鸿鹄论坛 › Cisco安全 › 思科ASA动手实验操作指南（中文版PDF）

小乔 发表于 2014-7-16 13:22:55

思科ASA动手实验操作指南（中文版PDF）

目录
一 测试拓扑图...............................................................................................................................5
二基础部分...................................................................................................................................6
1 Image从7.x 升级到8.x / ASDM 5.x升级到6.x............................................................6
2 通过ASDM 登陆设备（10.1.X.0/24）............................................................................8
3 syslog.................................................................................................................................15
4 通过telnet/ssh 访问ASA...............................................................................................19
4.1 telnet........................................................................................................................19
4.2 ssh............................................................................................................................21
5 设置ASA接口..................................................................................................................25
6 设置静态路由....................................................................................................................32
7 设置NAT...........................................................................................................................33
7.1设置PAT.................................................................................................................33
7.2静态NAT.................................................................................................................36
8 定义安全策略....................................................................................................................38
9 透明模式............................................................................................................................40
9.1 设置透明模式.........................................................................................................40
9.2 透明模式下的NAT................................................................................................41
Pool 中的IP为211.101.2. X( 请参考 POD ID)....................................................41
10 Dynamic Threat-detection 动态威胁检测（三大特性）.........................................44
10.1 basic threat detection..........................................................................................44
10.2 scanning threat detection................................................................................44
10.3 scanning threat statistics.................................................................................44
10 应用层协议检测............................................................................................................49
10.1 过滤long URL....................................................................................................49
10.2 通过QOS对应用进行限速................................................................................55
10.3 对应用程序命令进行过滤...................................................................................59
11 对HTTP进行应用过滤..................................................................................................62
11.1 Filtering Java Applets .........................................................................................62
11.2 filter activeX..........................................................................................................65
11.4 基于表达式过滤URL..........................................................................................67
三高级部分.................................................................................................................................80
1 ssl/vpn................................................................................................................................80
1.1 Cisco AnyConnect............................................................................................80
1.2 clienless vpn......................................................................................................92
1.3 thin-client(port-forwarding) vpn ....................................................................108
2 安全桌面.......................................................................................................................... 113
3 主机扫描..........................................................................................................................124
四AIP-SSM 模块测试..............................................................................................................128
1 准备 HTTPS 的登陆...................................................................................................128
2设置AIP-SSM 的promiscous 模式.............................................................................134
2.1 设置AIP-SSM 的promiscous 模式.................................................................134
2.2定义AIP-SSM 和ASA5500的联动..................................................................138
3 ASA AIP 模块Inline 模式.............................................................................................142
3.1牵引流量................................................................................................................142
对Signature 6202 进行行为控制...............................................................................144
4自定义策略和签名.........................................................................................................145
5异常流量检测功能...........................................................................................................149
6 OS 水印识别功能...........................................................................................................151
7 Capturing 即时流量........................................................................................................152
8 SNMP and Syslog...........................................................................................................153
8.1 SNMP....................................................................................................................153
8.2 Syslog....................................................................................................................154
五MARS....................................................................................................................................155
六选作部分...............................................................................................................................177
1 High-Availability...............................................................................................................177
1.1 active/standby ......................................................................................................177
1.2 active/active..........................................................................................................179
2 multi-context 模式（选做）...........................................................................................184


**** Hidden Message *****

allexy_liq 发表于 2014-7-16 13:27:27

{:6_267:}

whale- 发表于 2014-7-16 13:32:37

{:6_263:}

whale- 发表于 2014-7-16 13:32:45

{:6_263:}{:6_263:}{:6_263:}

zslcumt2005 发表于 2014-7-16 13:42:59

{:6_267:}

fendou2011 发表于 2014-7-16 14:57:14

顶顶顶顶顶顶顶顶顶顶

zht88 发表于 2014-7-16 16:00:58

{:6_268:}

zht88 发表于 2014-7-16 16:01:12

{:6_268:}{:6_268:}

gdsunlong 发表于 2014-7-16 16:18:08

顶顶顶顶顶顶顶顶顶顶顶顶顶

邵老板 发表于 2014-7-16 16:43:28

{:6_267:}

fate3008 发表于 2014-7-16 17:00:59

:handshake

fate3008 发表于 2014-7-16 17:02:14

:handshake

gs667788 发表于 2014-7-16 17:28:55

{:6_267:}{:6_267:}{:6_290:}

tsrjly 发表于 2014-7-16 17:35:56

{:6_264:}

ran88888 发表于 2014-7-16 18:40:35

思科ASA动手实验操作指南（中文版PDF）

查看完整版本: 思科ASA动手实验操作指南（中文版PDF）