Juniper SRX Series. A Comprehensive Guide to Security Services on the SRX Series

Autorzy:: Brad Woodberg, Rob Cameron

Juniper SRX Series. A Comprehensive Guide to Security Services on the SRX Series Brad Woodberg, Rob Cameron - okladka książki

Wydawnictwo:: O'Reilly Media (Z chęcią przeczytam książkę w języku polskim)
Ocena:: Bądź pierwszym, który oceni tę książkę
Stron:: 1020
Dostępne formaty:: ePub

Mobi

Ebook 245,65 zł najniższa cena z 30 dni

~~299,00 zł~~ (-15%)
254,15 zł

Dodaj do koszyka lub Kup na prezent Kup 1-kliknięciem

245,65 zł najniższa cena z 30 dni

Przenieś na półkę

Do przechowalni

Najczęściej kupowane razem

Juniper SRX Series. A Comprehensive Guide to Security Services on the SRX Series Brad Woodberg, Rob Cameron

Junos Security. A Guide to Junos for the SRX Services Gateways and Security Certification Rob Cameron, Brad Woodberg, Patricio Giecco

Hands-On Prescriptive Analytics Walter R. Paczkowski

Cena zestawu: 660.44 zł

Zyskujesz: 116.55 zł (-15%)

Dodaj do koszyka

This complete field guide, authorized by Juniper Networks, is the perfect hands-on reference for deploying, configuring, and operating Juniper’s SRX Series networking device. Authors Brad Woodberg and Rob Cameron provide field-tested best practices for getting the most out of SRX deployments, based on their extensive field experience.

While their earlier book, Junos Security, covered the SRX platform, this book focuses on the SRX Series devices themselves. You'll learn how to use SRX gateways to address an array of network requirements—including IP routing, intrusion detection, attack mitigation, unified threat management, and WAN acceleration. Along with case studies and troubleshooting tips, each chapter provides study questions and lots of useful illustrations.

Explore SRX components, platforms, and various deployment scenarios
Learn best practices for configuring SRX’s core networking features
Leverage SRX system services to attain the best operational state
Deploy SRX in transparent mode to act as a Layer 2 bridge
Configure, troubleshoot, and deploy SRX in a highly available manner
Design and configure an effective security policy in your network
Implement and configure network address translation (NAT) types
Provide security against deep threats with AppSecure, intrusion protection services, and unified threat management tools

Wybrane bestsellery

Ebooka "Juniper SRX Series. A Comprehensive Guide to Security Services on the SRX Series" przeczytasz na:

czytnikach Inkbook, Kindle, Pocketbook, Onyx Boox i innych
systemach Windows, MacOS i innych

systemach Windows, Android, iOS, HarmonyOS
na dowolnych urządzeniach i aplikacjach obsługujących formaty: PDF, EPub, Mobi

Masz pytania? Zajrzyj do zakładki Pomoc »

Audiobooka "Juniper SRX Series. A Comprehensive Guide to Security Services on the SRX Series" posłuchasz:

w aplikacji Ebookpoint na Android, iOS, HarmonyOs
na systemach Windows, MacOS i innych

na dowolonych urządzeniach
i aplikacjach obsługujących format MP3
(pliki spakowane w ZIP)

Masz pytania? Zajrzyj do zakładki Pomoc »

Kurs Video "Juniper SRX Series. A Comprehensive Guide to Security Services on the SRX Series" zobaczysz:

Oceny i opinie klientów: Juniper SRX Series. A Comprehensive Guide to Security Services on the SRX Series Brad Woodberg, Rob Cameron (0)

Szczegóły książki

ISBN Ebooka:: 978-14-493-3904-3, 9781449339043
Data wydania ebooka :: 2013-06-07 Data wydania ebooka często jest dniem wprowadzenia tytułu do sprzedaży i może nie być równoznaczna z datą wydania książki papierowej. Dodatkowe informacje możesz znaleźć w darmowym fragmencie. Jeśli masz wątpliwości skontaktuj się z nami sklep@ebookpoint.pl.
Język publikacji:: angielski
Rozmiar pliku ePub:: 18.7MB
Rozmiar pliku Mobi:: 45.2MB

Zgłoś erratę

Kategorie

Kliknij, aby zgłosić błędnie przypisaną kategorię »

Informatyka » Sieci komputerowe

Spis treści książki

Juniper SRX Series
Foreword
Preface
- How to Use This Book
- Whats in This Book?
- Conventions Used in This Book
- Using Code Examples
- Safari Books Online
- How to Contact Us
- Acknowledgments
1. Welcome to the SRX
- Evolving into the SRX
  - ScreenOS to Junos
    - Inherited ScreenOS features
    - Device management
- The SRX Series Platform
  - Built for Services
- Deployment Solutions
  - Small Branch
  - Medium Branch
  - Large Branch
  - Data Center
  - Data Center Edge
  - Data Center Services Tier
  - Service Provider
  - Mobile Carriers
  - Cloud Networks
  - The Junos Enterprise Services Reference Network
- Summary
- Study Questions
2. SRX Series Product Lines
- Branch SRX Series
  - Branch-Specific Features
  - SRX100 Series
  - SRX200 Series
    - Interface modules for the SRX200 line
  - SRX500 Series
  - SRX600 Series
    - Interface modules for the SRX600 line
  - JunosV Firefly (Virtual Junos)
  - AX411
  - CX111
  - Branch SRX Series Hardware Overview
  - Licensing
  - Branch Summary
- Data Center SRX Series
  - Data Center SRX-Specific Features
  - SPC
  - NPU
  - Data Center SRX Series Session Setup
  - Data Center SRX Series Hardware Overview
  - SRX1000 Series
  - SRX3000 Series
    - IOC modules
  - SRX5000 Series
    - NG-SPC
    - IOC modules
- Summary
- Study Questions
3. SRX GUI Management
- J-Web: Your On-Box Assistant
  - Dashboard
    - Chassis view
    - Informational panels
  - Device Configuration
    - Task wizards
    - Committing the configuration
    - Interfaces
    - Firewall policies
    - Point and click CLI
  - Monitoring Your SRX
    - Interface monitoring
    - Traffic reports
  - Operational Tasks
    - Software management
    - Configuration management
    - Rebooting
    - Disk management
  - Troubleshooting from J-Web
    - Packet capture
    - Network connectivity
- Centralized Management
  - Space: The Final Frontier of Management
    - The Junos Space ecosphere
    - Security Director
    - Firewall policy management
  - Log Management with STRM
    - Reporting with STRM
  - Legacy Security Management
    - Using NSM
- Summary
- Study Questions
4. SRX Networking Basics
- Interfaces
  - Physical Interfaces
  - Management Interfaces
  - Virtual Interfaces
  - Logical Interfaces
  - Switching Configuration
  - Aggregate Interfaces
    - LACP protocol
  - Transparent Interfaces
- Zones
  - Security Zones
  - Functional Zones
- Basic Protocols
  - Static Routing
  - Dynamic Routing Protocols
  - Spanning Tree
- Routing Instances
  - Routing Instance Types
  - Configuring Routing Instances
- Flow Mode and Packet Mode
- Sample Deployment
- Summary
- Study Questions
5. System Services
- System Services Operation on the SRX
  - System Services and the Control Plane
    - System services that operate on the control plane
  - System Services and the Data Plane
  - Accounts for Administrative Users
    - Configuring local users
    - Creating a login class
    - Remote authentication
  - Accessing System Services: Control Plane Versus Data Plane
    - Configuring a stateless firewall filter to control traffic on fxp0
    - Configuring a stateless firewall filter to control all inbound management traffic
    - Configuring a security policy to control data plane management traffic
  - Zone-Based Service Control
    - Configuring system services and protocols per zone or interface
- Management Services
  - Command-Line Interfaces
    - Configuring console options
    - Configuring Telnet access
    - Configuring SSH access
  - Web Management on the SRX
  - Enabling NetConf over SSH
- SNMP Management
  - Configuring SNMP Management
  - Configuring SNMP Traps
  - SNMP in High Availability Chassis Clusters
  - Junos SNMP MIB
- Networking Services
  - Network Time Protocol
    - Manually configuring SRX time
    - Configuring the SRX as an NTP client
    - Configuring the SRX as an NTP server
  - Domain Name System
    - Configuring the SRX as a DNS client
    - Configuring the SRX as a proxy server
  - Dynamic Host Configuration Protocol
    - Configuring the SRX as a DHCP server
    - Configuring the SRX as a DHCP client
    - Configuring the SRX as a DHCP relay server
- SRX Logging and Flow Records
  - Control Plane Versus Data Plane Logs
    - Data plane logs: Event versus Stream mode
    - Configuring control plane logging on the SRX
    - Configuring Stream mode logging on the data plane
    - Syslog format types
    - Configuring Event mode logging to the control plane
  - Tips for Viewing Syslog Messages
  - JFlow on the SRX
- Best Practices
- Troubleshooting and Operation
  - Viewing the System Connection Table
  - Viewing the Services/Counters on the Interface
  - Checking NTP Status
  - Checking SNMP Status
  - DHCP Operational Mode Commands
  - Viewing Security Logs Locally
  - Checking for Core Dumps
  - Restarting Platform Daemons
  - Troubleshooting Individual Daemons
- Summary
- Study Questions
6. Transparent Mode
- Transparent Mode Overview
  - When to Use Transparent Mode
    - Segmenting a Layer 2 domain
    - Complex routing environments
    - Separation of duties
    - Existing transparent mode infrastructure
  - MAC Address Learning
  - Transparent Mode and Bridge Loops, Spanning Tree Protocol
  - Transparent Mode Limitations
  - Transparent Mode Components
    - Interfaces, family bridge, and bridge domains in transparent mode
  - Interface Modes in Transparent Mode
  - Bridge Domains
  - IRB Interfaces
  - Transparent Mode Zones
  - Transparent Mode Security Policy
  - Transparent Mode Specific Options
  - QoS in Transparent Mode
  - VLAN Rewriting
  - High Availability with Transparent Mode
    - Spanning Tree Protocol in transparent mode Layer 2 deployments
  - Transparent Mode Flow Process
    - Slow-path SPU packet processing
    - Fast-path SPU packet processing
    - Session teardown
- Configuring Transparent Mode
  - Configuring Transparent Mode Basics
  - Traditional Switching
  - Configuring Integrated Routing and Bridging
  - Configuring Transparent Mode Security Zones
  - Configuring Transparent Mode Security Policies
  - Configuring Bridging Options
    - Restricting BPDUs to VLANs
  - Configuring Transparent Mode QoS
  - Configuring VLAN Rewriting
- Troubleshooting and Operation
  - The show bridge domain Command
  - The show bridge mac-table Command
  - The show l2-learning global-information Command
  - The show l2-learning global-mac-count Command
  - The show l2-learning interface Command
  - Transparent Mode Troubleshooting Steps
- Sample Deployments
- Summary
- Study Questions
7. High Availability
- Understanding High Availability in the SRX
  - Chassis Cluster
  - The Control Plane
  - The Data Plane
- Getting Started with High Availability
  - Cluster ID
  - Node ID
  - Redundancy Groups
  - Interfaces
- Deployment Concepts
  - Active/passive
  - Active/active
  - Mixed mode
  - Six pack
- Preparing Devices for Deployment
  - Differences from Standalone
  - Activating Juniper Services Redundancy Protocol
  - Managing Cluster Members
  - Configuring the Control Ports
  - Configuring the Fabric Links
  - Configuring the Switching Fabric Interface
  - Node-Specific Information
  - Configuring Heartbeat Timers
  - Redundancy Groups
- Integrating the Cluster into Your Network
  - Configuring Interfaces
- Fault Monitoring
  - Interface Monitoring
  - IP Monitoring
  - Hardware Monitoring
    - Route engine
    - Switch control board
    - Switch fabric board
    - Services Processing Card/Next Generation Services Processing Card
    - Network Processing Card
    - Interface card
    - Control link
    - Data link
    - Control link and data link failure
    - Power supplies
  - Software Monitoring
  - Preserving the Control Plane
- Troubleshooting and Operation
  - First Steps
  - Checking Interfaces
  - Verifying the Data Plane
  - Core Dumps
  - The Dreaded Priority Zero
  - When All Else Fails
  - Manual Failover
- Sample Deployments
- Summary
- Study Questions
8. Security Policies
- Packet Flow
- Security Policy Criteria and Precedence
- Security Policy Precedence
  - Top to Bottom Policy Evaluation
- Security Policy Components in Depth
  - Match Criteria
    - Security zones
      - One interface per zone versus multiple interfaces per zone
      - Configuring security zones
    - Address books
    - Address objects
      - IP prefix address objects
      - Configuring IP prefix address objects
      - DNS address objects
      - Configuring DNS address objects
      - IP range objects
      - Configuring IP range objects
      - Wildcard address objects
      - Configuring wildcard address objects
      - Address sets
      - Configuring address sets
    - Application objects
      - Application sets
      - Configuring applications and application sets
      - Source-Identity
    - Negated source and destination objects
    - Schedulers
      - Configuring schedulers
  - Action Criteria
    - Permit options
    - Configuring security policies
    - Host security policies
      - Configuring a policy to restrict inbound or outbound management requests
  - Application Layer Gateways
    - Enabling an ALG example
- Best Practices
- Troubleshooting and Operation
  - Viewing Security Policies
    - Security policy tools
  - Viewing the Firewall Session Table
    - Sample firewall logs
  - Monitoring Interface Counters
  - Performing a Flow Trace
  - Performing a Packet Capture on SRX Branch
  - Performing a Packet Capture on the High-End SRX
- Sample Deployment
- Summary
- Study Questions
9. Network Address Translation
- The Need for NAT
  - NAT as a Security Component?
- Junos NAT Fundamentals
  - Junos NAT Types
  - NAT Precedence in the Junos Event Chain
    - NAT type precedence
- Junos NAT Components
  - Rulesets
    - Static NAT rulesets
    - Destination NAT rulesets
    - Source NAT rulesets
    - NAT ruleset precedence
      - NAT ruleset precedence example
  - NAT Interfaces, Pools, and Mapping Objects
    - Static NAT transforms
    - Source NAT transforms
      - Interfaces
      - Pools
    - Destination NAT pools
  - NAT Rules
  - NAT and Security Policies
  - Proxy-ARP and Proxy-NDP
    - Configuring Proxy-ARP/NDP
      - When you dont need Proxy-ARP/NDP
- Junos NAT in Practice
  - Static NAT
    - Static NAT one-to-one mapping
    - Static NAT many-to-many mapping
      - Option 1: NAT44/NAT66
      - Option 2: NAT46 Static mapping
      - Option 3: NAT 64 automatic translation
  - Source NAT
    - Source NAT with interfaces
    - Source NAT with pools and interfaces
    - Other SRX source NAT configuration options
  - Destination NAT
    - Configuration destination NAT
  - Combination Source and Destination NAT
  - No-NAT with Source or Destination NAT
- Best Practices
- Troubleshooting and Operation
  - NAT Rule and Usage Counters
  - Viewing the Session Table
  - View NAT Errors
  - View Firewall Logs with NAT
  - Flow Debugging with NAT
    - Source NAT
    - Destination NAT
    - Static NAT
- Sample Deployment
- Summary
- Study Questions
10. IPsec VPN
- VPN Architecture Overview
  - Site-to-Site IPsec VPNs
  - Hub and Spoke IPsec VPNs
  - Full Mesh VPNs
  - Partial Mesh VPNs
  - Remote Access VPNs
- IPsec VPN Concepts Overview
  - IPsec Encryption Algorithms
  - IPsec Authentication Algorithms
  - IKE Version 1 Overview
    - Phase 1 IKE negotiation modes
      - Main mode
      - Aggressive mode
    - Phase 2 IKE negotiation modes
      - Perfect Forward Secrecy
      - Quick mode
      - Proxy ID negotiation
  - IKE Version 2
    - IKEv1 versus IKEv2
  - IPsec VPN Protocol
  - IPsec VPN Mode
  - IPsec Manual Keys
  - IPv6 and IPsec on the SRX
- IKE Negotiations
  - IKE Authentication
    - Preshared key authentication
    - Certificate authentication
  - IKE Identities
- Flow Processing and IPsec VPNs
- SRX VPN Types
  - Policy-Based VPNs
  - Route-Based VPNs
    - Numbered versus unnumbered st0 interfaces
    - Point-to-point versus point-to-multipoint VPNs
    - Special point-to-multipoint attributes
    - Point-to-multipoint NHTB
    - Which should you use: Policy- or route-based VPN?
- Other SRX VPN Components
  - Dead Peer Detection
  - VPN Monitoring
  - XAuth
  - NAT Traversal
  - Anti-Replay Protection
  - Fragmentation
  - Differentiated Services Code Point
  - IKEv1 Key Lifetimes
  - Network Time Protocol
  - Certificate Validation
  - Simple Certificate Enrollment Protocol
  - Group VPN
  - Dynamic VPN
- Selecting the Appropriate VPN Configuration
- IPsec VPN Configuration
  - Configuring NTP
  - Certificate Preconfiguration Tasks
  - Phase 1 IKE Configuration
    - Configuring Phase 1 proposals
      - Configuration for Remote-Office1 proposal with preshared keys
      - Configuration for Remote-Office1 proposal with certificates
    - Configuring IKEv1 Phase 1 policies
      - Configuring IKEv1 Phase 1 IKE policy with preshared key, Main mode
      - Configuring IKEv1 Phase 1 IKE policy with preshared key, Aggressive mode
      - Configuring IKEv1 Phase 1 IKE policy with certificates
    - Configuring IKEv1 Phase 1 gateways
      - Configuring an IKEv1 gateway with static IP address and DPD
    - Configuring dynamic gateways and remote access clients
      - Configuring an IKE gateway with a dynamic IP address
      - Configuring an IKEv1 remote access client
  - Phase 2 IKE Configuration
    - Configuring IKEv1 Phase 2 proposals
      - Configuring an IKEv1 Phase 2 proposal for remote offices and client connections
    - Configuring Phase 2 IPsec policy
      - Configuring an IPsec policy defining the Phase 2 proposal
    - Configuring common IPsec VPN components
      - Configuring a common site-to-site VPN component
  - IKEv1 Versus IKEv2 Configuration
    - Configuring policy-based VPNs
      - Configuring a policy-based VPN for the East Branch to the Central site VPN
    - Configuring route-based VPNs
  - IPsec and SRX HA
    - IPsec termination in HA
    - ISSU for VPN
  - Dynamic VPN
- Best Practices
- Troubleshooting and Operation
  - Useful VPN Commands
    - show security ike security-associations
    - show security ipsec security-associations
    - show security ipsec inactive-tunnels
    - show security ipsec statistics
    - Checking interface statistics
  - VPN Tracing and Debugging
    - VPN troubleshooting process
    - Configuring and analyzing VPN tracing
- Sample Deployments
  - Site-to-Site VPN
  - Remote Access VPN
  - IPsec Caveats on SRX
- Summary
- Study Questions
11. Screens and Flow Options
- A Brief Review of Denial-of-Service Attacks
  - Exploit-Based DoS
  - Flood-Based DoS
  - DoS Versus DDoS
- Screen Theory and Examples
  - How Screens Fit into the Packet Flow
    - Screen Processing only happens on the ingress interface
  - Screens in Hardware and Software
  - Screen Profiles
    - Packet versus threshold Screens
    - Applying Screen profiles to single and multiple zones
    - Configuring a Screen profile
  - DoS Attacks with IP Protocols
    - Bad IP Option Screen
      - Configuring Bad IP Option Screen
    - Block Frag Screen
      - Configuring Block Frag Screen
    - Route Option Screens
      - Configuring Route Option Screens
    - IP Security Option Screen
      - Configuring the IP Security Option Screen
    - IP Spoofing Screen
      - Configuring the IP Spoofing Screen
    - IP Stream Option Screen
      - Configuring the IP Stream Option Screen
    - IP Tear Drop Screen
      - Configuring the IP Tear Drop Screen
    - IP Timestamp Option Screen
      - Configuring the IP Timestamp Option Screen
    - Unknown IP Protocol Screen
      - Configuring the Unknown IP Protocol Screen
  - DoS Attacks with ICMP
    - ICMP Flood Screen
      - Configuring the ICMP Flood Screen
    - ICMP Fragment Screen
      - Configuring the ICMP Fragment Screen
    - ICMP IP Sweep Screen
      - Configuring the ICMP IP Sweep Screen
    - ICMP Large Packet Screen
      - Configuring the ICMP Large Packet Screen
    - ICMP Ping of Death Screen
      - Configuring the ICMP Ping of Death Screen
  - DoS Attacks with UDP
    - UDP Flood Screen
      - Configuring the UDP Flood Screen
    - UDP Sweep Screen
      - Configuring the UDP Sweep Screen
  - DoS Attacks with TCP
    - FIN-No-ACK Screen
      - Configuring the FIN-No-ACK Screen
    - LAND Attack Screen
      - Configuring the LAND Attack Screen
    - TCP Port Scan Screen
      - Configuring the TCP Port Scan Screen
    - SYN-ACK-ACK Proxy Screen
      - Configuring the SYN-ACK-ACK-Proxy Screen
    - SYN-FIN Screen
      - Configuring the SYN-FIN Screen
    - SYN flood/spoofing attacks
      - SYN flood rate limiting
      - Configuring SYN Flood Rate Limiting
      - SYN Spoofing Protection Modes
      - Configuring SYN Cookie/Proxy Protection
    - SYN-Frag Screen
      - Configuring the SYN-Frag Screen
    - TCP No Flags Screen
      - Configuring the TCP No Flags Screen
    - TCP Sweep Screen
      - Configuring the TCP Sweep Screen
    - WinNuke Screen
      - Configuring the WinNuke Screen
  - Session Limit Screens
    - Source IP Session Limit Screen
      - Configuring the Source IP Session Limit Screen
    - Destination IP Session Limit Screen
      - Configuring the Destination IP Session Limit Screen
  - SRX Flow Options
    - Aggressive session aging
      - Configuring the aggressive session ageout flow option
    - TCP sequence checks
      - Configuring TCP sequence checks
    - Configuring TCP sequence checks for RST packets
    - TCP SYN checks
      - Strict SYN checks
      - Configuring the strict SYN check
    - SYN checks in tunnels
    - TCP state timeouts
      - Configuring the TCP initial session timeout and TCP time wait timeout
- Best Practices
- Troubleshooting and Operation
  - Viewing Screen Profile Settings
  - Viewing the Screen Attack Statistics
  - Viewing Flow Exceptions
- Sample Deployment
  - Configuration for Screen and Flow Option Sample Deployment
- Summary
- Study Questions
12. AppSecure Basics
- AppSecure Component Overview
  - Application Identification
  - Application Tracking
  - Application Firewall
  - Application Quality of Service
  - User Role Firewalling
  - SSL Forward Proxy
  - AI Processing Architecture
    - How Application Identification identifies applications
    - Signature-based pattern matching
      - Nested application signatures
      - Keeping honest applications honest
    - Heuristic-based detection
    - Predictive session identification
    - Application system cache
- Deploying AppSecure
  - AppSecure Licensing
  - Downloading and Installing Application Identification Sigpacks
    - Controlling application caching
      - Enabling application identification heuristics
  - AppID Signature Operations
    - Enabling and disabling applications and application groups
    - Creating Layer 3/Layer 4 applications
    - Creating custom application groups
  - Configuring and Deploying AppTrack
    - Enabling AppTrack
    - Configuring AppTrack options
  - Configuring and Deploying Application Firewall
    - Three types of Application Firewall rulesets
      - Configuring a blacklist application ruleset
      - Configuring a whitelist application ruleset
      - Configuring a hybrid application ruleset
      - When to use blacklist, whitelist, and hybrid rulesets
      - Configuring application redirect
  - Configuring and Deploying Application Quality of Service
    - DSCP rewrite
    - Forwarding class
    - Logging
    - Loss priority
    - Rate limiter
    - Configuring an AppQoS example
  - Configuring and Deploying User Role Firewall
    - UserFW functionality overview
    - UserFW packaging and licensing
    - Deploying UserFW
    - Configuring the SRX for UserFW
    - Configuring the IC
      - Configuring the SRX as an IC enforcer
      - Configuring the authentication server
      - Configuring realms, roles, and sign-in policies
    - Miscellaneous Active Directory tasks
  - Configuring and Deploying SSL Forward Proxy
    - Configuring SSL Forward Proxy on the SRX
    - AppFW with encrypted applications
- Best Practices
  - Application Identification
  - AppTrack
  - AppFW
  - AppQoS
  - UserFW
  - SSL FP
- Troubleshooting and Operation
  - Operating Application Identification
    - Checking the AppID package
    - Checking the AppID engine settings and cache
    - Checking AppID counters
    - Checking application statistics
    - AppTrack
  - Operating Application Firewall
  - Operating Application QoS
  - Operating UserFW
  - Operating SSL Forward Proxy
- Sample Deployments
- Summary
- Study Questions
13. Intrusion Prevention
- The Need for IPS
  - What About Application Firewalling in NGFW?
- How Does IPS Work?
  - Licensing
  - IPS and UTM
  - What Is the Difference Between Full IPS and Deep Inspection/IPS Lite?
  - Is It IDP or IPS?
  - False Positives and False Negatives in IPS
  - Management IPS Functionality on the SRX
  - Stages of a System Compromise
  - IPS Packet Processing on the SRX
    - Packet processing path
    - Direction-specific detection
    - SRX deployment options
  - Attack Object Types
    - Application contexts
    - Predefined attack objects and groups
    - Custom attack objects and groups
    - Severities
    - Signature performance impacts
  - IPS Policy Components
    - Rulebases
    - Match criteria
    - Then actions
      - IPS actions
      - Notification actions
      - Packet logging
      - Configuring packet logging in the STRM
      - IP actions
      - Targets and timeouts
    - Terminal Match
  - Security Packages
    - Attack database
    - Attack object updates versus full updates
    - Application objects
    - Detector engines
    - Policy templates
    - Scheduling updates
  - Sensor Attributes
  - SSL Inspection (Reverse Proxy)
  - Custom Attack Groups
    - Static attack groups
    - Dynamic attack groups
- Configuring IPS Features on the SRX
  - Getting Started with IPS on the SRX
    - Getting started example
    - Configuring automatic updates
    - Useful IPS files
    - Viewing IPS attack objects and group membership
    - Configuring static and dynamic attack groups
    - Creating, activating, and referencing IPS
    - Exempt rulebase
      - Enabling GZIP/Deflate Decompression
- Deploying and Tuning IPS
  - First Steps to Deploying IPS
  - Building the Policy
  - Testing Your Policy
    - Leveraging sniffer mode for the deployment
  - Actual Deployment
  - Day-to-Day IPS Management
- Best Practices
- Troubleshooting and Operation
  - Checking IPS Status
  - Checking Security Package Version
  - Troubleshooting and Monitoring Security Package Installation
    - Clearing the download and cache files on the SRX
  - Checking Policy Compilation Status
  - IPS Attack Table
  - IPS Counters
  - IP Action Table
- Sample Deployments
- Summary
- Study Questions
14. Unified Threat Management
- Shifting Threats
- UTM, IPS, or Both?
  - Antivirus
  - URL Filtering
  - Antispam
  - Content Filtering
  - Antivirus + URL Filtering+ IPS?
  - I Have SRX Antivirus: Do I Need Desktop Antivirus?
- UTM Licensing
  - Configuring Licensing
- UTM Components
  - Feature Profiles
  - Custom Objects
  - UTM Policies
  - Application Proxy
  - Networking Requirements for UTM Features
  - Antivirus
    - Antivirus flavors in the SRX
    - Sophos AV
      - Implementing Sophos AV
      - Configuring Sophos with a default profile
      - Default profile configuration
      - Sophos AV feature profiles
      - Configuring Sophos feature profile example
    - Kaspersky Full AV
      - Configuring Kaspersky with the default profile
      - Default Kaspersky profile configuration
      - Configuring Kaspersky AV scanning and fallback options
    - Express AV
      - Default Express AV profile
  - Which AV to Choose?
  - URL Filtering
    - URL filtering flavors
      - Configuring the URL filtering with default profiles
    - Websense Enhanced filtering
      - Configuring Websense Enhanced default profile
      - Default Websense Enhanced profile
      - Configuring a custom Websense Enhanced profile
    - Surfcontrol/Websense Integrated URL filtering
      - Configuring Surfcontrol Integrated with default profile
      - Default Surfcontrol/Websense profile configuration
      - Configuring Surfcontrol/Websense Integrated options
    - Websense Redirect
      - Configuring Websense Redirect
      - Default Websense Redirect profile
      - Default local URL filtering profile
    - URL Custom URLs, blacklists, whitelists, and categories
      - Custom URL patterns
      - Custom URL category
    - URL filtering profiles
      - Juniper Local feature profile options
      - Putting it all together for Juniper Local web filtering
    - Which URL filtering solution to choose?
  - Antispam
    - Configuration options for antispam
    - Configuring antispam with the default profile
    - Configuring a custom spam profile and policy
  - Content Filtering
    - Configuring content filtering example
  - Logging UTM Messages
    - Configuring syslog to send UTM to a remote server
- Best Practices
- Troubleshooting and Operation
  - UTM Engine
  - Antivirus
    - Testing antivirus
  - URL Filtering
    - Websense site lookup tool
  - Antispam
  - Content Filtering
- Sample Deployments
- Summary
- Study Questions
Index
About the Authors
Colophon
Copyright

pokaż cały spis treści

O'Reilly Media - inne książki

Nowość Promocja

Business decisions in any context—operational, tactical, or strategic—can have considerable consequences. Whether the outcome is positive and rewarding or negative and damaging to the business, its employees, and stakeholders is unknown when action is approved. These decisions are usually made under the proverbial cloud of uncertainty.With this pra
- ePub + Mobi
Hands-On Prescriptive Analytics

Walter R. Paczkowski

(186,15 zł najniższa cena z 30 dni)

194.65 zł ~~228.99 zł (-15%)~~
Nowość Promocja

If you're a developer looking to build a distributed, resilient, scalable, high-performance application, you may be evaluating distributed SQL and NoSQL solutions. Perhaps you're considering the Aerospike database.This practical book shows developers, architects, and engineers how to get the highly scalable and extremely low-latency Aerospike datab
- ePub + Mobi
Aerospike: Up and Running. Developing on a Modern Operational Database for Globally Distributed Apps

V. Srinivasan, Tim Faulkes, Albert Autin

(228,65 zł najniższa cena z 30 dni)

254.15 zł ~~299.00 zł (-15%)~~
Nowość Promocja

Reinforcement learning (RL) has led to several breakthroughs in AI. The use of the Q-learning (DQL) algorithm alone has helped people develop agents that play arcade games and board games at a superhuman level. More recently, RL, DQL, and similar methods have gained popularity in publications related to financial research.This book is among the fir
- ePub + Mobi
Reinforcement Learning for Finance

Yves J. Hilpisch

(220,15 zł najniższa cena z 30 dni)

228.65 zł ~~269.00 zł (-15%)~~
Nowość Promocja

Learn how to use Go's strengths to develop services that are scalable and resilient even in an unpredictable environment. With this book's expanded second edition, Go developers will explore the composition and construction of cloud native applications, from lower-level Go features and mid-level patterns to high-level architectural considerations.E
- ePub + Mobi
Cloud Native Go. 2nd Edition

Matthew A. Titmus

(220,15 zł najniższa cena z 30 dni)

228.65 zł ~~269.00 zł (-15%)~~
Promocja

To ensure that applications are reliable and always available, more businesses today are moving applications to AWS. But many companies still struggle to design and build these cloud applications effectively, thinking that because the cloud is resilient, their applications will be too. With this practical guide, software, DevOps, and cloud engineer
- ePub + Mobi
Engineering Resilient Systems on AWS

Kevin Schwarz, Jennifer Moran, Nate Bachmeier

(220,15 zł najniższa cena z 30 dni)

228.65 zł ~~269.00 zł (-15%)~~
Promocja

Performance tuning is an experimental science, but that doesn't mean engineers should resort to guesswork and folklore to get the job done. Yet that's often the case. With this practical book, intermediate to advanced Java technologists working with complex platforms will learn how to tune Java cloud applications for performance using a quantitativ
- ePub + Mobi
Optimizing Cloud Native Java. 2nd Edition

Benjamin J. Evans, James Gough

(220,15 zł najniższa cena z 30 dni)

228.65 zł ~~269.00 zł (-15%)~~
Promocja

Today, investment in financial technology and digital transformation is reshaping the financial landscape and generating many opportunities. Too often, however, engineers and professionals in financial institutions lack a practical and comprehensive understanding of the concepts, problems, techniques, and technologies necessary to build a modern, r
- ePub + Mobi
Financial Data Engineering

Tamer Khraisha

(220,15 zł najniższa cena z 30 dni)

228.65 zł ~~269.00 zł (-15%)~~
Promocja

Until recently, infrastructure was the backbone of organizations operating software they developed in-house. But now that cloud vendors run the computers, companies can finally bring the benefits of agile custom-centricity to their own developers. Adding product management to infrastructure organizations is now all the rage.But how's that possible
- ePub + Mobi
Platform Engineering

Camille Fournier, Ian Nowland

(186,15 zł najniższa cena z 30 dni)

194.65 zł ~~228.99 zł (-15%)~~
Promocja

Cloud services and SaaS software permeate every company's IT landscape, requiring a shift from manually provisioned services to a more structured approach, with codification at its core. Terraform provides tools to manage the lifecycle of your IT landscape across thousands of different cloud providers and SaaS platforms.By defining your infrastruct
- ePub + Mobi
Terraform Cookbook

Kerim Satirli, Taylor Dolezal

(194,65 zł najniższa cena z 30 dni)

211.65 zł ~~249.00 zł (-15%)~~
Promocja

Using machine learning for products, services, and critical business processes is quite different from using ML in an academic or research setting—especially for recent ML graduates and those moving from research to a commercial environment. Whether you currently work to create products and services that use ML, or would like to in the future, this
- ePub + Mobi
Machine Learning Production Systems

Robert Crowe, Hannes Hapke, Emily Caveness

(245,65 zł najniższa cena z 30 dni)

254.15 zł ~~299.00 zł (-15%)~~

Zamknij

Juniper SRX Series. A Comprehensive Guide to Security Services on the SRX Series

Ebook 245,65 zł najniższa cena z 30 dni

Najczęściej kupowane razem

Opis książki : Juniper SRX Series. A Comprehensive Guide to Security Services on the SRX Series

Wybrane bestsellery

Junos Security. A Guide to Junos for the SRX Services Gateways and Security Certification

CI/CD Design Patterns. Design and implement CI/CD using proven design patterns

Microsoft Certified Azure Data Fundamentals (DP-900) Exam Guide. Build a solid foundation in Azure data services and pass the DP-900 exam on your first try

Microsoft Identity and Access Administrator SC-300 Exam Guide. Pass the SC-300 exam with confidence by using exam-focused resources - Second Edition

The Kubernetes Bible. The definitive guide to deploying and managing Kubernetes across cloud and on-prem environments - Second Edition

Data Communication and Networking

Zabbix 7 IT Infrastructure Monitoring Cookbook. Explore the new features of Zabbix 7 for designing, building, and maintaining your Zabbix setup - Third Edition

Edge Computing Simplified. Explore all aspects of edge computing for business leaders and technologists

HashiCorp Terraform Associate (003) Exam Guide. Prepare to pass the Terraform Associate exam on your first attempt

Network Automation with Nautobot. Adopt a network source of truth and a data-driven approach to networking

Head First. Python. Легкий для сприйняття довідник

Ebooka "Juniper SRX Series. A Comprehensive Guide to Security Services on the SRX Series" przeczytasz na:

Audiobooka "Juniper SRX Series. A Comprehensive Guide to Security Services on the SRX Series" posłuchasz:

Kurs Video "Juniper SRX Series. A Comprehensive Guide to Security Services on the SRX Series" zobaczysz:

Oceny i opinie klientów: Juniper SRX Series. A Comprehensive Guide to Security Services on the SRX Series Brad Woodberg, Rob Cameron (0)

Szczegóły książki

Kategorie

Spis treści książki

O'Reilly Media - inne książki

Hands-On Prescriptive Analytics

Aerospike: Up and Running. Developing on a Modern Operational Database for Globally Distributed Apps

Reinforcement Learning for Finance

Cloud Native Go. 2nd Edition

Engineering Resilient Systems on AWS

Optimizing Cloud Native Java. 2nd Edition

Financial Data Engineering

Platform Engineering

Terraform Cookbook

Machine Learning Production Systems

Przenieś na półkę

Dodano produkt na półkę

Usunięto produkt z półki

Przeniesiono produkt do archiwum

Przeniesiono produkt do biblioteki

Juniper SRX Series. A Comprehensive Guide to Security Services on the SRX Series

Ebook 245,65 zł najniższa cena z 30 dni

Najczęściej kupowane razem

Opis książki : Juniper SRX Series. A Comprehensive Guide to Security Services on the SRX Series

Wybrane bestsellery

Ebooka "Juniper SRX Series. A Comprehensive Guide to Security Services on the SRX Series" przeczytasz na:

Audiobooka "Juniper SRX Series. A Comprehensive Guide to Security Services on the SRX Series" posłuchasz:

Kurs Video "Juniper SRX Series. A Comprehensive Guide to Security Services on the SRX Series" zobaczysz:

Oceny i opinie klientów: Juniper SRX Series. A Comprehensive Guide to Security Services on the SRX Series Brad Woodberg, Rob Cameron (0) Weryfikacja opinii następuje na podstawie historii zamowień na koncie Użytkownika umiejszczającego opinię.

Szczegóły książki

Kategorie

Spis treści książki

O'Reilly Media - inne książki

Poinformuj mnie

Twoje uwagi do kursu

Przenieś na półkę

Dodano produkt na półkę

Usunięto produkt z półki

Przeniesiono produkt do archiwum

Przeniesiono produkt do biblioteki

Wybierz metodę płatności

Oceny i opinie klientów: Juniper SRX Series. A Comprehensive Guide to Security Services on the SRX Series Brad Woodberg, Rob Cameron (0)