11384| 125
|
[安全Sec] 上下册两本 一份非常好的ASA动手培训学习教材 思科ASA防火墙实操手册 |
全程图文并茂,不仅可以当做学习的教材更可以当做是实验手册来学习,非常不错,分享给大家。
目录: 一 测试拓扑图................................................................................................................................5 二基础部分....................................................................................................................................6 1 Image从7.x 升级到8.x / ASDM 5.x升级到6.x............................................................6 2 通过ASDM 登陆设备(10.1.X.0/24)............................................................................8 3 syslog..................................................................................................................................18 4 通过telnet/ssh 访问ASA...............................................................................................22 4.1 telnet........................................................................................................................22 4.2 ssh............................................................................................................................24 5 设置ASA接口..................................................................................................................29 6 设置静态路由....................................................................................................................37 7 设置NAT...........................................................................................................................38 7.1设置PAT.................................................................................................................38 7.2静态NAT.................................................................................................................41 8 定义安全策略....................................................................................................................44 9 透明模式............................................................................................................................45 9.1 设置透明模式.........................................................................................................45 9.2 透明模式下的NAT................................................................................................47 Pool 中的IP为211.101.2. X( 请参考 POD ID)....................................................47 10 Dynamic Threat-detection 动态威胁检测(三大特性).........................................49 10.1 basic threat detection..........................................................................................49 10.2 scanning threat detection................................................................................49 10.3 scanning threat statistics.................................................................................49 10 应用层协议检测............................................................................................................55 10.1 过滤long URL....................................................................................................55 10.2 通过QOS对应用进行限速................................................................................61 10.3 对应用程序命令进行过滤...................................................................................65 11 对HTTP进行应用过滤..................................................................................................68 11.1 Filtering Java Applets .........................................................................................68 11.2 filter activeX..........................................................................................................72 11.4 基于表达式过滤URL..........................................................................................73 三高级部分..................................................................................................................................87 1 ssl/vpn.................................................................................................................................87 1.1 Cisco AnyConnect.......................................................................................... 110 1.2 clienless vpn......................................................................................................87 1.3 thin-client(port-forwarding) vpn ....................................................................105 2 安全桌面.......................................................................................................................... 110 3 主机扫描..........................................................................................................................137 四AIP-SSM 模块测试..............................................................................................................141 1 准备 HTTPS 的登陆...................................................................................................141 2设置AIP-SSM 的promiscous 模式.............................................................................148 2.1 设置AIP-SSM 的promiscous 模式.................................................................148 2.2定义AIP-SSM 和ASA5500的联动..................................................................152 3 ASA AIP 模块Inline 模式.............................................................................................156 3.1牵引流量................................................................................................................156 对Signature 6202 进行行为控制...............................................................................159 4自定义策略和签名.........................................................................................................160 5异常流量检测功能...........................................................................................................164 6 OS 水印识别功能...........................................................................................................167 7 Capturing 即时流量........................................................................................................167 8 SNMP and Syslog...........................................................................................................168 8.1 SNMP....................................................................................................................168 8.2 Syslog....................................................................................................................170 五MARS.....................................................................................................................................171 六选作部分................................................................................................................................193 1 High-Availability...............................................................................................................194 1.1 active/standby ......................................................................................................194 1.2 active/active..........................................................................................................196 2 multi-context 模式(选做)...........................................................................................201
购买主题
已有 5 人购买
本主题需向作者支付 6 金币 才能浏览
| |
发表于 2014-4-24 11:16:13
|
显示全部楼层
| ||
发表于 2014-9-16 06:21:12
|
显示全部楼层
| ||
发表于 2014-9-16 06:21:56
|
显示全部楼层
| ||
发表于 2014-9-18 23:12:01
|
显示全部楼层
| ||
发表于 2014-9-19 19:38:44
|
显示全部楼层
| ||
发表于 2014-9-22 08:08:21
|
显示全部楼层
| |
发表于 2014-9-27 16:49:02
|
显示全部楼层
| ||
发表于 2014-9-27 21:24:08
|
显示全部楼层
| ||