Cisco.Press.SSL.Remote.Access.VPNs.pdf

SSL Remote Access VPNs

Jazib Frahim, CCIE No. 5459

Qiang Huang, CCIE No. 4937

Cisco Press

800 East 96th Street

Indianapolis, IN 46240 USA

SSL Remote Access VPNs

Jazib Frahim, Qiang Huang

Published by:

Cisco Press

800 East 96th Street

Indianapolis, IN 46240 USA

or mechanical, including photocopying, recording, or by any information storage and retrieval system, without writ-

ten permission from the publisher, except for the inclusion of brief quotations in a review.

Printed in the United States of America

First Printing June 2008

Library of Congress Catalog Card Number: 2005923483

ISBN-13: 978-1-58705-242-2

ISBN-10: 1-58705-242-3

Warning and Disclaimer

This book is designed to provide information about the Secure Socket Layer (SSL) Virtual Private Network (VPN)

technology on Cisco products. Every effort has been made to make this book as complete and as accurate as possi-

ble, but no warranty or ﬁtness is implied.

The information is provided on an “as is” basis. The authors, Cisco Press, and Cisco Systems, Inc. shall have neither

liability nor responsibility to any person or entity with respect to any loss or damages arising from the information

contained in this book or from the use of the discs or programs that may accompany it.

The opinions expressed in this book belong to the author and are not necessarily those of Cisco Systems, Inc.

Trademark Acknowledgments

All terms mentioned in this book that are known to be trademarks or service marks have been appropriately capital-

ized. Cisco Press or Cisco Systems, Inc., cannot attest to the accuracy of this information. Use of a term in this book

should not be regarded as affecting the validity of any trademark or service mark.

Corporate and Government Sales

The publisher offers excellent discounts on this book when ordered in quantity for bulk purchases or special sales,

which may include electronic versions and/or custom covers and content particular to your business, training goals,

marketing focus, and branding interests. For more information, please contact: U.S. Corporate and Government

Sales 1-800-382-3419 corpsales@pearsontechgroup.com

For sales outside the United States, please contact: International Sales international@pearsoned.com

iii

Feedback Information

At Cisco Press, our goal is to create in-depth technical books of the highest quality and value. Each book is crafted

with care and precision, undergoing rigorous development that involves the unique expertise of members from the

professional technical community.

Readers’ feedback is a natural continuation of this process. If you have any comments regarding how we could

improve the quality of this book, or otherwise alter it to better suit your needs, you can contact us through e-mail at

feedback@ciscopress.com. Please make sure to include the book title and ISBN in your message.

We greatly appreciate your assistance.

Publisher

Paul Boger

Associate Publisher

Dave Dusthimer

Cisco Press Program Manager

Jeff Brady

Executive Editor

Brett Bartow

Managing Editor

Patrick Kanouse

Development Editor

Betsey Henkels

Senior Project Editor

Tonya Simpson

Copy Editor

Written Elegance, Inc.

Technical Editors

Pete Davis, Dave Garneau

Editorial Assistant

Vanessa Evans

Book Designer

Louisa Adair

Composition

Mark Shirar

Indexer

Heather McNeil

Proofreader

Sheri Cain

About the Authors

Jazib Frahim , CCIE No. 5459, has been with Cisco for more than nine years. Having a bachelor’s

degree in computer engineering from Illinois Institute of Technology, he started out as a TAC engineer

in the LAN Switching team. He then moved to the TAC Security team, where he acted as a technical

leader for the security products. He led a team of 20 engineers in resolving complicated security and

VPN technologies. He is currently working as a technical leader in the Worldwide Security Services

Practice of Advanced Services for Network Security. He is responsible for guiding customers in the

design and implementation of their networks with a focus on network security. He holds two CCIEs,

one in routing and switching and the other in security. He has written numerous Cisco online technical

documents and has been an active member on the Cisco online forum NetPro. He has presented at Net-

workers on multiple occasions and has taught many on-site and online courses to Cisco customers, part-

ners, and employees.

He has recently received his master of business administration (MBA) degree from North Carolina State

University. He is also an author of the following Cisco Press books: Cisco Network Admission Control,

Volume II: NAC Deployment and Troubleshooting, and Cisco ASA: All-in-One Firewall, IPS, and VPN

Adaptive Security Appliance .

Qiang Huang, CCIE No. 4937, is a product manager in the Cisco Systems Campus Switch System

Technology Group, focusing on driving the security and intelligent services roadmap for Cisco market-

leading modular Ethernet switching platforms. He has been with Cisco for almost ten years. During his

time at Cisco, Qiang played an important role in a number of technology groups including the follow-

ing: technical lead in the Cisco TAC security and VPN team, where he was responsible for troubleshoot-

ing complicated customer deployments in security and VPN solutions; a security consulting engineer in

the Cisco Advanced Service Group, providing security posture assessment and consulting services to

customers; a technical marketing engineer focusing on competitive analysis and market intelligence in

network security with specialization in the emerging SSL VPN technology. Qiang has extensive knowl-

edge of security and VPN technologies and experience in real-life customer deployments. Qiang holds

CCIE certiﬁcations in routing and switching, security, and ISP dial. He is also one of the contributing

authors of Internetworking Technologies Handbook, Fourth Edition. Qiang received a master’s degree in

electrical engineering from Colorado State University.

Plik z chomika:

Inne pliki z tego folderu:

Inne foldery tego chomika: