ray Blair, CCIE® No. 7050

Arvind Durai, CCIE No. 7016

 

The Firewall Services Module (FWSM) is a high-performance stateful-inspection firewall that integrates into the Cisco® 6500 switch and 7600 router chassis. The FWSM monitors traffic flows using application inspection engines to provide a strong level of network security. The FWSM defines the security parameter and enables the enforcement of security policies through authentication, access control lists, and protocol inspection. The FWSM is a key component to anyone deploying network security.

 

Cisco Secure Firewall Services Module (FWSM) covers all aspects of the FWSM. The book provides a detailed look at how the FWSM processes information, as well as installation advice, configuration details, recommendations for network integration, and reviews of operation and management. This book provides you with a single source that comprehensively answers how and why the FWSM functions as it does. This information enables you to successfully deploy the FWSM and gain the greatest functional benefit from your deployment. Practical examples throughout show you how other customers have successfully deployed the FWSM.

 

By reading this book, you will learn how the FWSM functions, the differences between the FWSM and the ASA Security Appliance, how to implement and maintain the FWSM, the latest features of the FWSM, and how to configure common installations.

 

Ray Blair, CCIE® No. 7050, is a consulting systems architect who has been with Cisco for more than 8 years, working primarily on security and large network designs. He has 20 years of experience in designing, implementing, and maintaining networks that have included nearly all networking technologies. Mr. Blair maintains three CCIE certifications in Routing and Switching, Security, and Service Provider. He is also a CNE and a CISSP.

 

Arvind Durai, CCIE No. 7016, is an advanced services technical leader for Cisco. His primary responsibility has been in supporting major Cisco customers in the enterprise sector. One of his focuses has been on security, and he has authored several white papers and design guides in various technologies. Mr. Durai maintains two CCIE certifications, in Routing and Switching and Security.

 

  • Understand modes of operation, security levels, and contexts for the FWSM
  • Configure routing protocols and the host-chassis to support the FWSM
  • Deploy ACLs and Authentication, Authorization, and Accounting (AAA)
  • Apply class and policy maps
  • Configure multiple FWSMs for failover support
  • Configure application and protocol inspection
  • Filter traffic using filter servers, ActiveX, and Java filtering functions
  • Learn how IP multicast and the FWSM interact
  • Increase performance with firewall load balancing
  • Configure IPv6 and asymmetric routing
  • Mitigate network attacks using shunning, anti-spoofing, connection limits, and timeouts
  • Examine network design, management, and troubleshooting best practices

 

This security book is part of the Cisco Press® Networking Technology series. Security titles from Cisco Press help networking professionals secure critical data and resources, prevent and mitigate network attacks, and build end-to-end self-defending networks.

 

Category: Networking: Security

Covers: Firewall security

 

"synopsis" may belong to another edition of this title.

About the Author:

Ray Blair is a consulting systems architect and has been with Cisco Systems for more than eight years, working primarily on security and large network designs. He has 20 years of experience with designing, implementing, and maintaining networks that have included nearly all networking technologies. His first four years in the high-technology industry started with designing industrial computer systems for process monitoring. Mr. Blair maintains three Cisco Certified Internetwork Expert (CCIE) certifications in Routing and Switching, Security, and Service Provider. He also is a Certified Novell Engineer (CNE) and a Certified Information Systems Security Professional (CISSP).

 

Arvind Durai is an advanced services technical leader for Cisco Systems. His primary responsibility has been in supporting major Cisco customers in the Enterprise sector, some of which includes Financial, Manufacturing, E-commerce, State Government, and Health Care sectors. One of his focuses has been on security, and he has authored several white papers and design guides in various technologies. Mr. Durai maintains two Cisco Certified Internetwork Expert (CCIE) certifications in Routing and Switching and Security. Mr. Durai holds a Bachelor of Science degree in Electronics and Communication, a Master’s degree in Electrical Engineering (MS), and Master’s degree in Business Administration (MBA).

 

Excerpt. Reprinted by permission. All rights reserved.:

Cisco Secure Firewall Services Module (FWSM)

Cisco Secure Firewall Services Module (FWSM)

Introduction

Firewalls are one of the main components used in securing a network infrastructure, and having an in-depth understanding of how these devices function is paramount to maintaining a secure network.

This book was written to provide an understanding of the functionality of the Firewall Services Module (FWSM), from both a hardware and software perspective and to be a practical design guide with configuration examples for the design, implementation, operation, and management of FWSM in various deployment scenarios.

Who Should Read This Book?

This book is targeted at individuals who would like an in-depth understanding of the FWSM. It is focused primarily for those who design, implement, or maintain the FWSM, such as security/network administrators. To get the most value from the material, the reader should have at least an intermediate knowledge of networking and security.

How This Book Is Organized

This book is organized into five sections that cover the basic introduction of firewalls, initial and advanced configurations, design guides and configuration examples, and features and functionality introduced in FWSM version 4.x code:

  • Chapter 1, "Types of Firewalls": This chapter explains the functionality of the different types of firewalls.

  • Chapter 2, "Overview of the Firewall Services Module": This chapter covers specifications, installation information, performance, and virtualization; shows a comparison of IOS FW, ASA, and FWSM; and also explains the hardware and software architecture.

  • Chapter 3, "Examining Modes of Operation": This chapter examines the modes of operation (transparent/routed) and explains the advantages of each.

  • Chapter 4, "Understanding Security Levels": This chapter explains how traffic flows between interfaces, using both NAT and PAT and routed and transparent modes.

  • Chapter 5, "Understanding Contexts": This chapter provides an overview of the benefits of contexts and how to manage them.

  • Chapter 6, "Configuring and Securing the 6500/7600 Chassis": This chapter explains how to configure the host chassis to support the FWSM.

  • Chapter 7, "Configuring the FWSM": This chapter covers the initial configuration of the FWSM.

  • Chapter 8, "Access Control Lists": This chapter examines the use of ACLs.

  • Chapter 9, "Configuring Routing Protocols": This chapter explains the use of routing protocols on the FWSM.

  • Chapter 10, "AAA Overview": This chapter covers the principles of using authentication, authorization, and accounting.

  • Chapter 11, "Modular Policy": This chapter covers the use of class and policy maps.

  • Chapter 12, "Understanding Failover in FWSM": This chapter explains the use and configuration of using multiple FWSMs for high availability.

  • Chapter 13, "Understanding Application Protocol Inspection": This chapter covers the use and configuration of application and protocol inspection.

  • Chapter 14, "Filtering": This chapter examines how traffic can be filtered using filter servers and how Active X and Java filtering function.

  • Chapter 15, "Managing and Monitoring the FWSM": This chapter covers the different options of managing and monitoring the FWSM.

  • Chapter 16, "Multicast": This chapter explains the interaction of multicast with the FWSM and provides some practical examples.

  • Chapter 17, "Asymmetric Routing": This chapter provides an explanation of asymmetric routing and how it can be configured.

  • Chapter 18, "Firewall Load Balancing": This chapter covers the options of how to increase performance using multiple FWSMs.

  • Chapter 19, "IP Version 6": This chapter explains IPv6 and how it is configured on the FWSM.

  • Chapter 20, "Preventing Network Attacks": This chapter examines how to mitigate network attacks, using shunning, antispoofing, connection limits, and timeouts.

  • Chapter 21, "Troubleshooting the FWSM": This chapter explains how to leverage the appropriate tools to solve problems.

  • Chapter 22, "Designing a Network Infrastructure": This chapter covers an overview on placement of the FWSM in the network.

  • Chapter 23, "Design Scenarios": This chapter provides many practical examples of how the FWSM can be configured.

  • Chapter 24, "FWSM 4.x Performance and Scalability Improvements": This chapter covers the performance improvements in 4.x code.

  • Chapter 25, "Understanding FWSM 4.x Routing and Feature Enhancements": This chapter explains the use of commands introduced in 4.x code.


© Copyright Pearson Education. All rights reserved.

"About this title" may belong to another edition of this title.

Top Search Results from the AbeBooks Marketplace

International Edition
International Edition

1.

Blair
ISBN 10: 1587053535 ISBN 13: 9781587053535
New Paperback Quantity Available: 5
International Edition
Seller:
PRIORITY BOOKS
(Springfield, VA, U.S.A.)
Rating
[?]

Book Description Paperback. Condition: New. Softcover Book, New Condition, Fast Shipping. Ready in Stock. 1st Edition. [Please Read Carefully Before Buying], This Is An International Edition. Printed In Black and White. 528 pages, Book Cover And ISBN No May Be Different From US Edition. Restricted Sales Disclaimer Wordings Not For Sales In USA And Canada May Be Printed On The Cover Of The Book. Standard Shipping 7-14 Business Days. Expedited Shiping 4-8 Business Days. ***WE DO NOT ENTERTAIN BULK ORDERS.*** The Books May Be Ship From Overseas For Inventory Purpose. Seller Inventory # 395856

More information about this seller | Contact this seller

Buy New
US$ 22.22
Convert Currency

Add to Basket

Shipping: US$ 3.99
Within U.S.A.
Destination, Rates & Speeds
International Edition
International Edition

2.

Blair
ISBN 10: 1587053535 ISBN 13: 9781587053535
New Paperback Quantity Available: 1
International Edition
Seller:
Nick Book House
(Fresno, CA, U.S.A.)
Rating
[?]

Book Description Paperback. Condition: New. New, Softcover International Edition, Printed in Black and White, Different ISBN, Same Content As US edition, Book Cover may be Different, in English Language. Seller Inventory # 14525

More information about this seller | Contact this seller

Buy New
US$ 22.32
Convert Currency

Add to Basket

Shipping: US$ 3.99
Within U.S.A.
Destination, Rates & Speeds

3.

Blair, Ray
Published by Pearson Education (2008)
ISBN 10: 1587053535 ISBN 13: 9781587053535
New Quantity Available: > 20
Print on Demand
Seller:
Pbshop
(Wood Dale, IL, U.S.A.)
Rating
[?]

Book Description Pearson Education, 2008. PAP. Condition: New. New Book. Shipped from US within 10 to 14 business days. THIS BOOK IS PRINTED ON DEMAND. Established seller since 2000. Seller Inventory # IQ-9781587053535

More information about this seller | Contact this seller

Buy New
US$ 49.96
Convert Currency

Add to Basket

Shipping: US$ 3.99
Within U.S.A.
Destination, Rates & Speeds

4.

Blair, Ray; Durai, Arvind
Published by Cisco Press
ISBN 10: 1587053535 ISBN 13: 9781587053535
New PAPERBACK Quantity Available: 1
Seller:
Cloud 9 Books
(Wellington, FL, U.S.A.)
Rating
[?]

Book Description Cisco Press. PAPERBACK. Condition: New. 1587053535 New Condition. Seller Inventory # NEW7.3129556

More information about this seller | Contact this seller

Buy New
US$ 59.99
Convert Currency

Add to Basket

Shipping: US$ 4.99
Within U.S.A.
Destination, Rates & Speeds

5.

Blair, Ray
Published by Pearson Education (2008)
ISBN 10: 1587053535 ISBN 13: 9781587053535
New Quantity Available: > 20
Print on Demand
Seller:
Books2Anywhere
(Fairford, GLOS, United Kingdom)
Rating
[?]

Book Description Pearson Education, 2008. PAP. Condition: New. New Book. Delivered from our UK warehouse in 4 to 14 business days. THIS BOOK IS PRINTED ON DEMAND. Established seller since 2000. Seller Inventory # IQ-9781587053535

More information about this seller | Contact this seller

Buy New
US$ 52.53
Convert Currency

Add to Basket

Shipping: US$ 12.62
From United Kingdom to U.S.A.
Destination, Rates & Speeds

6.

Blair, Ray
Published by Cisco Press (2018)
ISBN 10: 1587053535 ISBN 13: 9781587053535
New Paperback Quantity Available: 18
Print on Demand
Seller:
Murray Media
(North Miami Beach, FL, U.S.A.)
Rating
[?]

Book Description Cisco Press, 2018. Paperback. Condition: New. Never used! This item is printed on demand. Seller Inventory # 1587053535

More information about this seller | Contact this seller

Buy New
US$ 66.22
Convert Currency

Add to Basket

Shipping: US$ 1.99
Within U.S.A.
Destination, Rates & Speeds

7.

Ray Blair, Arvind Durai
Published by Pearson Education (US), United States (2008)
ISBN 10: 1587053535 ISBN 13: 9781587053535
New Paperback Quantity Available: 10
Print on Demand
Seller:
Book Depository International
(London, United Kingdom)
Rating
[?]

Book Description Pearson Education (US), United States, 2008. Paperback. Condition: New. Language: English . Brand New Book ***** Print on Demand *****. Cisco Secure Firewall Services Module (FWSM) Best practices for securing networks with FWSM Ray Blair, CCIE (R) No. 7050Arvind Durai, CCIE No. 7016 The Firewall Services Module (FWSM) is a high-performance stateful-inspection firewall that integrates into the Cisco (R) 6500 switch and 7600 router chassis. The FWSM monitors traffic flows using application inspection engines to provide a strong level of network security. The FWSM defines the security parameter and enables the enforcement of security policies through authentication, access control lists, and protocol inspection. The FWSM is a key component to anyone deploying network security. Cisco Secure Firewall Services Module (FWSM) covers all aspects of the FWSM. The book provides a detailed look at how the FWSM processes information, as well as installation advice, configuration details, recommendations for network integration, and reviews of operation and management. This book provides you with a single source that comprehensively answers how and why the FWSM functions as it does. This information enables you to successfully deploy the FWSM and gain the greatest functional benefit from your deployment. Practical examples throughout show you how other customers have successfully deployed the FWSM. By reading this book, you will learn how the FWSM functions, the differences between the FWSM and the ASA Security Appliance, how to implement and maintain the FWSM, the latest features of the FWSM, and how to configure common installations. Ray Blair, CCIE (R) No. 7050, is a consulting systems architect who has been with Cisco for more than 8 years, working primarily on security and large network designs. He has 20 years of experience in designing, implementing, and maintaining networks that have included nearly all networking technologies. Mr. Blair maintains three CCIE certifications in Routing and Switching, Security, and Service Provider. He is also a CNE and a CISSP. Arvind Durai, CCIE No. 7016, is an advanced services technical leader for Cisco. His primary responsibility has been in supporting major Cisco customers in the enterprise sector. One of his focuses has been on security, and he has authored several white papers and design guides in various technologies. Mr. Durai maintains two CCIE certifications, in Routing and Switching and Security. Understand modes of operation, security levels, and contexts for the FWSM Configure routing protocols and the host-chassis to support the FWSM Deploy ACLs and Authentication, Authorization, and Accounting (AAA) Apply class and policy maps Configure multiple FWSMs for failover support Configure application and protocol inspection Filter traffic using filter servers, ActiveX, and Java filtering functions Learn how IP multicast and the FWSM interact Increase performance with firewall load balancing Configure IPv6 and asymmetric routing Mitigate network attacks using shunning, anti-spoofing, connection limits, and timeouts Examine network design, management, and troubleshooting best practices This security book is part of the Cisco Press (R) Networking Technology series. Security titles from Cisco Press help networking professionals secure critical data and resources, prevent and mitigate network attacks, and build end-to-end self-defending networks. Category: Networking: SecurityCovers: Firewall security. Seller Inventory # APC9781587053535

More information about this seller | Contact this seller

Buy New
US$ 72.44
Convert Currency

Add to Basket

Shipping: FREE
From United Kingdom to U.S.A.
Destination, Rates & Speeds

8.

Blair, Ray; Durai, Arvind
Published by Cisco Press (2008)
ISBN 10: 1587053535 ISBN 13: 9781587053535
New Paperback Quantity Available: 10
Seller:
Ergodebooks
(RICHMOND, TX, U.S.A.)
Rating
[?]

Book Description Cisco Press, 2008. Paperback. Condition: New. Seller Inventory # INGM9781587053535

More information about this seller | Contact this seller

Buy New
US$ 67.85
Convert Currency

Add to Basket

Shipping: US$ 4.99
Within U.S.A.
Destination, Rates & Speeds

9.

Ray Blair, Arvind Durai
Published by Pearson Education (US), United States (2008)
ISBN 10: 1587053535 ISBN 13: 9781587053535
New Paperback Quantity Available: 10
Print on Demand
Seller:
The Book Depository
(London, United Kingdom)
Rating
[?]

Book Description Pearson Education (US), United States, 2008. Paperback. Condition: New. Language: English . Brand New Book ***** Print on Demand *****.Cisco Secure Firewall Services Module (FWSM) Best practices for securing networks with FWSM Ray Blair, CCIE (R) No. 7050Arvind Durai, CCIE No. 7016 The Firewall Services Module (FWSM) is a high-performance stateful-inspection firewall that integrates into the Cisco (R) 6500 switch and 7600 router chassis. The FWSM monitors traffic flows using application inspection engines to provide a strong level of network security. The FWSM defines the security parameter and enables the enforcement of security policies through authentication, access control lists, and protocol inspection. The FWSM is a key component to anyone deploying network security. Cisco Secure Firewall Services Module (FWSM) covers all aspects of the FWSM. The book provides a detailed look at how the FWSM processes information, as well as installation advice, configuration details, recommendations for network integration, and reviews of operation and management. This book provides you with a single source that comprehensively answers how and why the FWSM functions as it does. This information enables you to successfully deploy the FWSM and gain the greatest functional benefit from your deployment. Practical examples throughout show you how other customers have successfully deployed the FWSM. By reading this book, you will learn how the FWSM functions, the differences between the FWSM and the ASA Security Appliance, how to implement and maintain the FWSM, the latest features of the FWSM, and how to configure common installations. Ray Blair, CCIE (R) No. 7050, is a consulting systems architect who has been with Cisco for more than 8 years, working primarily on security and large network designs. He has 20 years of experience in designing, implementing, and maintaining networks that have included nearly all networking technologies. Mr. Blair maintains three CCIE certifications in Routing and Switching, Security, and Service Provider. He is also a CNE and a CISSP. Arvind Durai, CCIE No. 7016, is an advanced services technical leader for Cisco. His primary responsibility has been in supporting major Cisco customers in the enterprise sector. One of his focuses has been on security, and he has authored several white papers and design guides in various technologies. Mr. Durai maintains two CCIE certifications, in Routing and Switching and Security. Understand modes of operation, security levels, and contexts for the FWSM Configure routing protocols and the host-chassis to support the FWSM Deploy ACLs and Authentication, Authorization, and Accounting (AAA) Apply class and policy maps Configure multiple FWSMs for failover support Configure application and protocol inspection Filter traffic using filter servers, ActiveX, and Java filtering functions Learn how IP multicast and the FWSM interact Increase performance with firewall load balancing Configure IPv6 and asymmetric routing Mitigate network attacks using shunning, anti-spoofing, connection limits, and timeouts Examine network design, management, and troubleshooting best practices This security book is part of the Cisco Press (R) Networking Technology series. Security titles from Cisco Press help networking professionals secure critical data and resources, prevent and mitigate network attacks, and build end-to-end self-defending networks. Category: Networking: SecurityCovers: Firewall security. Seller Inventory # APC9781587053535

More information about this seller | Contact this seller

Buy New
US$ 74.75
Convert Currency

Add to Basket

Shipping: FREE
From United Kingdom to U.S.A.
Destination, Rates & Speeds

10.

Ray Blair, Arvind Durai
Published by Cisco Press (2008)
ISBN 10: 1587053535 ISBN 13: 9781587053535
New Paperback Quantity Available: 1
Seller:
Ergodebooks
(RICHMOND, TX, U.S.A.)
Rating
[?]

Book Description Cisco Press, 2008. Paperback. Condition: New. 1. Seller Inventory # DADAX1587053535

More information about this seller | Contact this seller

Buy New
US$ 74.95
Convert Currency

Add to Basket

Shipping: US$ 4.99
Within U.S.A.
Destination, Rates & Speeds

There are more copies of this book

View all search results for this book