SSL Remote Access VPNs (Network Security)

This document was uploaded by one of our users. The uploader already confirmed that they had the permission to publish it. If you are author/publisher or own the copyright of this documents, please report to us by using this DMCA report form.

Simply click on the Download Book button.

Yes, Book downloads on Ebookily are 100% Free.

Sometimes the book is free on Amazon As well, so go ahead and hit "Search on Amazon"

SSL Remote Access VPNs Jazib Frahim, CCIE No. 5459 Qiang Huang, CCIE No. 4937 Right in the middle of a pretty big SSL VPN roll out here at my place of employment, Cisco Press released SSL Remote Access VPNs. They couldn't have had better timing, as there was a good deal I was still confused about. First, let me get this clear from the start: I hate ASDM. It has its uses, like monitoring. The traffic and VPN monitoring interfaces are wonderful. However, as far as configuration goes, the command-line is preferable. That being said, 95% of this book, including configuration, revolves around ASDM. The first chapter explains remote access VPNs, which should be pretty familiar to anyone with IPSec VPN experience. Nothing new here, but certainly a good refresher and a good way to build context for the rest of the book. The next couple chapters focus on SSL VPN technology, as well as SSL VPN design considerations. Definitely a nice review, considering SSL is certainly not a new technology, but building high encryption VPNs using SSL certainly is. Chapter 4 is just an overview of ASA appliances and IOS routers and their SSL VPN capabilities. It's only a few pages, so it's not exactly deep reading, but useful nonetheless. Next is a chapter on SSL VPN on the ASA. Probably the best part of the book, it mostly focuses on clientless SSL VPN. It has a (too short) section on configuring the AnyConnect client. This is the part that I personally found the most useful, which is why I was disappointed that it was so short. Also included are Dynamic Access Policies (DAP), and a couple of deployment scenarios. The next chapter is on SSL VPN on IOS routers. I have to admit, I only skimmed this chapter, as it just wasn't relevant to my deployment. But from what I could tell, it was just as thorough as the previous chapter, and possibly more so. It also included most of the SDM configuration in CLI form as well, and I have to wonder why the ASA chapter didn't have more CLI in it as well. Finally, there is a short chapter on SSL VPN management. This chapter basically just shows you some of the monitoring interface in ASDM. Sadly, nothing in the way of CLI, but that's a pretty recurring theme in this book. In conclusion, I would have to say this book is certainly worth picking up if you're planning on doing an SSL VPN roll out any time soon. The only real issue I had with the book was what I've already mentioned a few times, and that is the lack of CLI. I realize Cisco is really pushing SDM and ASDM, but they need to understand that network engineers are -not- point and click kind of people. Leave that to the MCSEs! ;) - Chris

Author(s): Qiang Huang, Jazib Frahim
Series: Network Security
Edition: 1
Publisher: Cisco Press
Year: 2008

Language: English
Pages: 369