Cover image not available
Introduction xv
Assessment Test xxv
Chapter 1 Getting Started with FireSIGHT 1
Industry Terminology 2
Cisco Terminology 3
FirePOWER and FireSIGHT 3
Out with the Old… 4
Appliance Models 5
Hardware vs. Virtual Devices 6
Device Models 6
Defense Center Models 7
FireSIGHT Licensing 8
License Dependencies 9
Network Design 9
Inline IPS 10
Passive IPS 11
Router, Switch, and Firewall 11
Policies 12
The User Interface 13
Initial Appliance Setup 14
Setting the Management IP 15
Initial Login 15
Summary 17
Hands-on Lab 17
Review Questions 19
Chapter 2 Object Management 21
What Are Objects? 22
Getting Started 23
Network Objects 25
Individual Network Objects 25
Network Object Groups 25
Security Intelligence 26
Blacklist and Whitelist 26
Sourcefire Intelligence Feed 27
Custom Security Intelligence Objects 28
Port Objects 29
VLAN Tag 30
URL Objects and Site Matching 31
Application Filters 33
Variable Sets 35
File Lists 39
Security Zones 41
Geolocation 43
Summary 44
Hands-on Lab 45
Exam Essentials 49
Review Questions 51
Chapter 3 IPS Policy Management 53
IPS Policies 54
Default Policies 55
Policy Layers 56
Creating a Policy 57
Policy Editor 58
Summary 65
Hands-on Labs 65
Hands-on Lab 3.1: Creating an IPS Policy 66
Hands-on Lab 3.2: Viewing Connection Events 66
Exam Essentials 66
Review Questions 68
Chapter 4 Access Control Policy 71
Getting Started with Access Control Policies 72
Security Intelligence Lists 75
Blacklists, Whitelists
OBNB doesn't sell books, but you may be able to find a copy at one of these websites:
SSFIPS Securing Cisco Networks with Sourcefire intrusion prevention system study guide : exam 500-285 by Todd Lammle. ISBN 9781119155058. Published by Sybex in 2015. Publication and catalogue information, links to buy online and reader comments.