Product Description

Use Cisco concentrators, routers, Cisco PIX and Cisco ASA security appliances, and remote access clients to build a complete VPN solution

• A complete resource for understanding VPN components and VPN design issues
• Learn how to employ state-of-the-art VPN connection types and implement complex VPN configurations on Cisco devices, including routers, Cisco PIX and Cisco ASA security appliances, concentrators, and remote access clients
• Discover troubleshooting tips and techniques from real-world scenarios based on the author’s vast field experience
• Filled with relevant configurations you can use immediately in your own network

With increased use of Internet connectivity and less reliance on private WAN networks, virtual private networks (VPNs) provide a much-needed secure method of transferring critical information. As Cisco Systems® integrates security and access features into routers, firewalls, clients, and concentrators, its solutions become ever more accessible to companies with networks of all sizes. The Complete Cisco VPN Configuration Guide contains detailed explanations of all Cisco® VPN products, describing how to set up IPsec and Secure Sockets Layer (SSL) connections on any type of Cisco device, including concentrators, clients, routers, or Cisco PIX® and Cisco ASA security appliances. With copious configuration examples and troubleshooting scenarios, it offers clear information on VPN implementation designs.

Part I, “VPNs,” introduces the topic of VPNs and discusses today’s main technologies, including IPsec. It also spends an entire chapter on SSL VPNs, the newest VPN technology and one that Cisco has placed particular emphasis on since 2003. Part II, “Concentrators,” provides detail on today’s concentrator products and covers site-to-site and remote-access connection types with attention on IPsec and WebVPN. Part III covers the Cisco VPN Client versions 3.x and 4.x along with the Cisco3002 Hardware Client. Cisco IOS® routers are the topic of Part IV, covering scalable VPNs with Dynamic Multipoint VPN, router certificate authorities, and router remote access solutions. Part V explains Cisco PIX and Cisco ASA security appliances and their roles in VPN connectivity, including remote access and site-to-site connections. In Part VI, a case study shows how a VPN solution is best implemented in the real world using a variety of Cisco VPN products in a sample network.

This security book is part of the Cisco Press® Networking Technology Series. Security titles from Cisco Press help networking professionals secure critical data and resources, prevent and mitigate network attacks, and build end-to-end self-defending networks.

Product Details

• Amazon Sales Rank: #208302 in Books
• Published on: 2005-12-25
• Original language: English
• Number of items: 1
• Binding: Paperback
• 1032 pages

About the Author

Richard A. Deal has nearly 20 years experience in the computing and networking industry including networking, training, systems administration, and programming. In addition to a bachelor’s of science degree in mathematics and computer science from Grove City College, Richard holds many certifications from Cisco. Since 1997, Richard has operated his own company, The Deal Group, Inc., located in Orlando, Florida. He also teaches Cisco security courses for Boson Training and writes preparation tests for them.

Customer Reviews

Great if you like GUI applications, not if you use the CLI.
I was hoping that the book would spend more time on actual router configuration rather than use GUI-related products. It was difficult to divine the actual config while wading through page after page of screen-shots.

Scratch "Complete" from the Title
Very disappointed. I have a 950 page book that does not cover setting up an IOS router for remote access using PPTP or L2TP. WTF? Heck - that's why I bought this expensive book. If you have deep pockets and can buy whatever cisco gear you like then this book will likely introduce you to many possible VPN solutions. But there seems to be a bias in the book toward large enterprise solutions - with little or no consideration given to SOHO and small businesses. Many of us make do with the resources that we have available and can't just go out a buy stuff because the author thinks a remote access concentrator would be "best." I still can't believe that he doesn't cover configuring IOS for access by Windows PPTP or L2TP clients. I'm stunned. With this glaring omission I can't help but wonder about the completeness of the other content. Thumbs down.

A useful read for security professionals
A thorough and complete review of VPN technologies, as implemented in Cisco infrastructure, Deal's `The Complete Cisco VPN Configuration Guide', is arranged as a twenty three chapter step by step technology review and one chapter of bonus case studies.

The forty page Case study at the end of the book demonstrates the books material in a concise, simple and easy to follow way and its compactness will make it useful for an engineer who has general ideas about VPN , yet need to get a site running quickly. This chapter can be read without a full understanding of the remainder of the text, productively.

The rest of the text is arranged into five parts, viz., VPNs, Concentrators, Clients, IOS routers and PIX firewall. The first part being a good attempt at VPN technology review. The presentation of the technologies in the part, of five chapters is generic enough to appeal to a wide audience of security professionals. The arrangement of the subject into chapter one on VPN overview, Chapter two on fundamental VPN technologies, Chapter three on IPSec, four on PPTP and L2TP and five on SSL VPN , is one of the better classification and treatments of VPN technologies I have seen lately.

VPN concentrators are the core Cisco VPN infrastructure, and they get a fair treatment with ample configuration examples in the second part. Chapter 6, the first chapter in this section provides a broad treatment of the concentrator products available and the rest of section is devoted to concentrator configuration and troubleshooting.

I am almost tempted to question why the author decided to devote a whole section of three chapters of more than one fifty pages, to VPN client software, but my experience with users and administrators alike, who have demonstrated some clumsiness with various VPN client solutions, refrained me. This indeed is a clear and concise guide that administrators can use a basis for developing an in-house user manual. It covers the Cisco VPN client software, the Microsoft VPN dialer software, the Cisco 3200 hardware client, but misses out on some alternative solutions. There was no talk of SSH VPN clients, such as putty, in this section as there were none on non-traditional, but evolving VPN solutions including secure remote desktop solutions.

Cisco's integration of almost all its security technologies in IOS is demonstrated again in section four. This section discusses router capabilities and demonstrates them with some configuration examples. Another major Cisco Security technology, the PIX, which also serves as one the more popular Cisco VPN concentrator in deployment, is also given a fair treatment in this text.

In all, this is a good text for newbie's and intermediate network or infrastructure professionals. A useful read for security professionals, and maybe a valuable resource for Cisco security certification aspirants. But don't loose your Cisco documentation manual, or your Cisco Technology handbooks yet.