|
libcats.org
SSL Remote Access VPNs (Network Security)Qiang Huang, Jazib FrahimSSL Remote Access VPNs
Jazib Frahim, CCIE No. 5459 Qiang Huang, CCIE No. 4937 Right in the middle of a pretty big SSL VPN roll out here at my place of employment, Cisco Press released SSL Remote Access VPNs. They couldn't have had better timing, as there was a good deal I was still confused about. First, let me get this clear from the start: I hate ASDM. It has its uses, like monitoring. The traffic and VPN monitoring interfaces are wonderful. However, as far as configuration goes, the command-line is preferable. That being said, 95% of this book, including configuration, revolves around ASDM. The first chapter explains remote access VPNs, which should be pretty familiar to anyone with IPSec VPN experience. Nothing new here, but certainly a good refresher and a good way to build context for the rest of the book. The next couple chapters focus on SSL VPN technology, as well as SSL VPN design considerations. Definitely a nice review, considering SSL is certainly not a new technology, but building high encryption VPNs using SSL certainly is. Chapter 4 is just an overview of ASA appliances and IOS routers and their SSL VPN capabilities. It's only a few pages, so it's not exactly deep reading, but useful nonetheless. Next is a chapter on SSL VPN on the ASA. Probably the best part of the book, it mostly focuses on clientless SSL VPN. It has a (too short) section on configuring the AnyConnect client. This is the part that I personally found the most useful, which is why I was disappointed that it was so short. Also included are Dynamic Access Policies (DAP), and a couple of deployment scenarios. The next chapter is on SSL VPN on IOS routers. I have to admit, I only skimmed this chapter, as it just wasn't relevant to my deployment. But from what I could tell, it was just as thorough as the previous chapter, and possibly more so. It also included most of the SDM configuration in CLI form as well, and I have to wonder why the ASA chapter didn't have more CLI in it as well. Finally, there is a short chapter on SSL VPN management. This chapter basically just shows you some of the monitoring interface in ASDM. Sadly, nothing in the way of CLI, but that's a pretty recurring theme in this book. In conclusion, I would have to say this book is certainly worth picking up if you're planning on doing an SSL VPN roll out any time soon. The only real issue I had with the book was what I've already mentioned a few times, and that is the lack of CLI. I realize Cisco is really pushing SDM and ASDM, but they need to understand that network engineers are -not- point and click kind of people. Leave that to the MCSEs! ;) - Chris Ссылка удалена правообладателем ---- The book removed at the request of the copyright holder.
Популярные книги за неделю:
#2
В.Бекетов, К.Харченко. Измерения и испытания при конструировании и регулировке радиолюбительских антенн (djvu)
4.82 Mb
#4
Самодельные детали для сельского радиоприемникаАвторы: З.Б.Гинзбург, Ф.И.Тарасов.Категория: радиоэлектроника
1.40 Mb
Только что пользователи скачали эти книги:
#1
Ориентации населения на здоровый образ жизни, региональный аспект(Автореферат)Бредихина Н.В.Категория: Диссертации авторефераты
174 Kb
#6
Краткий справочник по химииГороновский И.Т.Категория: Биология биохимия химия Справочник
25.21 Mb
#9
Уровень жизни населения: пути решения проблемы бедностиДагбаева С.Д.-Н.Категория: Социология
997 Kb
#10
УМК Развивающие задания: тесты, игры, упражнения 4 классЯзыканова Е.В. (составитель)Категория: ДЛЯ ДЕТЕЙ, НАУКА и УЧЕБА
12.27 Mb
|
|