Juniper SRX Series. A Comprehensive Guide to Security Services on the SRX Series Brad Woodberg, Rob Cameron

Juniper SRX Series. A Comprehensive Guide to Security Services on the SRX Series Brad Woodberg, Rob Cameron - okladka książki

Autorzy:: Brad Woodberg, Rob Cameron
Wydawnictwo:: O'Reilly Media (Z chęcią przeczytam książkę w języku polskim)
Ocena:: Bądź pierwszym, który oceni tę książkę
Stron:: 1020
Dostępne formaty:: ePub

Mobi

Ebook

228,65 zł ~~269,00 zł~~ (-15%)

29,90 zł najniższa cena z 30 dni

Dodaj do koszyka lub Kup na prezent Kup 1-kliknięciem

Poleć tę książkę znajomemu Poleć tę książkę znajomemu!!

Przenieś na półkę

Do przechowalni

Zostało Ci na świąteczne zamówienie

opcje wysyłki »

This complete field guide, authorized by Juniper Networks, is the perfect hands-on reference for deploying, configuring, and operating Juniper’s SRX Series networking device. Authors Brad Woodberg and Rob Cameron provide field-tested best practices for getting the most out of SRX deployments, based on their extensive field experience.

While their earlier book, Junos Security, covered the SRX platform, this book focuses on the SRX Series devices themselves. You'll learn how to use SRX gateways to address an array of network requirements—including IP routing, intrusion detection, attack mitigation, unified threat management, and WAN acceleration. Along with case studies and troubleshooting tips, each chapter provides study questions and lots of useful illustrations.

Explore SRX components, platforms, and various deployment scenarios
Learn best practices for configuring SRX’s core networking features
Leverage SRX system services to attain the best operational state
Deploy SRX in transparent mode to act as a Layer 2 bridge
Configure, troubleshoot, and deploy SRX in a highly available manner
Design and configure an effective security policy in your network
Implement and configure network address translation (NAT) types
Provide security against deep threats with AppSecure, intrusion protection services, and unified threat management tools

Wybrane bestsellery

Ebooka "Juniper SRX Series. A Comprehensive Guide to Security Services on the SRX Series" przeczytasz na:

czytnikach Inkbook, Kindle, Pocketbook, Onyx Boox i innych
systemach Windows, MacOS i innych

systemach Windows, Android, iOS, HarmonyOS
na dowolnych urządzeniach i aplikacjach obsługujących formaty: PDF, EPub, Mobi

Masz pytania? Zajrzyj do zakładki Pomoc »

Oceny i opinie klientów: Juniper SRX Series. A Comprehensive Guide to Security Services on the SRX Series Brad Woodberg, Rob Cameron

(0)

Szczegóły książki

ISBN Ebooka:: 978-14-493-3904-3, 9781449339043
Data wydania ebooka :: 2013-06-07 Data wydania ebooka często jest dniem wprowadzenia tytułu do sprzedaży i może nie być równoznaczna z datą wydania książki papierowej. Dodatkowe informacje możesz znaleźć w darmowym fragmencie. Jeśli masz wątpliwości skontaktuj się z nami sklep@ebookpoint.pl.
Język publikacji:: angielski
Rozmiar pliku ePub:: 18.7MB
Rozmiar pliku Mobi:: 45.2MB

Zgłoś erratę

Kategorie

Kliknij, aby zgłosić błędnie przypisaną kategorię »

Informatyka » Sieci komputerowe

Dostępność produktu

Produkt nie został jeszcze oceniony pod kątem ułatwień dostępu lub nie podano żadnych informacji o ułatwieniach dostępu lub są one niewystarczające. Prawdopodobnie Wydawca/Dostawca jeszcze nie umożliwił dokonania walidacji produktu lub nie przekazał odpowiednich informacji na temat jego dostępności.

Spis treści książki

Juniper SRX Series
Foreword
Preface
- How to Use This Book
- Whats in This Book?
- Conventions Used in This Book
- Using Code Examples
- Safari Books Online
- How to Contact Us
- Acknowledgments
1. Welcome to the SRX
- Evolving into the SRX
  - ScreenOS to Junos
    - Inherited ScreenOS features
    - Device management
- The SRX Series Platform
  - Built for Services
- Deployment Solutions
  - Small Branch
  - Medium Branch
  - Large Branch
  - Data Center
  - Data Center Edge
  - Data Center Services Tier
  - Service Provider
  - Mobile Carriers
  - Cloud Networks
  - The Junos Enterprise Services Reference Network
- Summary
- Study Questions
2. SRX Series Product Lines
- Branch SRX Series
  - Branch-Specific Features
  - SRX100 Series
  - SRX200 Series
    - Interface modules for the SRX200 line
  - SRX500 Series
  - SRX600 Series
    - Interface modules for the SRX600 line
  - JunosV Firefly (Virtual Junos)
  - AX411
  - CX111
  - Branch SRX Series Hardware Overview
  - Licensing
  - Branch Summary
- Data Center SRX Series
  - Data Center SRX-Specific Features
  - SPC
  - NPU
  - Data Center SRX Series Session Setup
  - Data Center SRX Series Hardware Overview
  - SRX1000 Series
  - SRX3000 Series
    - IOC modules
  - SRX5000 Series
    - NG-SPC
    - IOC modules
- Summary
- Study Questions
3. SRX GUI Management
- J-Web: Your On-Box Assistant
  - Dashboard
    - Chassis view
    - Informational panels
  - Device Configuration
    - Task wizards
    - Committing the configuration
    - Interfaces
    - Firewall policies
    - Point and click CLI
  - Monitoring Your SRX
    - Interface monitoring
    - Traffic reports
  - Operational Tasks
    - Software management
    - Configuration management
    - Rebooting
    - Disk management
  - Troubleshooting from J-Web
    - Packet capture
    - Network connectivity
- Centralized Management
  - Space: The Final Frontier of Management
    - The Junos Space ecosphere
    - Security Director
    - Firewall policy management
  - Log Management with STRM
    - Reporting with STRM
  - Legacy Security Management
    - Using NSM
- Summary
- Study Questions
4. SRX Networking Basics
- Interfaces
  - Physical Interfaces
  - Management Interfaces
  - Virtual Interfaces
  - Logical Interfaces
  - Switching Configuration
  - Aggregate Interfaces
    - LACP protocol
  - Transparent Interfaces
- Zones
  - Security Zones
  - Functional Zones
- Basic Protocols
  - Static Routing
  - Dynamic Routing Protocols
  - Spanning Tree
- Routing Instances
  - Routing Instance Types
  - Configuring Routing Instances
- Flow Mode and Packet Mode
- Sample Deployment
- Summary
- Study Questions
5. System Services
- System Services Operation on the SRX
  - System Services and the Control Plane
    - System services that operate on the control plane
  - System Services and the Data Plane
  - Accounts for Administrative Users
    - Configuring local users
    - Creating a login class
    - Remote authentication
  - Accessing System Services: Control Plane Versus Data Plane
    - Configuring a stateless firewall filter to control traffic on fxp0
    - Configuring a stateless firewall filter to control all inbound management traffic
    - Configuring a security policy to control data plane management traffic
  - Zone-Based Service Control
    - Configuring system services and protocols per zone or interface
- Management Services
  - Command-Line Interfaces
    - Configuring console options
    - Configuring Telnet access
    - Configuring SSH access
  - Web Management on the SRX
  - Enabling NetConf over SSH
- SNMP Management
  - Configuring SNMP Management
  - Configuring SNMP Traps
  - SNMP in High Availability Chassis Clusters
  - Junos SNMP MIB
- Networking Services
  - Network Time Protocol
    - Manually configuring SRX time
    - Configuring the SRX as an NTP client
    - Configuring the SRX as an NTP server
  - Domain Name System
    - Configuring the SRX as a DNS client
    - Configuring the SRX as a proxy server
  - Dynamic Host Configuration Protocol
    - Configuring the SRX as a DHCP server
    - Configuring the SRX as a DHCP client
    - Configuring the SRX as a DHCP relay server
- SRX Logging and Flow Records
  - Control Plane Versus Data Plane Logs
    - Data plane logs: Event versus Stream mode
    - Configuring control plane logging on the SRX
    - Configuring Stream mode logging on the data plane
    - Syslog format types
    - Configuring Event mode logging to the control plane
  - Tips for Viewing Syslog Messages
  - JFlow on the SRX
- Best Practices
- Troubleshooting and Operation
  - Viewing the System Connection Table
  - Viewing the Services/Counters on the Interface
  - Checking NTP Status
  - Checking SNMP Status
  - DHCP Operational Mode Commands
  - Viewing Security Logs Locally
  - Checking for Core Dumps
  - Restarting Platform Daemons
  - Troubleshooting Individual Daemons
- Summary
- Study Questions
6. Transparent Mode
- Transparent Mode Overview
  - When to Use Transparent Mode
    - Segmenting a Layer 2 domain
    - Complex routing environments
    - Separation of duties
    - Existing transparent mode infrastructure
  - MAC Address Learning
  - Transparent Mode and Bridge Loops, Spanning Tree Protocol
  - Transparent Mode Limitations
  - Transparent Mode Components
    - Interfaces, family bridge, and bridge domains in transparent mode
  - Interface Modes in Transparent Mode
  - Bridge Domains
  - IRB Interfaces
  - Transparent Mode Zones
  - Transparent Mode Security Policy
  - Transparent Mode Specific Options
  - QoS in Transparent Mode
  - VLAN Rewriting
  - High Availability with Transparent Mode
    - Spanning Tree Protocol in transparent mode Layer 2 deployments
  - Transparent Mode Flow Process
    - Slow-path SPU packet processing
    - Fast-path SPU packet processing
    - Session teardown
- Configuring Transparent Mode
  - Configuring Transparent Mode Basics
  - Traditional Switching
  - Configuring Integrated Routing and Bridging
  - Configuring Transparent Mode Security Zones
  - Configuring Transparent Mode Security Policies
  - Configuring Bridging Options
    - Restricting BPDUs to VLANs
  - Configuring Transparent Mode QoS
  - Configuring VLAN Rewriting
- Troubleshooting and Operation
  - The show bridge domain Command
  - The show bridge mac-table Command
  - The show l2-learning global-information Command
  - The show l2-learning global-mac-count Command
  - The show l2-learning interface Command
  - Transparent Mode Troubleshooting Steps
- Sample Deployments
- Summary
- Study Questions
7. High Availability
- Understanding High Availability in the SRX
  - Chassis Cluster
  - The Control Plane
  - The Data Plane
- Getting Started with High Availability
  - Cluster ID
  - Node ID
  - Redundancy Groups
  - Interfaces
- Deployment Concepts
  - Active/passive
  - Active/active
  - Mixed mode
  - Six pack
- Preparing Devices for Deployment
  - Differences from Standalone
  - Activating Juniper Services Redundancy Protocol
  - Managing Cluster Members
  - Configuring the Control Ports
  - Configuring the Fabric Links
  - Configuring the Switching Fabric Interface
  - Node-Specific Information
  - Configuring Heartbeat Timers
  - Redundancy Groups
- Integrating the Cluster into Your Network
  - Configuring Interfaces
- Fault Monitoring
  - Interface Monitoring
  - IP Monitoring
  - Hardware Monitoring
    - Route engine
    - Switch control board
    - Switch fabric board
    - Services Processing Card/Next Generation Services Processing Card
    - Network Processing Card
    - Interface card
    - Control link
    - Data link
    - Control link and data link failure
    - Power supplies
  - Software Monitoring
  - Preserving the Control Plane
- Troubleshooting and Operation
  - First Steps
  - Checking Interfaces
  - Verifying the Data Plane
  - Core Dumps
  - The Dreaded Priority Zero
  - When All Else Fails
  - Manual Failover
- Sample Deployments
- Summary
- Study Questions
8. Security Policies
- Packet Flow
- Security Policy Criteria and Precedence
- Security Policy Precedence
  - Top to Bottom Policy Evaluation
- Security Policy Components in Depth
  - Match Criteria
    - Security zones
      - One interface per zone versus multiple interfaces per zone
      - Configuring security zones
    - Address books
    - Address objects
      - IP prefix address objects
      - Configuring IP prefix address objects
      - DNS address objects
      - Configuring DNS address objects
      - IP range objects
      - Configuring IP range objects
      - Wildcard address objects
      - Configuring wildcard address objects
      - Address sets
      - Configuring address sets
    - Application objects
      - Application sets
      - Configuring applications and application sets
      - Source-Identity
    - Negated source and destination objects
    - Schedulers
      - Configuring schedulers
  - Action Criteria
    - Permit options
    - Configuring security policies
    - Host security policies
      - Configuring a policy to restrict inbound or outbound management requests
  - Application Layer Gateways
    - Enabling an ALG example
- Best Practices
- Troubleshooting and Operation
  - Viewing Security Policies
    - Security policy tools
  - Viewing the Firewall Session Table
    - Sample firewall logs
  - Monitoring Interface Counters
  - Performing a Flow Trace
  - Performing a Packet Capture on SRX Branch
  - Performing a Packet Capture on the High-End SRX
- Sample Deployment
- Summary
- Study Questions
9. Network Address Translation
- The Need for NAT
  - NAT as a Security Component?
- Junos NAT Fundamentals
  - Junos NAT Types
  - NAT Precedence in the Junos Event Chain
    - NAT type precedence
- Junos NAT Components
  - Rulesets
    - Static NAT rulesets
    - Destination NAT rulesets
    - Source NAT rulesets
    - NAT ruleset precedence
      - NAT ruleset precedence example
  - NAT Interfaces, Pools, and Mapping Objects
    - Static NAT transforms
    - Source NAT transforms
      - Interfaces
      - Pools
    - Destination NAT pools
  - NAT Rules
  - NAT and Security Policies
  - Proxy-ARP and Proxy-NDP
    - Configuring Proxy-ARP/NDP
      - When you dont need Proxy-ARP/NDP
- Junos NAT in Practice
  - Static NAT
    - Static NAT one-to-one mapping
    - Static NAT many-to-many mapping
      - Option 1: NAT44/NAT66
      - Option 2: NAT46 Static mapping
      - Option 3: NAT 64 automatic translation
  - Source NAT
    - Source NAT with interfaces
    - Source NAT with pools and interfaces
    - Other SRX source NAT configuration options
  - Destination NAT
    - Configuration destination NAT
  - Combination Source and Destination NAT
  - No-NAT with Source or Destination NAT
- Best Practices
- Troubleshooting and Operation
  - NAT Rule and Usage Counters
  - Viewing the Session Table
  - View NAT Errors
  - View Firewall Logs with NAT
  - Flow Debugging with NAT
    - Source NAT
    - Destination NAT
    - Static NAT
- Sample Deployment
- Summary
- Study Questions
10. IPsec VPN
- VPN Architecture Overview
  - Site-to-Site IPsec VPNs
  - Hub and Spoke IPsec VPNs
  - Full Mesh VPNs
  - Partial Mesh VPNs
  - Remote Access VPNs
- IPsec VPN Concepts Overview
  - IPsec Encryption Algorithms
  - IPsec Authentication Algorithms
  - IKE Version 1 Overview
    - Phase 1 IKE negotiation modes
      - Main mode
      - Aggressive mode
    - Phase 2 IKE negotiation modes
      - Perfect Forward Secrecy
      - Quick mode
      - Proxy ID negotiation
  - IKE Version 2
    - IKEv1 versus IKEv2
  - IPsec VPN Protocol
  - IPsec VPN Mode
  - IPsec Manual Keys
  - IPv6 and IPsec on the SRX
- IKE Negotiations
  - IKE Authentication
    - Preshared key authentication
    - Certificate authentication
  - IKE Identities
- Flow Processing and IPsec VPNs
- SRX VPN Types
  - Policy-Based VPNs
  - Route-Based VPNs
    - Numbered versus unnumbered st0 interfaces
    - Point-to-point versus point-to-multipoint VPNs
    - Special point-to-multipoint attributes
    - Point-to-multipoint NHTB
    - Which should you use: Policy- or route-based VPN?
- Other SRX VPN Components
  - Dead Peer Detection
  - VPN Monitoring
  - XAuth
  - NAT Traversal
  - Anti-Replay Protection
  - Fragmentation
  - Differentiated Services Code Point
  - IKEv1 Key Lifetimes
  - Network Time Protocol
  - Certificate Validation
  - Simple Certificate Enrollment Protocol
  - Group VPN
  - Dynamic VPN
- Selecting the Appropriate VPN Configuration
- IPsec VPN Configuration
  - Configuring NTP
  - Certificate Preconfiguration Tasks
  - Phase 1 IKE Configuration
    - Configuring Phase 1 proposals
      - Configuration for Remote-Office1 proposal with preshared keys
      - Configuration for Remote-Office1 proposal with certificates
    - Configuring IKEv1 Phase 1 policies
      - Configuring IKEv1 Phase 1 IKE policy with preshared key, Main mode
      - Configuring IKEv1 Phase 1 IKE policy with preshared key, Aggressive mode
      - Configuring IKEv1 Phase 1 IKE policy with certificates
    - Configuring IKEv1 Phase 1 gateways
      - Configuring an IKEv1 gateway with static IP address and DPD
    - Configuring dynamic gateways and remote access clients
      - Configuring an IKE gateway with a dynamic IP address
      - Configuring an IKEv1 remote access client
  - Phase 2 IKE Configuration
    - Configuring IKEv1 Phase 2 proposals
      - Configuring an IKEv1 Phase 2 proposal for remote offices and client connections
    - Configuring Phase 2 IPsec policy
      - Configuring an IPsec policy defining the Phase 2 proposal
    - Configuring common IPsec VPN components
      - Configuring a common site-to-site VPN component
  - IKEv1 Versus IKEv2 Configuration
    - Configuring policy-based VPNs
      - Configuring a policy-based VPN for the East Branch to the Central site VPN
    - Configuring route-based VPNs
  - IPsec and SRX HA
    - IPsec termination in HA
    - ISSU for VPN
  - Dynamic VPN
- Best Practices
- Troubleshooting and Operation
  - Useful VPN Commands
    - show security ike security-associations
    - show security ipsec security-associations
    - show security ipsec inactive-tunnels
    - show security ipsec statistics
    - Checking interface statistics
  - VPN Tracing and Debugging
    - VPN troubleshooting process
    - Configuring and analyzing VPN tracing
- Sample Deployments
  - Site-to-Site VPN
  - Remote Access VPN
  - IPsec Caveats on SRX
- Summary
- Study Questions
11. Screens and Flow Options
- A Brief Review of Denial-of-Service Attacks
  - Exploit-Based DoS
  - Flood-Based DoS
  - DoS Versus DDoS
- Screen Theory and Examples
  - How Screens Fit into the Packet Flow
    - Screen Processing only happens on the ingress interface
  - Screens in Hardware and Software
  - Screen Profiles
    - Packet versus threshold Screens
    - Applying Screen profiles to single and multiple zones
    - Configuring a Screen profile
  - DoS Attacks with IP Protocols
    - Bad IP Option Screen
      - Configuring Bad IP Option Screen
    - Block Frag Screen
      - Configuring Block Frag Screen
    - Route Option Screens
      - Configuring Route Option Screens
    - IP Security Option Screen
      - Configuring the IP Security Option Screen
    - IP Spoofing Screen
      - Configuring the IP Spoofing Screen
    - IP Stream Option Screen
      - Configuring the IP Stream Option Screen
    - IP Tear Drop Screen
      - Configuring the IP Tear Drop Screen
    - IP Timestamp Option Screen
      - Configuring the IP Timestamp Option Screen
    - Unknown IP Protocol Screen
      - Configuring the Unknown IP Protocol Screen
  - DoS Attacks with ICMP
    - ICMP Flood Screen
      - Configuring the ICMP Flood Screen
    - ICMP Fragment Screen
      - Configuring the ICMP Fragment Screen
    - ICMP IP Sweep Screen
      - Configuring the ICMP IP Sweep Screen
    - ICMP Large Packet Screen
      - Configuring the ICMP Large Packet Screen
    - ICMP Ping of Death Screen
      - Configuring the ICMP Ping of Death Screen
  - DoS Attacks with UDP
    - UDP Flood Screen
      - Configuring the UDP Flood Screen
    - UDP Sweep Screen
      - Configuring the UDP Sweep Screen
  - DoS Attacks with TCP
    - FIN-No-ACK Screen
      - Configuring the FIN-No-ACK Screen
    - LAND Attack Screen
      - Configuring the LAND Attack Screen
    - TCP Port Scan Screen
      - Configuring the TCP Port Scan Screen
    - SYN-ACK-ACK Proxy Screen
      - Configuring the SYN-ACK-ACK-Proxy Screen
    - SYN-FIN Screen
      - Configuring the SYN-FIN Screen
    - SYN flood/spoofing attacks
      - SYN flood rate limiting
      - Configuring SYN Flood Rate Limiting
      - SYN Spoofing Protection Modes
      - Configuring SYN Cookie/Proxy Protection
    - SYN-Frag Screen
      - Configuring the SYN-Frag Screen
    - TCP No Flags Screen
      - Configuring the TCP No Flags Screen
    - TCP Sweep Screen
      - Configuring the TCP Sweep Screen
    - WinNuke Screen
      - Configuring the WinNuke Screen
  - Session Limit Screens
    - Source IP Session Limit Screen
      - Configuring the Source IP Session Limit Screen
    - Destination IP Session Limit Screen
      - Configuring the Destination IP Session Limit Screen
  - SRX Flow Options
    - Aggressive session aging
      - Configuring the aggressive session ageout flow option
    - TCP sequence checks
      - Configuring TCP sequence checks
    - Configuring TCP sequence checks for RST packets
    - TCP SYN checks
      - Strict SYN checks
      - Configuring the strict SYN check
    - SYN checks in tunnels
    - TCP state timeouts
      - Configuring the TCP initial session timeout and TCP time wait timeout
- Best Practices
- Troubleshooting and Operation
  - Viewing Screen Profile Settings
  - Viewing the Screen Attack Statistics
  - Viewing Flow Exceptions
- Sample Deployment
  - Configuration for Screen and Flow Option Sample Deployment
- Summary
- Study Questions
12. AppSecure Basics
- AppSecure Component Overview
  - Application Identification
  - Application Tracking
  - Application Firewall
  - Application Quality of Service
  - User Role Firewalling
  - SSL Forward Proxy
  - AI Processing Architecture
    - How Application Identification identifies applications
    - Signature-based pattern matching
      - Nested application signatures
      - Keeping honest applications honest
    - Heuristic-based detection
    - Predictive session identification
    - Application system cache
- Deploying AppSecure
  - AppSecure Licensing
  - Downloading and Installing Application Identification Sigpacks
    - Controlling application caching
      - Enabling application identification heuristics
  - AppID Signature Operations
    - Enabling and disabling applications and application groups
    - Creating Layer 3/Layer 4 applications
    - Creating custom application groups
  - Configuring and Deploying AppTrack
    - Enabling AppTrack
    - Configuring AppTrack options
  - Configuring and Deploying Application Firewall
    - Three types of Application Firewall rulesets
      - Configuring a blacklist application ruleset
      - Configuring a whitelist application ruleset
      - Configuring a hybrid application ruleset
      - When to use blacklist, whitelist, and hybrid rulesets
      - Configuring application redirect
  - Configuring and Deploying Application Quality of Service
    - DSCP rewrite
    - Forwarding class
    - Logging
    - Loss priority
    - Rate limiter
    - Configuring an AppQoS example
  - Configuring and Deploying User Role Firewall
    - UserFW functionality overview
    - UserFW packaging and licensing
    - Deploying UserFW
    - Configuring the SRX for UserFW
    - Configuring the IC
      - Configuring the SRX as an IC enforcer
      - Configuring the authentication server
      - Configuring realms, roles, and sign-in policies
    - Miscellaneous Active Directory tasks
  - Configuring and Deploying SSL Forward Proxy
    - Configuring SSL Forward Proxy on the SRX
    - AppFW with encrypted applications
- Best Practices
  - Application Identification
  - AppTrack
  - AppFW
  - AppQoS
  - UserFW
  - SSL FP
- Troubleshooting and Operation
  - Operating Application Identification
    - Checking the AppID package
    - Checking the AppID engine settings and cache
    - Checking AppID counters
    - Checking application statistics
    - AppTrack
  - Operating Application Firewall
  - Operating Application QoS
  - Operating UserFW
  - Operating SSL Forward Proxy
- Sample Deployments
- Summary
- Study Questions
13. Intrusion Prevention
- The Need for IPS
  - What About Application Firewalling in NGFW?
- How Does IPS Work?
  - Licensing
  - IPS and UTM
  - What Is the Difference Between Full IPS and Deep Inspection/IPS Lite?
  - Is It IDP or IPS?
  - False Positives and False Negatives in IPS
  - Management IPS Functionality on the SRX
  - Stages of a System Compromise
  - IPS Packet Processing on the SRX
    - Packet processing path
    - Direction-specific detection
    - SRX deployment options
  - Attack Object Types
    - Application contexts
    - Predefined attack objects and groups
    - Custom attack objects and groups
    - Severities
    - Signature performance impacts
  - IPS Policy Components
    - Rulebases
    - Match criteria
    - Then actions
      - IPS actions
      - Notification actions
      - Packet logging
      - Configuring packet logging in the STRM
      - IP actions
      - Targets and timeouts
    - Terminal Match
  - Security Packages
    - Attack database
    - Attack object updates versus full updates
    - Application objects
    - Detector engines
    - Policy templates
    - Scheduling updates
  - Sensor Attributes
  - SSL Inspection (Reverse Proxy)
  - Custom Attack Groups
    - Static attack groups
    - Dynamic attack groups
- Configuring IPS Features on the SRX
  - Getting Started with IPS on the SRX
    - Getting started example
    - Configuring automatic updates
    - Useful IPS files
    - Viewing IPS attack objects and group membership
    - Configuring static and dynamic attack groups
    - Creating, activating, and referencing IPS
    - Exempt rulebase
      - Enabling GZIP/Deflate Decompression
- Deploying and Tuning IPS
  - First Steps to Deploying IPS
  - Building the Policy
  - Testing Your Policy
    - Leveraging sniffer mode for the deployment
  - Actual Deployment
  - Day-to-Day IPS Management
- Best Practices
- Troubleshooting and Operation
  - Checking IPS Status
  - Checking Security Package Version
  - Troubleshooting and Monitoring Security Package Installation
    - Clearing the download and cache files on the SRX
  - Checking Policy Compilation Status
  - IPS Attack Table
  - IPS Counters
  - IP Action Table
- Sample Deployments
- Summary
- Study Questions
14. Unified Threat Management
- Shifting Threats
- UTM, IPS, or Both?
  - Antivirus
  - URL Filtering
  - Antispam
  - Content Filtering
  - Antivirus + URL Filtering+ IPS?
  - I Have SRX Antivirus: Do I Need Desktop Antivirus?
- UTM Licensing
  - Configuring Licensing
- UTM Components
  - Feature Profiles
  - Custom Objects
  - UTM Policies
  - Application Proxy
  - Networking Requirements for UTM Features
  - Antivirus
    - Antivirus flavors in the SRX
    - Sophos AV
      - Implementing Sophos AV
      - Configuring Sophos with a default profile
      - Default profile configuration
      - Sophos AV feature profiles
      - Configuring Sophos feature profile example
    - Kaspersky Full AV
      - Configuring Kaspersky with the default profile
      - Default Kaspersky profile configuration
      - Configuring Kaspersky AV scanning and fallback options
    - Express AV
      - Default Express AV profile
  - Which AV to Choose?
  - URL Filtering
    - URL filtering flavors
      - Configuring the URL filtering with default profiles
    - Websense Enhanced filtering
      - Configuring Websense Enhanced default profile
      - Default Websense Enhanced profile
      - Configuring a custom Websense Enhanced profile
    - Surfcontrol/Websense Integrated URL filtering
      - Configuring Surfcontrol Integrated with default profile
      - Default Surfcontrol/Websense profile configuration
      - Configuring Surfcontrol/Websense Integrated options
    - Websense Redirect
      - Configuring Websense Redirect
      - Default Websense Redirect profile
      - Default local URL filtering profile
    - URL Custom URLs, blacklists, whitelists, and categories
      - Custom URL patterns
      - Custom URL category
    - URL filtering profiles
      - Juniper Local feature profile options
      - Putting it all together for Juniper Local web filtering
    - Which URL filtering solution to choose?
  - Antispam
    - Configuration options for antispam
    - Configuring antispam with the default profile
    - Configuring a custom spam profile and policy
  - Content Filtering
    - Configuring content filtering example
  - Logging UTM Messages
    - Configuring syslog to send UTM to a remote server
- Best Practices
- Troubleshooting and Operation
  - UTM Engine
  - Antivirus
    - Testing antivirus
  - URL Filtering
    - Websense site lookup tool
  - Antispam
  - Content Filtering
- Sample Deployments
- Summary
- Study Questions
Index
About the Authors
Colophon
Copyright

pokaż cały spis treści

O'Reilly Media - inne książki

Promocja

The potential of machine learning today is extraordinary, yet many aspiring developers and tech professionals find themselves daunted by its complexity. Whether you're looking to enhance your skill set and apply machine learning to real-world projects or are simply curious about how AI systems function, this book is your jumping-off place. With an
- ePub + Mobi
Hands-On Machine Learning with Scikit-Learn and PyTorch. Concepts, Tools, and Techniques to Build Intelligent Systems

Aurélien Géron

(245,65 zł najniższa cena z 30 dni)

254.15 zł ~~299.00 zł (-15%)~~
Promocja

Stuck in a coding conundrum? Whether you're an advanced beginner, an intermediate developer, or a curious newcomer, the complexities of coding can often feel like a labyrinth with no exit. With Python, however, you can start writing real code quickly—but where should you start? In this updated third edition, Bill Lubanovic acts as your personal gu
- ePub + Mobi
Introducing Python. 3rd Edition

Bill Lubanovic

(29,90 zł najniższa cena z 30 dni)

143.65 zł ~~169.00 zł (-15%)~~
Promocja

AI-assisted coding and cloud-based tools are already transforming how modern applications are built. Bolt.new, a powerful in-browser AI agent from StackBlitz, streamlines the development process, allowing you to prototype quickly, debug intelligently, and launch confidently—no local setup required. Whether you're new to full stack development or lo
- ePub + Mobi
Building Web Apps with Bolt. Unlock the Future of AI-First Development

Addy Osmani

(29,90 zł najniższa cena z 30 dni)

169.14 zł ~~199.00 zł (-15%)~~
Promocja

AI is transforming software development, shifting programmers from writing code to collaborating with AI in an intent-driven workflow. Vibe coding—a prompt-first, exploratory approach where you describe what you want in natural language and let a large language model fill in the blanks—represents a radical shift in the developer's role from writing
- ePub + Mobi
Beyond Vibe Coding. From Coder to AI-Era Developer

Addy Osmani

(29,90 zł najniższa cena z 30 dni)

203.15 zł ~~239.00 zł (-15%)~~
Promocja

Whether it's to adhere to regulations, access markets by meeting specific standards, or devise data analytics and AI strategies, companies today are busy implementing metadata repositories—metadata tools about the data, information, and knowledge in your company. Until now, most of these repositories have been implemented in isolation from one anot
- ePub + Mobi
Fundamentals of Metadata Management. Uncover the Meta Grid and Unlock IT, Data, Information, and Knowledge Management

Ole Olesen-Bagneux

(29,90 zł najniższa cena z 30 dni)

228.65 zł ~~269.00 zł (-15%)~~
Promocja

In today's environment of partial attention and isolating remote work, few things are more satisfying than group experiences that produce powerful, meaningful connections and output. But this kind of enlivening, collective work doesn't happen by chance. It must be consciously designed and purposefully activated--;in a team, an organization, and a c
- ePub + Mobi
Gamestorming 2.0. An Updated Playbook for Innovators, Rule Breakers, and Changemakers

Dave Gray, Sunni Brown

(29,90 zł najniższa cena z 30 dni)

143.65 zł ~~169.00 zł (-15%)~~
Promocja

Feeling overwhelmed by the volume of data in your research? Sifting through massive amounts of data to find useful insights is becoming increasingly difficult in drug discovery, genetics, and healthcare. Enter the era of generative AI with LangChain, whose groundbreaking tools are changing the way life scientists and researchers operate. In this g
- ePub + Mobi
LangChain for Life Sciences and Healthcare. Innovation Through LLMs and Generative AI Agents

Ivan Reznikov

(29,90 zł najniższa cena z 30 dni)

228.65 zł ~~269.00 zł (-15%)~~
Promocja

An application programming interface (API) enables data exchange in systems such as web applications, microservices, and IoT devices. In this hands-on book, authors Lukasz Dynowski and Marcin Dulak show software developers and architects how to design and implement REST, GraphQL, gRPC, webhooks, WebSocket, messaging APIs, and more. This book look
- ePub + Mobi
Learning API Styles. Understanding the Trade-Offs of Common APIs and Choosing the Correct Solutions

Lukasz Dynowski, Marcin Dulak

(29,90 zł najniższa cena z 30 dni)

203.15 zł ~~239.00 zł (-15%)~~
Promocja

Here's the thing about large language models: they don't play by the old rules. Traditional MLOps completely falls apart when you're dealing with GenAI. The model hallucinates, security assumptions crumble, monitoring breaks, and agents can't operate. Suddenly you're in uncharted territory. That's exactly why LLMOps has emerged as its own disciplin
- ePub + Mobi
LLMOps. Managing Large Language Models in Production

Abi Aryan

(29,90 zł najniższa cena z 30 dni)

228.65 zł ~~269.00 zł (-15%)~~
Promocja

The CEH exam is not an enjoyable undertaking. This grueling, exhaustive, challenging, and taxing exam will either leave you better prepared to be the best cyber security professional you can be. But preparing for the exam itself needn't be that way. In this book, IT security and education professional Matt Walker will not only guide you through ev
- ePub + Mobi
Certified Ethical Hacker (CEH) Study Guide. In-Depth Guidance and Practice

Matt Walker

(29,90 zł najniższa cena z 30 dni)

186.15 zł ~~219.00 zł (-15%)~~

Zamknij

Juniper SRX Series. A Comprehensive Guide to Security Services on the SRX Series Brad Woodberg, Rob Cameron

Najczęściej kupowane razem