CCSP SelfStudy CCSP CSI: Exam Certification Guide, Second Edition [Electronic resources] نسخه متنی

Sketch a network design for this company based on the information provided.

See Figure 21-6 for a network drawing.

NOTE

An alternative to the solution shown in Figure 21-6 is to replace the PIX Firewall with a Cisco IOS Firewall router.

Company XYZ has 10 salespeople on staff who require network access to company resources from time to time while in the field. How can this be best achieved?

Because the PIX Firewall is capable of supporting remote-access IPSec VPNs enabling this form of connectivity on the PIX Firewall is the easiest way to accommodate the remote-access requirements of the salespeople. Sales staff would then require only the installation of the Cisco Secure VPN software client on their PCs and Internet connectivity to establish a secure link to the corporate resources.

The network administrator at Company XYZ is concerned about the integrity of the corporate servers from potential attacks. How best can you alleviate her concerns?

By the use of a host-based IPS, the network administrator can monitor and protect the corporate servers from attack. Additionally, all servers would still need to be kept up to date with all relevant software patches and antivirus software.