CCIE Sec Lab Diary
Relevance = 5
I read this for the written.
A good book for CSA itself and for the written but of little use for the Lab.
* CCIE Practical Studies: Security (CCIE Self-Study) (Bokotey, Mason, Morrow, ISBN# 1587051109)
Relevance = 8
While based on the 1.0 blueprint and older PIX software in particular it's still a good book for what it covers, and a very good compilation of Router/Switch security data.
* CCIE Security Exam Certification Guide (CCIE Self-Study), 2nd Ed (Benjamin, ISBN: 1587201356)
Relevance = 5
A decent start book for the Written it doesn't have enough detail on it's own for that exam and definitely not for the Lab
* CCIE Security Practice Labs (CCIE Self-Study) (Bhaiji, ISBN# 1587051346)
I haven't been through this one, and probably won't since it was easier to work with the IPexpert/IEWB workbooks. I don't have enough home lab equipment to do this one justice.
* CCSP IPS Exam Certification Guide (Carter, ISBN# 1587201461)
Relevance = 8
Probably your single best source of IPS info. (short of the Docs).
* CCIE Practical Studies: Security (CCIE Self-Study) (Bokotey, Mason, Morrow, ISBN# 1587051109)
Relevance = 8
While based on the 1.0 blueprint and older PIX software in particular it's still a good book for what it covers, and a very good compilation of Router/Switch security data.
* CCIE Security Exam Certification Guide (CCIE Self-Study), 2nd Ed (Benjamin, ISBN: 1587201356)
Relevance = 5
A decent start book for the Written it doesn't have enough detail on it's own for that exam and definitely not for the Lab
* CCIE Security Practice Labs (CCIE Self-Study) (Bhaiji, ISBN# 1587051346)
I haven't been through this one, and probably won't since it was easier to work with the IPexpert/IEWB workbooks. I don't have enough home lab equipment to do this one justice.
* CCSP IPS Exam Certification Guide (Carter, ISBN# 1587201461)
Relevance = 8
Probably your single best source of IPS info. (short of the Docs).
A decent if very dry book, unfortunately there's nothing more detailed out there.
* Cisco Access Control Security: AAA Administration Services (Carroll, ISBN# 1587051249)
Relevance = 7
The best ACS Server source but it covers a lot more than you can realistically need for the lab. Also I would have liked more examples and dual configs of everything where differences lie between Radius and TACACS+ for certain functions.
* Cisco ASA: All-in-One Firewall, IPS, and VPN Adaptive Security Appliance (ISBN# 1587052091)
Relevance = 8
A very good ASA book in general but the last 25% or so covers the ASDM, which in real life is not bad to have but for the lab it's wasted. Also it could have gone into more detail in some areas.
* Cisco ASA and PIX Firewall Handbook (Hucaby, ISBN# 1587051583)
Relevance = 9
Probably the best real-world book for the PIX/ASA. It doesn't cover the add on modules as well as the ASA All-in-one (above) but always includes the configs for 6.x up for each example. The 2nd edition is the one to get as MPF structure changed a great deal between 7.01 (which the first edition covers) 7.2 + (Which the 2nd edition covers). It is the single best source for MPF I've seen.
You wouldn't absolutely need the ASA All-in-one aswell as this one, but again to cover the expansion modules a bit better it helps.
* Cisco Network Security Troubleshooting Handbook (Hoda, ISBN# 1587051893)
Relevance = 10
An absolute essential for the Lab (and very good for the written). Great depth on configuration and troubleshooting almost all core network security technologies
* Cisco Router Firewall Security (Deal, ISBN# 1587051753)
Relevance = 9
The single best source for Router security. I love Richard Deals writing style and the content.
* Cisco Security Agent (Sullivan, ISBN# 1587052059)
Relevance = 3
Another I read for the written that doesn't have an awful lot of use on the lab
* Comparing, Designing, and Deploying VPNs (Lewis, ISBN# 1587051796)
Relevance = 3
A good book in it's own right but it covers MPLS and other technologies that you don't need. The IPsec section is just too short is covered in more detail in other books on this list. If you read the other more relevant VPN guides here you can ignore this one (imho)
* Designing Network Security, Second Edition (Kaeo, ISBN# 1587051176)
Haven't read it yet
* Intrusion Prevention Fundamentals (Carter, Hogue, ISBN# 1587052393)
Relevance = 2
I read this for the CCSP IPS exam and even for that it wasn't great. Co-Authored by the same guy who wrote the exam guide there's not much you'll get from this that you won't (and more) from the exam guide. Worth a read if you're completely new to IDS/IPS technology in general but that's it.
* IPSec VPN Design (Bollapragada, Khalid, Wainner, ISBN# 1587051117)
Haven't read it yet.
* Network Security Architectures (Convery, ISBN# 158705115X)
I read this a few years back and haven't a strong enough memory of it to fairly rate it.
* Network Security Fundamentals (De Laet, Schauwers, ISBN# 1587051672)
Relevance = 4
A good intro guide, I read this one for the CCSP SND exam. Too basic for the CCIE Sec. though. Worth a read if you haven't been through it before, it just doesn't have a lot of depth.
* Network Security Principles and Practices (Malik, ISBN# 1587050250)
Haven't read it yet
* Penetration Testing and Network Defense (Newman, Whitaker, ISBN# 1587052083)
Haven't read it yet
* Routing TCP/IP, Volume I, Second Edition (Carroll, Doyle, ISBN# 1587052024)
Relevance = 7
A very good R&S book, and a bible to many. While you do need a good understanding of R&S, certainly better than CCSP level this one goes into more than you will need. Worth a read and definitely use it to get the foundations down for Redistribution, filtering routes and the basics of BGP but don't kill yourself trying to memorize the whole thing.
* Routing TCP/IP, Volume 2 (Doyle, DeHaven Carroll, ISBN# 1578700892)
Haven't read it yet.
* Securing Your Business with Cisco ASA and PIX Firewalls (Abelar, ISBN# 158705214
Relevance = 1
If you were new to the PIX/ASA and needed to configure one quickly then this would be for you....BUT... it's all based on the ASDM so completely useless for the Lab.
* The Complete Cisco VPN Configuration Guide (Deal, ISBN# 1587052040)
Relevance = 9
To me this is your Cisco VPN 'Desert Island' book. It covers VPNs across all appliance types, in excellent detail and with Deal's usual great and easy style.
* Troubleshooting Virtual Private Networks (VPN) (Lewis, ISBN# 1587051044)
Relevance = 7
A good book but it scores lower because it covers a great deal more than the blueprint topics. The relevant sections are worth a read though but it's all covered in the other titles I've listed.
* Troubleshooting IP Routing Protocols (Aziz, Liu, Martey, Shamim, ISBN# 1587050196)
Relevance = 7
An excellent book, it covers exactly what you'd expect from the title. It only scores a 7 as the depth of routing is a bit beyond what you need for the lab. Still I recommend a read, and it's well worth keeping for real-world stuff.
* Router Security Strategies: Securing IP Network Traffic Planes (Schudel, Smith, ISBN# 1587053365)
Relevance 6
I actually read this after the lab, I'm only adding this now as I was editing some of the ones above and spotted it here. It's a superb book on how to defend the Router itself. Gregg Schudel is Cisco's god of CoPP, if you've read any CoPP or CPPr whitepapers chances are he authored them. But Control Plane protection is not heavily covered in the lab. Still for real world I'd add this to the essential list.
* Cisco Access Control Security: AAA Administration Services (Carroll, ISBN# 1587051249)
Relevance = 7
The best ACS Server source but it covers a lot more than you can realistically need for the lab. Also I would have liked more examples and dual configs of everything where differences lie between Radius and TACACS+ for certain functions.
* Cisco ASA: All-in-One Firewall, IPS, and VPN Adaptive Security Appliance (ISBN# 1587052091)
Relevance = 8
A very good ASA book in general but the last 25% or so covers the ASDM, which in real life is not bad to have but for the lab it's wasted. Also it could have gone into more detail in some areas.
* Cisco ASA and PIX Firewall Handbook (Hucaby, ISBN# 1587051583)
Relevance = 9
Probably the best real-world book for the PIX/ASA. It doesn't cover the add on modules as well as the ASA All-in-one (above) but always includes the configs for 6.x up for each example. The 2nd edition is the one to get as MPF structure changed a great deal between 7.01 (which the first edition covers) 7.2 + (Which the 2nd edition covers). It is the single best source for MPF I've seen.
You wouldn't absolutely need the ASA All-in-one aswell as this one, but again to cover the expansion modules a bit better it helps.
* Cisco Network Security Troubleshooting Handbook (Hoda, ISBN# 1587051893)
Relevance = 10
An absolute essential for the Lab (and very good for the written). Great depth on configuration and troubleshooting almost all core network security technologies
* Cisco Router Firewall Security (Deal, ISBN# 1587051753)
Relevance = 9
The single best source for Router security. I love Richard Deals writing style and the content.
* Cisco Security Agent (Sullivan, ISBN# 1587052059)
Relevance = 3
Another I read for the written that doesn't have an awful lot of use on the lab
* Comparing, Designing, and Deploying VPNs (Lewis, ISBN# 1587051796)
Relevance = 3
A good book in it's own right but it covers MPLS and other technologies that you don't need. The IPsec section is just too short is covered in more detail in other books on this list. If you read the other more relevant VPN guides here you can ignore this one (imho)
* Designing Network Security, Second Edition (Kaeo, ISBN# 1587051176)
Haven't read it yet
* Intrusion Prevention Fundamentals (Carter, Hogue, ISBN# 1587052393)
Relevance = 2
I read this for the CCSP IPS exam and even for that it wasn't great. Co-Authored by the same guy who wrote the exam guide there's not much you'll get from this that you won't (and more) from the exam guide. Worth a read if you're completely new to IDS/IPS technology in general but that's it.
* IPSec VPN Design (Bollapragada, Khalid, Wainner, ISBN# 1587051117)
Haven't read it yet.
* Network Security Architectures (Convery, ISBN# 158705115X)
I read this a few years back and haven't a strong enough memory of it to fairly rate it.
* Network Security Fundamentals (De Laet, Schauwers, ISBN# 1587051672)
Relevance = 4
A good intro guide, I read this one for the CCSP SND exam. Too basic for the CCIE Sec. though. Worth a read if you haven't been through it before, it just doesn't have a lot of depth.
* Network Security Principles and Practices (Malik, ISBN# 1587050250)
Haven't read it yet
* Penetration Testing and Network Defense (Newman, Whitaker, ISBN# 1587052083)
Haven't read it yet
* Routing TCP/IP, Volume I, Second Edition (Carroll, Doyle, ISBN# 1587052024)
Relevance = 7
A very good R&S book, and a bible to many. While you do need a good understanding of R&S, certainly better than CCSP level this one goes into more than you will need. Worth a read and definitely use it to get the foundations down for Redistribution, filtering routes and the basics of BGP but don't kill yourself trying to memorize the whole thing.
* Routing TCP/IP, Volume 2 (Doyle, DeHaven Carroll, ISBN# 1578700892)
Haven't read it yet.
* Securing Your Business with Cisco ASA and PIX Firewalls (Abelar, ISBN# 158705214
Relevance = 1
If you were new to the PIX/ASA and needed to configure one quickly then this would be for you....BUT... it's all based on the ASDM so completely useless for the Lab.
* The Complete Cisco VPN Configuration Guide (Deal, ISBN# 1587052040)
Relevance = 9
To me this is your Cisco VPN 'Desert Island' book. It covers VPNs across all appliance types, in excellent detail and with Deal's usual great and easy style.
* Troubleshooting Virtual Private Networks (VPN) (Lewis, ISBN# 1587051044)
Relevance = 7
A good book but it scores lower because it covers a great deal more than the blueprint topics. The relevant sections are worth a read though but it's all covered in the other titles I've listed.
* Troubleshooting IP Routing Protocols (Aziz, Liu, Martey, Shamim, ISBN# 1587050196)
Relevance = 7
An excellent book, it covers exactly what you'd expect from the title. It only scores a 7 as the depth of routing is a bit beyond what you need for the lab. Still I recommend a read, and it's well worth keeping for real-world stuff.
* Router Security Strategies: Securing IP Network Traffic Planes (Schudel, Smith, ISBN# 1587053365)
Relevance 6
I actually read this after the lab, I'm only adding this now as I was editing some of the ones above and spotted it here. It's a superb book on how to defend the Router itself. Gregg Schudel is Cisco's god of CoPP, if you've read any CoPP or CPPr whitepapers chances are he authored them. But Control Plane protection is not heavily covered in the lab. Still for real world I'd add this to the essential list.
Nice analysis dear.... I am happy to know that someone has analyzed the book so that it would be helpful for further studies...
ReplyDeletethanks a lot