PKI uncovered : certificate-based security solutions for next-generation networks /
Andre Karamanian, Srinivas Tenneti, Francois Dessart ; technical reviewers, Alex Teichmann, Piotr Jarzynka.
Bok Engelsk 2011 Andre. Karamanian,· Electronic books.
| Medvirkende | |
|---|---|
| Utgitt | Indianapolis, Ind. : : Cisco Press, , c2011
|
| Omfang | 1 online resource (xv, 253 p.) : : ill.
|
| Utgave | 1st edition
|
| Opplysninger | Includes index.. - Title from title screen.. - Cover -- Contents -- Introduction -- Part I: Core Concepts -- Chapter 1 Crypto Refresh -- Confidentiality, Integrity, Authenticity, Nonrepudiation -- Asymmetric Encryption -- Other Crypto Functions -- Internet Key Exchange (IKE) -- Device Configuration: Certificates -- Summary -- Chapter 2 Understanding PKI Building Blocks -- Certificates -- Certification Authority (CA) -- Subordinate Certification Authorities (Sub-CA) -- Registration Authority (RA) -- Endpoint Entities: Users and Devices -- Key and Certificate Storage -- Summary -- Chapter 3 PKI Processes and Procedures -- Enrollment -- Certificate Expiration and Renewal -- Certificate Verification and Enforcement -- PKI Resiliency -- Summary -- Chapter 4 Troubleshooting -- Keying Material Generation -- Enrollment Process -- Certificate Use and Validation -- Troubleshooting Flow Charts -- Summary -- Part II: Design and Solutions -- Chapter 5 Generic PKI Designs -- Basic Design with Flat CA Architecture -- Hierarchical Architecture -- Hierarchical Architecture Without Chaining -- Hierarchical Architecture with Chaining -- Summary -- Chapter 6 Integration in Large-Scale Site-to-Site VPN Solutions -- How Do VPN Technologies Use PKI as a Service? -- IKE Using Digital Certificates -- PKI Design and Leading Practices -- GETVPN PKI Design and Leading Practices -- Summary -- Chapter 7 Integration in Remote Access VPN Solutions -- Cisco IPsec VPN Remote Access -- Cisco VPN Client Using Digital Certificates -- SSL VPN Access -- Troubleshooting the AnyConnect Solution -- Summary -- Chapter 8 Using 802.1X Certificates in Identity-Based Networking -- EAP-TLS: Certificate-Based 802.1x -- Summary -- Chapter 9 PKI in Unified Communications -- PKI Concepts in Cisco UC -- Certificates Distribution -- Applications -- Summary -- Part III: Case Studies -- Chapter 10 Understanding Cisco Virtual Office.. - CVO PKI Highlights -- Summary -- Chapter 11 Deploying VPNs with PKI Using Cisco Security Manager -- Cisco ASA IPsec VPN Remote Access -- Deploying DMVPN Using CSM -- GETVPN Deployment Using CSM -- Summary -- Index.. - The only complete guide to designing, implementing, and supporting state-of-the-art certificate-based identity solutions with PKI Layered approach is designed to help readers with widely diverse backgrounds quickly learn what they need to know Covers the entire PKI project lifecycle, making complex PKI architectures simple to understand and deploy Brings together theory and practice, including on-the-ground implementers' knowledge, insights, best practices, design choices, and troubleshooting details PKI Uncovered brings together all the techniques IT and security professionals need to apply PKI in any environment, no matter how complex or sophisticated. At the same time, it will help them gain a deep understanding of the foundations of certificate-based identity management. Its layered and modular approach helps readers quickly get the information they need to efficiently plan, design, deploy, manage, or troubleshoot any PKI environment. The authors begin by presenting the foundations of PKI, giving readers the theoretical background they need to understand its mechanisms. Next, they move to high-level design considerations, guiding readers in making the choices most suitable for their own environments. The authors share best practices and experiences drawn from production customer deployments of all types. They organize a series of design "modules" into hierarchical models which are then applied to comprehensive solutions. Readers will be introduced to the use of PKI in multiple environments, including Cisco router-based DMVPN, ASA, and 802.1X. The authors also cover recent innovations such as Cisco GET VPN. Throughout, troubleshooting sections help ensure smooth deployments and give readers an even deeper "under-the-hood" understanding of their implementations.
|
| Emner | |
| Sjanger | |
| Dewey | |
| ISBN | 1-283-00157-8. - 1-58705-929-0. - 9786613001573
|
| Hylleplass | QA76.9.A25 K346 2011
|
