Cisco ASA and PIX Firewall Handbook
- ISBN13: 9781587051586
- Condition: USED – VERY GOOD
- Notes:
Product Description
The complete guide to the most popular Cisco PIX®, ASA, FWSM, and IOS® firewall security features Learn about the various firewall models, user interfaces, feature sets, and configuration methods Understand how a … More >>
5 Comments
RSS feed for comments on this post.
Sorry, the comment form is closed at this time.
Some Content may originate from third party websites(i.e. Amazon, Yahoo Answers, Youtube)Internet SecuritT Group LLC is not responsible or liable for the content of any third party affiliate
All third party content is property of the respective owners.
David Hucaby demonstrated his flair for Cisco Security offerings with his clear and concise presentation of the Cisco Adaptive Security Appliance and Cisco PIX Security appliance. This book was surprisingly easy to read for such a highly technical text. Within the first three hours of my receiving the text, I had already gone through the first four chapters.
The layout of the text endears it to Cisco Solutions professionals. Organized into thirteen chapters, the text starts with a brief overview of firewall technology and quickly delves into Cisco IOS commands to demonstrate the concepts described. Hucaby presents the materials in a logical order, starting from Chapter one on firewall overview, chapter 2 reviews basic configuration options for the Cisco PIX and ASA platforms. Chapter three on connectivity explores interface and VLAN connectivity with specific examples. IP version 6 connectivity was also described here. The book moves into more device and user management and firewall policy settings in chapters 4 through five and discussed fault tolerance and reliability in firewall designs in chapter 7
Chapter eight provided more hands-on treatment of firewall reliability with an in-depth description of failover implementations for Cisco firewall load balancing appliance (FWLB).
Not a generic text on firewall or security, this book is essentially a Cisco Security Implementation manual and its title should be taken literarily. The material is presented in a manner that lends itself to junior to intermediate Cisco security device administrators. The deep emphasis on Cisco Technology in this volume, limits the texts utility to non Cisco device administrators and thus the over all reader base of the text.
A CCNP candidate or PIX firewall specialist is sure to benefit from owning a copy of Hucaby’s book, as would CCIE Security certification candidates. If your job is to manage Cisco PIX, ASA and related devices, then owning a copy of Hucaby’s text will be well worth it. Independent consultants will also benefit from the reference like collection of materials in this handbook.
If you expect this book to provide you with insight into generic firewall technology, you will find only limited help here. Also if you do not expect to implement Cisco Security solutions, you do not need a copy. The treatment on syslog, without any mention of the state of the art in syslog technology (syslog-ng) leaves one wondering when the book was written.
This is really a difficult text to review, given the excellent presentation skill demonstrated by the author in his presentation of the material, the ease with which one can get through the materials, the scope of the technical how-to, presented by the author, and yet, the obvious gap in presenting the state of the art in the industry as against just being Cisco centric.
I will rate this book 3 out of 5. A great book for Cisco professionals, particularly PIX, FWSM (firewall switch module), ASA and IOS security administrators, Cisco centric network designers and managers and aspiring Cisco Security certification candidates. Mostly of little use to non-Cisco professional.
Rating: 3 / 5
I bought this book thinking that this was the ASA/PIX Bible. Don’t get me wrong the book is excellent but as can be expected from Cisco Press they over kill you with information and still manage to leave out crucial information. One of the most important functions of an ASA is creating VPN tunnels. This book mentions it in literally 3-7 words the entire book. I called and complained to Cisco but they told me that I was wrong because I had the wrong expectation of the book. They said if I want VPN stuff I needed to buy the ASA or PIX version of the Firewalls & VPN book. I guess Cisco thinks that I won’t mind buying another over priced book. Outside of that from a security, general set up, advanced topics like ACL’s, and advanced concepts like VLANs it is a decent book.
Rating: 3 / 5
The Cisco ASA and PIX Firewall Handbook by Dave Hucaby is an excellent book on PIX firewalls and covers versions 6.x and 7.x, including FWSM configurations. There is negligible coverage of ASA and readers looking for a detailed ASA book best look elsewhere. The cream of this book is really Chapter 6 – Controlling Access Through the Firewall. A detailed chapter of running the Pix in Transparent mode, Address Translation, ACL’s, Content filtering, Modular Policy Framework, along with Application Inspection. The section on the Modular Policy Framework is very good and detailed. I plan to refer to this book often when troubleshooting PIX’s.
There were hardly any errors or issues with this book. For example, in Chapter 7: Increasing Firewall Availability with Failover, the author writes that Stateful firewall failover packets are sent using IP Protocol 8 (EGP). I presume they meant IP protocol 105.
The authors list configuration commands for FWSM , 6.x and 7.x versions of the PIX. Personally, I’m not too fond of this approach and would rather read commands pertaining to a single version. Commands of other versions are available at the Cisco Documentation site.
Rating: 5 / 5
The subtitle for Cisco ASA and PIX firewall Handbook states that it is “the complete guide” for PIX, ASA, FWSM, and IOS Firewall features. I have read other books on the PIX and the IOS Firewall and I agree that Hucaby is very thorough in walking the reader through the configuration and management of these devices. This is not a book to gain a basic understanding of network security, but is written with the intermediate to advanced network administrator in mind.
Hucaby has good concise coverage of concepts while diving into the minutia of configuration examples. Case studies are used, but not to verbose. Hucaby simply states the goals and shows you the configurations in an outlined format. The structure of each chapter includes a description, steps to configure, sample configurations, and how to verify a feature is functioning.
This book will now replace an older title I had on the PIX Firewall as my desk reference. I will also consult it when configuring the other
firewall appliances.
If you work through this book with your equipment, perhaps the greatest benefit will be the understanding you will gain for interpreting
error logs. This will benefit both security as well as troubleshooting.
During my first reading through of the book, I found useful commands that I was unaware of and do not show up when typing a question mark at the command prompt. Because of this I was able to more accurately view the traffic from a recent setup and had more confidence in knowing that it was working correctly.
Primarily because the title is so concise, yet thorough, I rate this book 5 stars and look forward to reading more books by this author.
Rating: 5 / 5
While the book was rather detailed in several areas, I was hoping it would be more detailed on the subject of VPN. While most of it is straight forward, configuring VPN on the 5520 was a pain. Someone reading this book should be from a large enterprise, using failover, etc. Someone from a small company that is not using these features might find it to be overkill, and start looking for other books to meet their specific needs.
Rating: 4 / 5