作者:Jeff Sedayao
出版日期:June 7, 2001
出版社:O'Reilly
页数:272
ISBN:ISBN-10: 1565923855 ISBN-13: 978-1565923850
文件格式:PDF
Review
Cisco IOS Access Lists takes a methodical approach to accesslists and their capabilities, and is ideal for administrators of Ciscoequipment who have configured access lists before but feel as ifthey’re not taking full advantage of their capabilities (which, authorJeff Sedayao proves, extend well beyond security). Much of what Sedayaohas written is of a “policy engineering” nature, is not strictlyfocused on Cisco’s Internetwork Operating System (IOS), and hasrelevance to administrators of all sorts of access control equipment.There’s emphasis on traffic minimization as well as security, as asection on using access lists to keep routing updates off stub networksexemplifies.
Like many books in the blue system-administration series, this oneincludes a lot of explanations of what each capability is for, and howeach fits with other parts of the system. A lot of times, thesesections include conceptual diagrams that show routes of communicationand the desired access policies. Then come excerpts from real accesslists (Sedayao focuses on IOS 10 and later) and, often, commentary onwhat the interesting lines of the lists are doing. It’s a great way toteach people who have the ability and desire to experiment. Engineers,after all, typically like to learn by doing. –David Wall
Topics covered: The capabilities and limitations ofaccess lists under the Cisco Internetwork Operating System (IOS) andother similar routing and access-control environments. Access policies(with emphasis on packet filtering), routing policies (via routefiltering and route maps), and the details of Border Gateway Protocol(BGP) pertaining to access lists are all covered.
Product Description
Cisco routers are used widely both on the Internet and in corporateIntranets. At the same time, the Cisco Internet Operating System (IOS)has grown to be very large and complex, and Cisco documentation fillsseveral volumes. Cisco IOS Access Listsfocuses on a critical aspect of the Cisco IOS–access lists. Accesslists are central to the task of securing routers and networks, andadministrators can’t implement access control policies or trafficrouting policies without them. Access lists are used to specify boththe targets of network policies and the policies themselves. Theyspecify packet filtering for firewalls all over the Internet. The bookcovers three critical areas: intranets (or corporate networks),firewalls, and the Internet. This book differs from other Cisco routertitles in that it focuses on practical instructions for setting routeraccess policies. The details of interfaces and routing protocolsettings are not discussed.