Access to a computer system or the internet requires the transfer of data to gain "entry" and is subject to a host of security breaches. The safest way to access any system is to have a secure login name and password. But when your connection is suspect using that login information can be like opening the door to anyone.
SpinSafe
Secure Remote Access
Computer Security
Internet Security
Personal Security
Cisco Security Agent
Product Description
Prevent security breaches by protecting endpoint systems with Cisco Security Agent, the Cisco host Intrusion Prevention System Secure your endpoint systems with host IPS Build and manipulate policies for the systems you wish to protect Learn how to use groups and hosts in the Cisco Security Agent architecture and how the components are related Install local agent components on various operating systems Explore the event database on the management system to vi… More >>
Reader's Comments
The technologies of computer security are based on logic. As security is not necessarily the primary goal of most computer applications, designing a program with security in mind often imposes restrictions on that program's behavior.
Security Resource Links
Personal VPN
Secure Web Hosting
As an endpoint protection solution, Cisco Security agent was a timely product, when it was released 2003, for being one of the industry’s first behavior based host protection solution and thus offering some hope of protection against the widely feared zero-day attack scenario. While the product is considered a great tool, its proper deployment in an enterprise is non-trivial. Hence the value of a book like Cisco Security Agent : Prevent security breaches by protecting endpoint systems with Cisco Security Agent(CSA) , the Cisco host Intrusion Prevention System.
While the books organization is not quit elegant (it leaves the planning and implementation process to the last part while address advanced concepts earlier on), its comprehensive content on the subject makes it a useful book all the same. The seven part book makes the case for Cisco Security Agent (or any endpoint security solution for that matter) in the first part, addresses the CSA architecture in the second and describes the agent installation as well as issues with the local agent in the third. Monitoring and reporting was handled in fourth part while the fifth part addresses CSA analysis in deployment. The author developed policies, implementation and CSA maintenance in part six while the last part (appendixes) addresses integration with other Cisco technologies.
Chad’s narrative while pedestrian provides ample guidance and example to appeal to an enterprise security administrator in a concise manner thereby compressing what could potentially have been a 1000 page manual into a less than 450 pages. Also the overall style of the presentation bellies Chad’s breadth of experience as a network security subject matter expert.
Given the state of enterprise information systems security today, a typical enterprise will need a combination of tools to achieve a secure pasture and this book by Chad Sullivan as well as the Cisco NAC appliance book he helped co-write are very useful guides for organizations planning to develop or deploy a robust and holistic end-point control solutions. While the book is dated (2005), I’ll still recommend it as a buy (even though I expect an update in the near future).
Rating: 3 / 5
If you have been tasked with learning CSA configuration, management and deployment, this is a great still a great resource. I do have to say that it is very out of date. This book uses CSA 4.5 and there have been two other versions since that time. CSA 6 is the latest version and is where the most changes took place. The theory behind the book and architecture is still sound. The book is a valuable resource, but the reader needs to know that they cannot take all statements in the book at face value. Some parts reference retired or discontinued Cisco products, so when reading this book please double-check everything! If you are a new administrator this book alone will not be sufficient, you will need to work with a trainer or someone who has already configured and managed this product. As an example, Whitelists, Blacklists, Learn Mode, etc. are new in CSA 6 and not present in the book at all. Rule actions were added to and even changed drastically for some rules. Many changes were made to configuration options and navigation options on the MC. It’s a great book and still 80 or 90% accurate, but that’s a lot of product information missing or changed especially when you’re talking about a Cisco product!
Rating: 3 / 5
I used this book to prepare for Cisco HIPS exam (which I passed). Even though it is bit outdated, it covers the product pretty well. The book starts with end point security bascis, then move into CSA building blocks, installation, configuration, monitoring, analyzingas and ends with CSA administration and maintainence. The book is well written, specially chapters 3, 4 and 5 really help in understanding the basic concepts.I would recommend it to anyone who wants to understand CSA or is preparing for the Cisco HIPS exam. I would also recommend “Advanced Hospt Intrusion Prevention with CSA” and “User Management Guide for CSA” from Cisco’s website (a free download).
Rating: 4 / 5
This covers most if not all of the basics. Not very in depth when it comes to more complex scenarios.
Overall, I would recommend it for those interested in learning about CSA, and typical day to day activities.
Rating: 4 / 5