Book description
All the CCNP ISCW 642-825 commands in one compact and portable resource
All CCNP ISCW commands in an easily referenced resource, no need to be near the Internet for searching online resources
Compact size makes it easy to carry with you as a reference in the workplace. No need to carry around big thick books
ONLY book published with all CCNP ISCW commands from the only official Cisco certification self study publisher
With hundreds of Cisco IOS® Software commands, options, and command arguments to remember, a CCNP ISCW candidate has a lot to commit to memory. Having an easy-to-use, portable reference filled with handy tips and examples on how to apply the commands to real-world scenarios will help increase your familiarity with Cisco IOS Software when working on routers and switches. The CCNP ISCW Portable Command Guide is a supplementary guide to assist network administrators in the proper use of the Cisco IOS and of the commands needed to pass the CCNP ISCW exam. The guide summarizes all ISCW commands, keywords, command arguments, and associated prompts. Configuration examples are provided throughout the book to give a better understanding of how these commands are used in network designs. This guide is not meant to replace any existing learning materials but rather serve as a supplementary guide to assist networkers in the proper use of the many different commands that are required to successfully pass the CCNP ISCW exam. The CCNP ISCW (Implementing Secure Converged WANs) is one of four exams required for the CCNP certification from Cisco, and it focuses on network security and integration technologies.
Table of contents
- Copyright
- About the Authors
- Acknowledgments
- Icons Used in This Book
- Introduction
- 1. Network Design Requirements
-
2. Connecting Teleworkers
-
Configuration Example: DSL Using PPPoE
- Step 1: Configure PPPoE (External Modem)
- Virtual Private Dial-Up Network (VPDN) Programming
- Step 2: Configure the Dialer Interface
- For Password Authentication Protocol (PAP)
- For Challenge Handshake Authentication Protocol (CHAP)
- Step 3: Define Interesting Traffic and Specify Default Routing
- Step 4a: Configure NAT Using an ACL
- Step 4b: Configure NAT Using a Route Map
- Step 5: Configure DHCP Service
- Step 6: Apply NAT Programming
- Step 7: Verify a PPPoE Connection
- Configuring PPPoA
- Configuring a Cable Modem Connection
- Configuring L2 Bridging Using a Cisco Cable Modem HWIC
- Configuring L3 Routing Using a Cisco Cable Modem HWIC
-
Configuration Example: DSL Using PPPoE
- 3. Implementing Frame Mode MPLS
-
4. IPsec VPNs
-
Configuring a Teleworker to Branch Office VPN Using CLI
- Step 1: Configure the ISAKMP Policy (IKE Phase 1)
- Step 2: Configure Policies for the Client Group(s)
- Step 3: Configure the IPsec Transform Sets (IKE Phase 2, Tunnel Termination)
- Step 4: Configure Router AAA and Add VPN Client Users
- Step 5: Create VPN Client Policy for Security Association Negotiation
- Step 6: Configure the Crypto Map (IKE Phase 2)
- Step 7: Apply the Crypto Map to the Interface
- Step 8: Verify the VPN Service
-
Configuring IPsec Site-to-Site VPNs Using CLI
- Step 1: Configure the ISAKMP Policy (IKE Phase 1)
- Step 2: Configure the IPsec Transform Sets (IKE Phase 2, Tunnel Termination)
- Step 3: Configure the Crypto ACL (Interesting Traffic, Secure Data Transfer)
- Step 4: Configure the Crypto Map (IKE Phase 2)
- Step 5: Apply the Crypto Map to the Interface (IKE Phase 2)
- Step 6: Configure the Firewall Interface ACL
- Step 7: Verify the VPN Service
- Configuring IPsec Site-to-Site VPNs Using SDM
-
Configuring GRE Tunnels over IPsec
- Step 1: Create the GRE Tunnel
- Step 2: Specify the IPsec VPN Authentication Method
- Step 3: Specify the IPsec VPN IKE Proposals
- Step 4: Specify the IPsec VPN Transform Sets
- Step 5a: Specify Static Routing for the GRE over IPsec Tunnel
- Step 5b: Specify Routing with OSPF for the GRE over IPsec Tunnel
- Step 6: Enable the Crypto Programming at the Interfaces
- Configuring a Static IPsec Virtual Tunnel Interface
- Configuring High Availability VPNs
- Configuring Easy VPN Server Using Cisco SDM
- Implementing the Cisco VPN Client
-
Configuring a Teleworker to Branch Office VPN Using CLI
-
5. Cisco Device Hardening
- Disabling Unneeded Services and Interfaces
- Disabling Commonly Configured Management Services
- Disabling Path Integrity Mechanisms
- Disabling Features Related to Probes and Scans
- Terminal Access Security
- Gratuitous and Proxy Address Resolution Protocol
- Disabling IP Directed Broadcasts
- Locking Down Routers with AutoSecure
- Optional AutoSecure Parameters
- Locking Down Routers with Cisco SDM
- Setting Cisco Passwords and Password Security
- Securing ROMMON
- Setting a Login Failure Rate
- Setting Timeouts
- Setting Multiple Privilege Levels
- Configuring Banner Messages
- Role-Based CLI
- Secure Configuration Files
- Tips for Using Access Control Lists
- Using ACLs to Filter Network Traffic to Mitigate Threats
- Mitigating Dedicated DoS Attacks with ACLs
- Configuring an SSH Server for Secure Management and Reporting
- Configuring Syslog Logging
- Configuring an SNMP Managed Node
- Configuring NTP Clients and Servers
- Configuration Example: NTP
- Configuring AAA on Cisco Routers Using CLI
- Configuring AAA on Cisco Routers Using SDM
-
6. Cisco IOS Threat Defense Features
-
Configuring an IOS Firewall from the CLI
- Step 1: Choose the Interface and Packet Direction to Inspect
- Step 2: Configure an IP ACL for the Interface
- Step 3: Set Audit Trails and Alerts
- Step 4: Define the Inspection Rules
- Step 5: Apply the Inspection Rules and the ACL to the Outside Interface
- Step 6: Verify the Configuration
- Troubleshooting the Configuration
- Configuring a Basic Firewall Using SDM
- Configuring an Advanced Firewall Using SDM
- Verifying Firewall Activity Using CLI
- Verifying Firewall Activity Using SDM
- Configuring Cisco IOS Intrusion Prevention System from the CLI
- Configuring Cisco IOS IPS from the SDM
- Viewing Security Device Event Exchange Messages Through SDM
- Tuning Signatures Through SDM
-
Configuring an IOS Firewall from the CLI
- Create Your Own Journal Here
Product information
- Title: CCNP ISCW Portable Command Guide
- Author(s):
- Release date: March 2008
- Publisher(s): Cisco Press
- ISBN: 9781587057458
You might also like
book
CCNP ONT Portable Command Guide
All the ONT 642-845 commands in one compact, portable resource Preparing for the CCNP® certification? Working …
book
CCNP BSCI Portable Command Guide
&> Preparing for the CCNP® certification? Working as a network professional? Here are all the CCNP-level …
book
CCNP Wireless IAUWS Quick Reference
The 642-736 IAUWS Implementing Advanced Cisco Unified Wireless Security exam is one of four exams associated …
book
CCNP Routing and Switching Quick Reference (642-902, 642-813, 642-832)
As a final preparation tool providing a review of CCNP exam topics, the CCNP Quick Reference …