Introduction.
1. All About the Cisco Certified Security Professional.
How This Book Can Help You Pass the CCSP Cisco Secure VPN Exam.
Overview of CCSP Certification and Required Exams. The Cisco Secure
VPN Exam. Topics on the Cisco Secure VPN Exam. Recommended Training
Path for the CCSP Certification. Using This Book to Pass the Exam.
Final Exam Preparation Tips.
2. Overview of VPN and IPSec Technologies.
How to Best Use This Chapter. “Do I Know This Already?” Quiz. Cisco
VPN Product Line. Enabling VPN Applications Through Cisco Products.
An Overview of IPSec Protocols. Establishing VPNs with IPSec. Table
of Protocols Used with IPSec. IPSec Preconfiguration Processes.
Creating VPNs with IPSec.
3. Cisco VPN 3000 Concentrator Series Hardware Overview.
How to Best Use This Chapter. “Do I Know This Already?” Quiz. Major
Advantages of Cisco VPN 3000 Series Concentrators. Cisco Secure VPN
Concentrators: Comparison and Features. Cisco Secure VPN Client
Features. Table of Cisco VPN 3000 Concentrators. Table of Cisco VPN
3000 Concentrator Capabilities.
4. Configuring Cisco VPN 3000 for Remote Access Using
Preshared Keys.
How to Best Use This Chapter. “Do I Know This Already?” Quiz. Using
VPNs for Remote Access with Preshared Keys. VPN Concentrator
Configuration. Installing and Configuring the VPN Client. Types of
Preshared Keys. VPN 3000 Concentrator CLI Quick Configuration
Steps. VPN 3000 Concentrator Browser-Based Manager Quick
Configuration Steps. VPN Client Installation Steps. VPN Client
Configuration Steps. VPN Client Program Options. Limits for Number
of Groups and Users. Complete Configuration Table of Contents.
Complete Administration Table of Contents. Complete Monitoring
Table of Contents. Scenario 4-1. Scenario 4-2. Scenario 4-1
Answers. Scenario 4-2 Answers.
5. Configuring Cisco VPN 3000 for Remote Access Using Digital
Certificates.
How to Best Use This Chapter. “Do I Know This Already?” Quiz.
Digital Certificates and Certificate Authorities. Digital
Certificate Support Through the VPN 3000 Concentrator Series
Manager. Configuring the VPN Client for CA Support. PKCS #10
Certificate Request Fields. X.509 Identity Certificate Fields.
Types of Digital Certificates. Types of CA Organization.
Certificate Validation and Authentication Process. Internet-Based
Certificate Authorities. Certificate Management Applications.
Scenario 5-1. Scenario 5-2. Scenario 5-1 Answers. Scenario 5-2
Answers.
6. Configuring the Cisco VPN Client Firewall Feature.
How to Best Use This Chapter. “Do I Know This Already?” Quiz. Cisco
VPN Client Firewall Feature Overview. Firewall Configuration
Overview. Configuring Firewall Filter Rules. Configuring the
Stateful Firewall. Configuring the VPN Concentrator for Firewall
Usage. Monitoring VPN Client Firewall Statistics. Enabling
Automatic Client Update Through the Cisco VPN 3000 Concentrator
Series Manager. Cisco VPN Client Firewall Feature Overview.
Stateful Firewall (Always On) Feature. Cisco Integrated Client.
Centralized Protection Policy. Are You There Feature. Configuring
Firewall Filter Rules. Action. Configuring the Stateful Firewall.
Configuring the VPN Concentrator for Firewall Usage. Firewall.
Firewall Policy. Monitoring VPN Client Firewall Statistics.
Scenario 6-1. Scenario 6-1 Answers.
7. Monitoring and Administering the VPN 3000 Series
Concentrator.
How Best to Use This Chapter. “Do I Know This Already?” Quiz.
Administering the Cisco VPN 3000 Series Concentrator. Monitoring
the Cisco VPN 3000 Series Concentrator. Administering the Cisco VPN
3000 Series Concentrator. Administer Sessions. Software Update.
System Reboot. Ping. Monitoring Refresh. Access Rights.
Administrators. Access Control List. Access Settings. AAA Servers.
Authentication. File Management. Certificate Manager. Monitoring
the Cisco VPN 3000 Series Concentrator. System Status. Sessions.
Top Ten Lists. Statistics. MIB II Statistics.
8. Configuring Cisco 3002 Hardware Client for Remote
Access.
How to Best Use This Chapter. “Do I Know This Already?” Quiz.
Configure Preshared Keys. Unit and User Authentication for the VPN
3002 Hardware Client. Configure Preshared Keys. Troubleshooting
IPSec. Client and LAN Extension Modes. Split Tunnel. Configuring
Individual User Authentication on the VPN 3000 Concentrator.
Scenario 8-1. Scenario 8-2. Scenario 8-1 Answers. Scenario 8-2
Answers.
9. Configuring Scalability Features of the VPN 3002 Hardware
Client.
How to Best Use This Chapter. “Do I Know This Already?” Quiz. VPN
3002 Hardware Client Reverse Route Injection. VPN 3002 Hardware
Client Backup Servers. VPN 3002 Hardware Client Load Balancing.
Overview of Port Address Translation. IPSec on the VPN 3002
Hardware Client. Configuring Auto-Update for the VPN 3002 Hardware
Client. Monitoring Auto-Update Events. Table of RRI Configurations.
Backup Servers. Load Balancing. Comparing NAT and PAT. IPSec Over
TCP/IP. IPSec Over UDP. Troubleshooting IPSec. Auto-Update.
Scenario 9-1. Scenario 9-1 Answers.
10. Cisco VPN 3000 LAN-to-LAN with Preshared Keys.
How to Best Use This Chapter. “Do I Know This Already?” Quiz.
Overview of LAN-to-LAN VPN. LAN-to-LAN Configuration. SCEP
Overview. Maximum Certificates. Enrollment Variables.
11. Scenarios.
Example Corporation. Site Descriptions. Scenario 11-1The Basics.
Scenario 11-2Portland. Scenario 11-3Seattle. Scenario 11-4Memphis.
Scenario 11-5Richmond. Scenario 11-6Terry and Carol. Scenario 11-1
Answers. Scenario 11-2 Answers. Scenario 11-3 Answers. Scenario
11-4 Answers. Scenario 11-5 Answers. Scenario 11-6 Answers.
Appendix A. Answers to the “Do I Know This Already?” Quizzes and
Q&A Sections.
Index.
As security demands continue to increase for enterprise and service provider networks, the number of employees working from remote locations requiring an efficient and rapid virtual private network connection grows as well. The Cisco Secure line of products and services are focused on providing the seamless operation of these remote networks with the maximum level of security available. Organizations using this suite of products and services need networking professionals with proven skills at getting the highest levels of both security and network operability. This need has created a booming demand for the Cisco Systems security certifications that verify those skills and abilities. The CSVPN exam is one of the components of the Cisco Systems security designation. CSS-1 Cisco Secure VPN Exam Certification Guide provides CSVPN exam candidates with a comprehensive preparation tool for testing success. With pre- and post-chapter tests, a CD-ROM-based testing engine with more than 200 questions, and comprehensive training on all exam topics, this title brings the proven exam preparation tools from the popular Cisco Press Exam Certification Guide series to the CSVPN candidate.
John F. Roland, CCNP(r), CCDP(r), CSS-1, MCSE, is a security specialist working for Ajilon Consulting. John has worked in the IT field for more than 22 years, from COBOL programming on IBM mainframes, LAN/WAN design and implementation on U.S. military networks, and, more recently, to the development of Cisco and Microsoft certification training materials.
Mark J. Newcomb, CCNP, CCDP, is the owner and lead security engineer for Secure Networks in Spokane, Washington. Mark has more than 20 years of experience in the networking industry. The last six years have been devoted to designing security solutions for a wide variety of clients throughout the Pacific Northwest. He is the co-author of Cisco Secure Internet Security Solutions by Cisco Press, as well as two other networking books.
Ask a Question About this Product More... |