(Ebook) Advanced Host Intrusion Prevention with CSA 1st Edition by Chad Sullivan, Jeff Asher, Paul Mauvais ISBN 1587052520 9781587052521

(Ebook) Advanced Host Intrusion Prevention with CSA 1st Edition by Chad Sullivan, Jeff Asher, Paul Mauvais ISBN 1587052520 9781587052521

(Ebook) Advanced Host Intrusion Prevention with CSA 1st Edition by Chad Sullivan, Jeff Asher, Paul Mauvais - Ebook PDF Instant Download/Delivery: 1587052520, 9781587052521
Full download (Ebook) Advanced Host Intrusion Prevention with CSA 1st Edition after payment

Product details:

ISBN 10: 1587052520 
ISBN 13: 9781587052521
Author: Chad Sullivan, Jeff Asher, Paul Mauvais

Protecting systems within an enterprise has proven as important to overall security as securing the enterprise perimeter. Over the past few years, the number of vulnerabilities stemming from weaknesses in applications and operating systems has grown dramatically. In direct correlation with the number of weaknesses discovered, the number of viruses, worms, and security attacks has also exploded across the Internet. To add to the typical virus issues that businesses have had to confront, there are also malicious programs infiltrating organizations today in the form of spyware and adware.

• Prevent day-zero attacks
• Enforce acceptable-use policies
• Develop host-IPS project implementation plans
• Evaluate management hierarchy installation options, including single-server, multiserver, and built-in database usage
• Learn about CSA agents and manual and scripted installation options
• Understand policy components and custom policy creation
• Use and filter information from CSA event logs
• Troubleshoot CSA deployments with agent and management server logs and built-in troubleshooting tools

Protecting systems where the private data and intellectual property resides is no longer considered a function of perimeter defense systems but has instead become the domain of endpoint protection software, such as host Intrusion Prevention Systems (IPS). Cisco® Security Agent (CSA) is the Cisco Systems® host-IPS solution. CSA provides the security controls that corporations need to deal with threats to host and desktop computing resources.

Advanced Host Intrusion Prevention with CSA is a practical guide to getting the most out of CSA deployments. Through methodical explanation of advanced CSA features and concepts, this book helps ease the fears of security administrators seeking to install and configure a host IPS. This book explains in detail such topics as installation of the management servers, installation of the agents for mass deployment, granular agent policy creation, advanced policy creation, real-world troubleshooting techniques, and best practices in implementation methodology. This guide also provides a practical installation framework taken from the actual installation and support experience of the authors.

(Ebook) Advanced Host Intrusion Prevention with CSA 1st Table of contents:

1. CSA Overview

2. Malicious Code

3. Hackers

4. Legislation

5. Capabilities

6. CSA Component Architecture

7. CSA Hosts and Groups

8. Policy Implementation

9. CSA Project Planning and Implementation

10. Defining Purpose

11. Understanding the Environment

12. Important Individuals

13. Timeline

14. Pre-Planning

15. Pilot

16. Production Implementation

17. Ongoing Support

18. Security Policy Document

19. Change Control Documentation

20. Quality Assurance

21. Contacts and Support Escalation

22. CSA Installation

23. Implementation Options

24. CSA MC Server Hardware Requirements

25. CSA MC Server Installation

26. Agent Installation Requirements

27. Agent Installer

28. Installation Parameters and Examples for SETUP.EXE

29. CSA Policy

30. Policy Requirements

31. Purpose of Policy

32. Policy Application and Association

33. Builtin Policy Details

34. Why Write Custom Policies?

35. Preparing for the CSA Tuning Process

36. Best Practices for Tuning

37. Sample Custom Policies

38. Using Dynamic Application Classes

39. Forensics

40. Monitoring and Troubleshooting

41. CSA MC Event Database

42. Automated Filtering from Directed Links

43. Additional Event Correlation

44. Common Issues

45. NOC Troubleshooting Tools

46. Agent Troubleshooting Tools

47. SQL Troubleshooting

48. Cisco TAC

49. Overview

50. Gathering Information

51. Acceptable Use Policy

52. Security Problems

53. Inventory

54. Determine Goals

55. Determine Scope

56. Determine Conditions

57. Create the CSA Base Policy

58. Deploy Agents in Test Mode

59. Test Applications and Review Logs

60. Convert Agents to Protect Mode

61. Documentation

62. General Deployment Phase: Test Mode

63. Deploy Agents and Monitor Progress Against System Inventory

64. Review Security Policy and Acceptable Use Policies and Build Appropriate Exceptions

65. Test System Patches in Lab

66. Upgrading MC

67. Upgrading Agents

68. System Warnings

69. Network Status

70. Most Active

71. Event Log Changes

72. Group Level Changes

73. Hosts

74. Host Management Tasks

75. Rule Modules

76. Actions

77. New Set Action

78. Hosts Search

79. Rules Search

80. Agent Diagnostics

81. Database Maintenance Information

People also search for (Ebook) Advanced Host Intrusion Prevention with CSA 1st:

advanced intrusion prevention
    
host intrusion prevention system
    
4-1 discussion host-based and network-based firewalls
    
3-1 lab implement a host-based firewall
    
10.1.9 implement intrusion prevention with pfsense
    
zscaler intrusion prevention system

Tags: Chad Sullivan, Jeff Asher, Paul Mauvais, Intrusion, Prevention