Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Learning Hub

Free Learning

You're reading from CCNA Security 210-260 Certification Guide Build your knowledge of network security and pass your CCNA Security exam (210-260)

Product type Paperback

Published in Jun 2018

Publisher Packt

ISBN-13 9781787128873

Length 518 pages

Edition 1st Edition

Tools

Cisco

Concepts

IT Certification

Authors (3):

Glen D. Singh

Vijay Anandh

Michael Vinod

View More author details

Table of Contents (19) Chapters

Preface

1. Exploring Security Threats FREE CHAPTER

2. Delving into Security Toolkits

3. Understanding Security Policies

4. Deep Diving into Cryptography

5. Implementing the AAA Framework

6. Securing the Control and Management Planes

7. Protecting Layer 2 Protocols

8. Protecting the Switch Infrastructure

9. Exploring Firewall Technologies

10. Cisco ASA

11. Advanced ASA Configuration

12. Configuring Zone-Based Firewalls

13. IPSec – The Protocol that Drives VPN

14. Configuring a Site-to-Site VPN

15. Configuring a Remote-Access VPN

16. Working with IPS

17. Application and Endpoint Security

18. Other Books You May Enjoy

Leave a review - let other readers know what you think

Firewalls in a layered defense strategy

In a layered defense strategy, firewalls provide perimeter security for the entire network and for internal network segments in the core. They can be used on separate VLAN segments. They can be used to separate the internal networks, separating one segment from the rest of the segments:

Several firewalls are used with several layers incorporated in them. Let's understand this process.

When the traffic flows in from an untrusted network, it encounters packet filter on the external router. In the next phase, the traffic steps into either a screened host firewall or a bastion host system. Then this system checks whether there are any suspicious packets, if yes, then it would get discarded. If the packet is not rejected then it would go to the interior screening router. After crossing all these checks, the packet travels to the final destination...

The rest of the chapter is locked

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at $19.99/month. Cancel anytime

Authors (3)

Glen D. Singh

Glen D. Singh is a cybersecurity author, educator and SecOps professional. His areas of expertise are cybersecurity operations, offensive security tactics and techniques, and enterprise networking. He holds a Master of Science (MSc) in cybersecurity and many industry certifications from top awarding bodies such as EC-Council, Cisco, and Check Point. Glen loves teaching and mentoring others while sharing his wealth of knowledge and experience as an author. He has written many books, which focus on vulnerability discovery and exploitation, threat detection, intrusion analysis, incident response, network security, and enterprise networking. As an aspiring game changer, Glen is passionate about increasing cybersecurity awareness in his homeland, Trinidad and Tobago.

See other products by Glen D. Singh

Anandh

Vijay Anandh is an IT consultant and public speaker specializing in Cisco routing and switching, security, and F5 load balancer technologies. He has 9 years of combined experience as a training consultant and network architect.

See other products by Anandh

Vinod

Michael Vinod is a freelance IT trainer and consultant specializing in Cisco routing, switching, and security technologies. He has expertise in the field of networking, with close to 3 years of field experience and 7 years of experience, as a Cisco training consultant. He has a passion for training individuals on Cisco technologies and has received accolades from various clients.

See other products by Vinod