Cisco.Press.Security.Monitoring.with.Cisco.Security.MARS.pdf

Security Monitoring with

Cisco Security MARS

Gary Halleen

Greg Kellogg

Cisco Press

800 East 96th Street

Indianapolis, IN 46240 USA

Security Monitoring with Cisco Security MARS

Gary Halleen

Greg Kellogg

Published by:

Cisco Press

800 East 96th Street

Indianapolis, IN 46240 USA

or mechanical, including photocopying, recording, or by any information storage and retrieval system, without writ-

ten permission from the publisher, except for the inclusion of brief quotations in a review.

First Printing June 2007

Library of Congress Cataloging-in-Publication Data

Halleen, Gary.

Security monitoring with Cisco security MARS/Gary Halleen, Greg Kellogg.

p. cm.

ISBN 978-1-58705-270-5 (pbk.)

1. Computer networks—Security measures. 2. Computer security—Evaluation. I. Kellogg, Greg. II. Title.

TK5105.59.H345 2007

005.8—dc22

2007021272

ISBN-10: 1-58705-270-9

ISBN-13: 978-1-58705-270-5

Warning and Disclaimer

This book is designed to provide information about day-to-day operations, conﬁguration, and customization capa-

bilities of the Cisco Security MARS appliances. Every effort has been made to make this book as complete and as

accurate as possible, but no warranty or ﬁtness is implied.

The information is provided on an “as is” basis. The authors, Cisco Press, and Cisco Systems, Inc. shall have neither

liability nor responsibility to any person or entity with respect to any loss or damages arising from the information

contained in this book or from the use of the discs or programs that may accompany it.

The opinions expressed in this book belong to the author and are not necessarily those of Cisco Systems, Inc.

Trademark Acknowledgments

All terms mentioned in this book that are known to be trademarks or service marks have been appropriately capital-

ized. Cisco Press or Cisco Systems, Inc. cannot attest to the accuracy of this information. Use of a term in this book

should not be regarded as affecting the validity of any trademark or service mark.

iii

Feedback Information

At Cisco Press, our goal is to create in-depth technical books of the highest quality and value. Each book is crafted

with care and precision, undergoing rigorous development that involves the unique expertise of members from the

professional technical community.

Readers’ feedback is a natural continuation of this process. If you have any comments regarding how we could

improve the quality of this book, or otherwise alter it to better suit your needs, you can contact us through e-mail at

feedback@ciscopress.com. Please make sure to include the book title and ISBN in your message.

We greatly appreciate your assistance.

Corporate and Government Sales

Cisco Press offers excellent discounts on this book when ordered in quantity for bulk purchases or special sales.

For more information please contact: U.S. Corporate and Government Sales

1-800-382-3419

corpsales@pearsontechgroup.com

For sales outside the U.S. please contact: International Sales

international@pearsoned.com

Publisher

Paul Boger

Associate Publisher

David Dusthimer

Cisco Representative

Anthony Wolfenden

Cisco Press Program Manager

Jeff Brady

Executive Editor

Brett Bartow

Managing Editor

Patrick Kanouse

Senior Development Editor

Christopher Cleveland

Project Editor

Tonya Simpson

Copy Editor

John Edwards

Technical Editors

Greg Abelar, Francesca Martucci

Team Coordinator

Vanessa Evans

Book Designer

Louisa Adair

Composition

Mark Shirar

Indexer

Ken Johnson

About the Authors

Gary Halleen is a security consulting systems engineer with Cisco. He has in-depth knowledge of security

systems, remote access, and routing/switching technology. Gary is a CISSP and ISSAP and has been a technical

editor for Cisco Press. Before working at Cisco, he wrote web-based software, owned an Internet service provider,

worked in Information Technology at a college, and taught computer science courses. His diligence was responsible

for the ﬁrst successful computer crimes conviction in the state of Oregon. Gary is a regular speaker at security

events, and he presents at Cisco Networkers conferences. He lives in Salem, Oregon, with his wife and children.

Greg Kellogg is the vice president of security solutions for Calence, LLC, which is based out of Tempe, Arizona.

He is responsible for managing the company’s overall security strategy, as well as developing new security solu-

tions and service offerings, establishing strategic partnerships, managing strategic client engagements, and support-

ing business development efforts. Greg has more than 15 years of networking industry experience, including

serving as a senior security business consultant for the Cisco Systems Enterprise Channel organization. While at

Cisco, Greg helped organizations understand regulatory compliance, policy creation, and risk analysis to guide their

security implementations. He was recognized for his commitment to service with the Cisco Technology Leader of

the Year award. Additionally, Greg worked for Protego Networks, Inc. (where MARS was originally developed).

While there, he was responsible for developing channel partner programs and helping solution providers increase

their security revenue. Greg currently resides in Spring Branch, Texas, with his wife and four children.

About the Technical Reviewers

Greg Abelar has been an employee of Cisco since December 1996. He was an original member of the Cisco

Technical Assistance Security team, helping to hire and train many of the engineers. He has held various posi-

tions in both the Security Architecture and Security Technical Marketing Engineering teams at Cisco. Greg is the

primary founder and project manager of the Cisco written CCIE Security exam. Greg is the author of the Cisco

Press title Securing Your Business with Cisco ASA and PIX Firewalls and coauthor of Security Threat Mitigation

and Response: Understanding Cisco Security MARS . In addition, he has been a technical editor for various Cisco

Press security books.

Francesca Martucci is the lead technical marketing engineer for CS-MARS, and she played an instrumental role in

the support of the product after the acquisition. Francesca has a very strong background across all the different secu-

rity technologies. She has been working at Cisco for more than seven years within the Security Technology Group,

covering different roles as test engineer ﬁrst and TME later.

Plik z chomika:

Inne pliki z tego folderu:

Inne foldery tego chomika: