Atnaujinkite slapukų nuostatas

El. knyga: Email Security with Cisco IronPort

3.88/5 (16 ratings by Goodreads)
  • Formatas: 576 pages
  • Išleidimo metai: 09-Apr-2012
  • Leidėjas: Cisco Press
  • Kalba: eng
  • ISBN-13: 9780132730709
Kitos knygos pagal šią temą:
Email Security with Cisco IronPortDidesnis paveikslėlis
  • Formatas: 576 pages
  • Išleidimo metai: 09-Apr-2012
  • Leidėjas: Cisco Press
  • Kalba: eng
  • ISBN-13: 9780132730709
Kitos knygos pagal šią temą:

DRM apribojimai

  • Kopijuoti:

    neleidžiama

  • Spausdinti:

    neleidžiama

  • El. knygos naudojimas:

    Skaitmeninių teisių valdymas (DRM)
    Leidykla pateikė šią knygą šifruota forma, o tai reiškia, kad norint ją atrakinti ir perskaityti reikia įdiegti nemokamą programinę įrangą. Norint skaityti šią el. knygą, turite susikurti Adobe ID . Daugiau informacijos  čia. El. knygą galima atsisiųsti į 6 įrenginius (vienas vartotojas su tuo pačiu Adobe ID).

    Reikalinga programinė įranga
    Norint skaityti šią el. knygą mobiliajame įrenginyje (telefone ar planšetiniame kompiuteryje), turite įdiegti šią nemokamą programėlę: PocketBook Reader (iOS / Android)

    Norint skaityti šią el. knygą asmeniniame arba „Mac“ kompiuteryje, Jums reikalinga  Adobe Digital Editions “ (tai nemokama programa, specialiai sukurta el. knygoms. Tai nėra tas pats, kas „Adobe Reader“, kurią tikriausiai jau turite savo kompiuteryje.)

    Negalite skaityti šios el. knygos naudodami „Amazon Kindle“.

Email Security with Cisco IronPort thoroughly illuminates the security and performance challenges associated with todays messaging environments and shows you how to systematically anticipate and respond to them using Ciscos IronPort Email Security Appliance (ESA). Going far beyond any IronPort user guide, leading Cisco expert Chris Porter shows you how to use IronPort to construct a robust, secure, high-performance email architecture that can resist future attacks.

 

Email Security with Cisco IronPortpresents specific, proven architecture recommendations for deploying IronPort ESAs in diverse environments to optimize reliability and automatically handle failure. The author offers specific recipes for solving a wide range of messaging security problems, and he demonstrates how to use both basic and advanced features-including several hidden and undocumented commands.

 

The author addresses issues ranging from directory integration to performance monitoring and optimization, and he offers powerful insights into often-ignored email security issues, such as preventing bounce blowback. Throughout, he illustrates his solutions with detailed examples demonstrating how to control ESA configuration through each available interface.

Chris Porter,Technical Solutions Architect at Cisco, focuses on the technical aspects of Cisco IronPort customer engagements. He has more than 12 years of experience in applications, computing, and security in finance, government, Fortune® 1000, entertainment, and higher education markets.

 

·Understand how the Cisco IronPort ESA addresses the key challenges of email security

·Select the best network deployment model for your environment, and walk through successful installation and configuration

·Configure and optimize Cisco IronPort ESAs powerful security, message, and content filtering

·Understand the email pipeline so you can take full advantage of itand troubleshoot problems if they occur

·Efficiently control Cisco IronPort ESA through its Web User Interface (WUI) and command-line interface (CLI)

·Implement reporting, monitoring, logging, and file management

·Integrate Cisco IronPort ESA and your mail policies with LDAP directories such as Microsoft Active Directory

·Automate and simplify email security administration

·Deploy multiple Cisco IronPort ESAs and advanced network configurations

·Prepare for emerging shifts in enterprise email usage and new security challenges

This security book is part of the Cisco Press® Networking Technology Series. Security titles from Cisco Press help networking professionals secure critical data and resources, prevent and mitigate network attacks, and build end-to-end self-defending networks.

 

 
Introduction xxiii
Chapter 1 Introduction to Email Security
1(28)
Overview of Cisco IronPort Email Security Appliance (ESA)
1(3)
AsyncOS
3(1)
Security Management Appliances (SMA)
3(1)
History of AsyncOS Versions
4(2)
Software Features
5(1)
Email Security Landscape
6(3)
Email Spam
6(1)
Viruses and Malware
7(1)
Protecting Intellectual Property and Preventing Data Loss
8(1)
Other Email Security Threats
9(1)
Simple Mail Transfer Protocol (SMTP)
9(18)
SMTP Commands
14(1)
ESMTP Service Extensions
15(1)
SMTP Message Headers and Body
16(1)
Envelope Sender and Recipients
17(1)
Transmitting Binary Data
18(2)
MIME Types
20(1)
Character Sets
21(1)
Domain Name Service (DNS) and DNS MX Records in IPv4 and IPv6
22(1)
Message Transfer Agents (MTA)
23(1)
Abuse of SMTP
24(1)
Relaying Mail and Open Relays
24(1)
Bounces, Bounce Storms, and Misdirected Bounces
25(1)
Directory Harvest Attacks
26(1)
Summary
27(2)
Chapter 2 ESA Product Basics
29(30)
Hardware Overview
29(2)
2U Enterprise Models
30(1)
1U Enterprise Models
31(1)
Selecting a Model
31(1)
Basic Setup via the WUI System Setup Wizard
31(12)
Connecting to the ESA for the First Time
31(1)
Running the System Setup Wizard
32(6)
Reconnecting to the WUI
38(1)
LDAP Wizard and Next Steps
39(2)
Examining the Basic Configuration
41(1)
Next Steps
41(1)
Setup Summary
42(1)
Networking Deployment Models
43(9)
Interfaces, Routing, and Virtual Gateways
43(4)
Single Versus Multinetwork Deployment
47(1)
Routing on Multinetwork Deployments
48(1)
DNS Concerns
49(1)
Firewall Rules
50(1)
Securing Network Interfaces
51(1)
Security Filtering Features
52(6)
SenderBase and Reputation Filters
53(1)
IronPort Anti-Spam
54(1)
Antivirus Features
55(3)
Summary
58(1)
Chapter 3 ESA Email Pipeline
59(28)
ESA Pipeline
59(11)
Listeners
61(2)
Host Access Table (HAT) and Reputation Filters
63(2)
Rate Limiting with Mail Flow Policies
65(2)
DNS and Envelope Checks
67(1)
Sender Authentication
67(1)
Recipient Access Table and LDAP Accept
67(3)
Recipient and Sender Manipulation
70(2)
Default Domain, Domain Map, and Aliases
70(1)
Masquerading
71(1)
LDAP Operations
72(1)
LDAP Accept
72(1)
LDAP Routing and Masquerading
73(1)
Groups
73(1)
Work Queue and Filtering Engines
73(6)
Work Queue Overview
74(1)
Incoming and Outgoing Mail Policies
74(1)
Message Filters
75(1)
Anti-Spam Engine
75(1)
Antivirus Engines
76(1)
Content Filtering
77(1)
Virus Outbreak Filters
78(1)
DLP and Encryption
78(1)
Delivery of Messages
79(6)
Selecting the Delivery Interface (Virtual Gateways)
80(1)
Destination Controls
81(1)
Global Unsubscribe
81(1)
SMTP Routes
82(1)
Selecting Bounce Profiles
83(1)
Handling Delivery Errors with Bounce Profiles
84(1)
Final Disposition
85(1)
Summary
85(2)
Chapter 4 ESA Web User Interface
87(38)
Overview
87(1)
Connecting to the WUI
87(1)
WUI Tour
88(30)
Monitor Menu
88(1)
Overview
89(1)
Incoming Mail
89(1)
Outgoing Destinations
90(1)
Outgoing Senders
90(1)
Delivery Status
90(1)
Internal Users
90(1)
DLP Incidents
91(1)
Content Filters
91(1)
Outbreak Filters
91(1)
Virus Types
92(1)
TLS Connections
92(1)
System Capacity
92(1)
System Status
92(1)
Scheduled Reports
93(1)
Archived Reports
93(1)
Quarantines
93(1)
Message Tracking
94(1)
Mail Policies Menu
94(1)
Incoming Mail Policies
95(1)
Incoming Content Filters
95(1)
Outgoing Mail Policies
96(1)
Outgoing Content Filters
96(1)
Host Access Table (HAT) Overview
96(1)
Mail Flow Policies
97(1)
Exception Table
97(1)
Recipient Access Table (RAT)
97(1)
Destination Controls
97(1)
Bounce Verification
98(1)
DLP Policy Manager
98(1)
Domain Profiles
99(1)
Signing Keys
99(1)
Text Resources
99(1)
Dictionaries
99(1)
Security Services Menu
100(1)
Anti-Spam
100(1)
Antivirus
101(1)
RSA Email DLP
101(1)
IronPort Email Encryption
101(1)
IronPort Image Analysis
101(1)
Outbreak Filters
102(1)
SenderBase
102(1)
Reporting
103(1)
Message Tracking
103(1)
External Spam Quarantine
103(1)
Service Updates
103(1)
Network Menu
104(1)
IP Interfaces
105(1)
Listeners
105(1)
SMTP Routes
105(1)
DNS
106(1)
Routing
106(1)
SMTP Call-Ahead
106(1)
Bounce Profiles
106(1)
SMTP Authentication
107(1)
Incoming Relays
107(1)
Certificates
107(1)
System Administration Menu
108(1)
Trace Tool
108(1)
Alerts
109(1)
LDAP
109(1)
Log Subscriptions
109(1)
Return Addresses
110(1)
Users
110(1)
User Roles
111(1)
Network Access
111(1)
Time Zone and Time Settings
111(1)
Configuration File
112(1)
Feature Keys and Feature Key Settings
112(1)
Shutdown/Suspend
112(1)
System Upgrade
113(1)
System Setup Wizard
113(1)
Next Steps
114(1)
Options Menu
114(1)
Active Sessions
115(1)
Change Password
115(1)
Log Out
115(1)
Help and Support Menu
115(1)
Online Help
116(1)
Support Portal
116(1)
New in This Release
116(1)
Open a Support Case
117(1)
Remote Access
117(1)
Packet Capture
118(1)
WUI with Centralized Management
118(4)
Selecting Cluster Mode
119(2)
Modify CM Options in the WUI
121(1)
Modifying Cluster Settings
121(1)
Other WUI Features
122(1)
Variable WUI Appearance
122(1)
Committing Changes
123(1)
Summary
123(2)
Chapter 5 Command-Line Interface
125(62)
Overview of the ESA Command-Line Interface
125(1)
Using SSH or Telnet to Access the CLI
125(9)
PuTTY on Microsoft Windows
127(2)
Simple CLI Examples
129(3)
Getting Help
132(1)
Committing Configuration Changes
133(1)
Keeping the ESA CLI Secure
134(7)
SSH Options on the ESA
135(1)
Creating and Using SSH Keys for Authentication
136(4)
Login Banners
140(1)
Restricting Access to SSH
140(1)
ESA Setup Using the CLI
141(5)
Basics of Setup
142(1)
Next Setup Steps
142(4)
Commands in Depth
146(40)
Troubleshooting Example
146(1)
Status and Performance Commands
146(10)
Command Listing by Functional Area
156(1)
Mail Delivery Troubleshooting
156(1)
Network Troubleshooting
156(1)
Controlling Services
157(1)
Performance and Statistics
158(1)
Logging and Log Searches
159(1)
Queue Management and Viewing
160(1)
Configuration File Management
161(1)
AsyncOS Version Management
162(1)
Configuration Testing Commands
163(1)
Support Related Commands
163(2)
General Administration Commands
165(1)
Miscellaneous Commands
166(1)
Configuration Listing by Functional Area
167(1)
Network Setup
167(1)
Listeners
168(7)
Mail Routing and Delivery
175(1)
Policy and Filtering
176(1)
Managing Users and Alerts
177(1)
Configuring Global Engine and Services Options
177(2)
CLI-Only Tables
179(1)
Configuration for External Communication
179(1)
Miscellaneous
180(1)
Batch Commands
181(2)
Hidden/Undocumented Commands
183(3)
Summary
186(1)
Chapter 6 Additional Management Services
187(32)
The Need for Additional Protocol Support
187(1)
Simple Network Management Protocol (SNMP)
188(5)
Enabling SNMP
188(1)
SNMP Security
189(1)
Enterprise MIBs
189(1)
Other MIBs
190(1)
Monitoring Recommendations
191(2)
Working with the ESA Filesystem
193(3)
ESA Logging
196(10)
ESA Subsystem Logs
196(1)
Administrative and Auditing Logs
197(1)
Email Activity Logs
198(1)
Debugging Logs
199(2)
Archive Logs
201(1)
Creating a Log Subscription
202(1)
Logging Recommendations
202(1)
Transferring Logs for Permanent Storage
203(1)
HTTP to the ESA
204(1)
FTP to the ESA
204(1)
FTP to a Remote Server
204(1)
SCP to a Remote Server
205(1)
Syslog Transfer
205(1)
Understanding IronPort Text Mail Logs
206(11)
Message Events
206(1)
Lifecycle of a Message in the Log
207(2)
Tracing Message History
209(2)
Parsing Message Events
211(1)
A Practical Example of Log Parsing
212(3)
Using Custom Log Entries
215(2)
Summary
217(2)
Chapter 7 Directories and Policies
219(28)
Directory Integration
219(2)
The Need for Directory Integration
220(1)
Security Concerns
220(1)
Brief LDAP Overview
221(2)
LDAP Setup on ESA
223(18)
Advanced Profile Settings
225(1)
Basic Query Types
226(1)
Recipient Validation with LDAP
227(2)
Recipient Routing with LDAP
229(1)
Sender Masquerading
230(1)
Group Queries
231(2)
Authentication Queries
233(1)
AD Specifics
233(1)
Testing LDAP Queries
234(1)
Advanced LDAP Queries
234(5)
Troubleshooting LDAP
239(2)
Incoming and Outgoing Mail Policies
241(1)
Group-Based Policies
241(1)
Group Matches in Filters
241(1)
Other LDAP Techniques
242(3)
Using Group Queries for Routing
242(2)
Per-Recipient Routing with AD and Exchange
244(1)
Using Group Queries for Recipient and Sender Validation
244(1)
Summary
245(2)
Chapter 8 Security Filtering
247(32)
Overview
247(1)
The Criminal Ecosystem
248(1)
Reputation Filters and SenderBase Reputation Scores
248(3)
Enabling Reputation Filters
249(1)
Reputation Scores
250(1)
Connection Actions
250(1)
HAT Policy Recommendations
250(1)
IronPort Anti-Spam (IPAS)
251(6)
Enabling IPAS
252(1)
IPAS Verdicts
253(1)
IPAS Actions
254(1)
Content Filters and IPAS
255(2)
Recommended Anti-Spam Settings
257(2)
Spam Thresholds
257(1)
Actions for the Bold
258(1)
Actions for the Middle-of-the-Road
258(1)
Actions for the Conservative
258(1)
Outgoing Anti-Spam Scanning
259(1)
Sophos and McAfee Antivirus (AV)
259(7)
Enabling AV
260(2)
AV Verdicts
262(1)
AV Actions
263(1)
AV Notifications
263(1)
Content Filters and AV
264(2)
IronPort Outbreak Filters (OF)
266(4)
Enabling OF
267(1)
OF Verdicts
267(1)
OF Actions
268(1)
Message Modification
269(1)
Content Filters and OF
270(1)
Recommended AV Settings
270(3)
Incoming AV Recommendations
271(1)
Outgoing AV Recommendations
272(1)
Using Content Filters for Security
273(5)
Attachment Conditions and Actions
273(3)
Filtering Bad Senders
276(1)
Filtering Subject or Body
277(1)
Summary
278(1)
Chapter 9 Automating Tasks
279(30)
Administering ESA from Outside Servers
279(1)
CLI Automation Examples
280(7)
SSH Clients
281(1)
Expect
281(2)
Perl
283(2)
CLI Automation from Microsoft Windows Servers
285(2)
WUI Automation Examples
287(1)
Polling Data from the ESA
287(5)
Retrieving XML Data Pages
287(3)
Using XML Export for Monitoring
290(2)
Pushing Data to the ESA and Making Configuration Changes
292(6)
Changing Configuration Settings Using the CLI
293(2)
Committing Changes Using the CLI
295(1)
Changing Configuration Settings Using the WUI
296(2)
Committing Changes Using the WUI
298(1)
Retrieving Reporting Data from the WUI
298(10)
Data Export URLs
299(3)
Other Data Export Topics
302(3)
Example Script
305(3)
Summary
308(1)
Chapter 10 Configuration Files
309(18)
ESA and the XML Configuration Format
309(1)
Configuration File Structure
310(3)
Importing and Exporting Configuration Files
313(3)
Exporting
314(1)
Importing
315(1)
Editing Configuration Files
316(4)
Duplicating a Configuration
317(1)
Partial Configuration Files
318(2)
Automating Configuration File Backup
320(1)
Configuration Backup via CLI
320(1)
Configuration Backup via WUI
321(2)
Configuration Files in Centralized Management Clusters
323(2)
Summary
325(2)
Chapter 11 Message and Content Filters
327(50)
Filtering Email Messages with Custom Rules
327(7)
Message Filters Versus Content Filters
328(3)
Processing Order
331(1)
Enabling Filters
332(1)
Combinatorial Logic
332(1)
Scope of Message Filters
333(1)
Handling Multirecipient Messages
334(1)
Availability of Conditions and Actions
334(1)
Filter Conditions
334(6)
Conditions That Test Message Data
335(1)
Operating on Message Metadata
336(1)
Attachment Conditions
337(2)
System State Conditions
339(1)
Miscellaneous Filter Conditions
340(1)
Filter Actions
340(5)
Changing Message Data
340(1)
Altering Message Body
341(2)
Affecting Message Delivery
343(1)
Altering Message Processing
344(1)
Miscellaneous Filter Actions
344(1)
Action Variables
345(2)
Regular Expressions in Filters
347(3)
Dictionaries
350(1)
Notification Templates
351(1)
Smart Identifiers
352(2)
Using Smart Identifiers
353(1)
Smart Identifier Best Practices
354(1)
Content Filter and Mail Policy Interaction
354(5)
Filter Performance Considerations
359(3)
Improving Filter Performance
360(2)
Filter Recipes
362(14)
Dropping Messages
362(1)
Basic Message Attribute Filters
363(1)
Body and Attachment Scanning
364(2)
Complex Combinatorial Logic with Content Filters
366(1)
Routing Messages Using Filters
367(1)
Integration with External SMTP Systems
368(1)
Cul-de-Sac Architecture
369(2)
Inline Architecture
371(1)
Delivering to Multiple External Hosts
371(2)
Interacting with Security Filters
373(2)
Reinjection of Messages
375(1)
Summary
376(1)
Chapter 12 Advanced Networking
377(36)
ESA with Multiple IP Interfaces
377(9)
Multihomed Deployments
378(2)
Virtual Gateways
380(1)
Adding New Interfaces and Groups
381(1)
Using Virtual Gateways for Email Delivery
382(3)
Virtual Gateways and Listeners
385(1)
Multiple Listeners
386(2)
Separating Incoming and Outgoing Mail
386(1)
Multiple Outgoing Mail Listeners
386(1)
Separate Public MX from Submission
387(1)
ESA and Virtual LANs
388(2)
Other Advanced Configurations
390(21)
Static Routing
390(2)
Transport Layer Security
392(1)
Using and Enforcing TLS When Delivering Email
393(3)
Using and Enforcing TLS When Receiving Email
396(1)
Certificate Validation
397(1)
Managing Certificates
398(1)
Adding Certificates to the ESA
399(3)
TLS Cipher and Security Options
402(3)
Split DNS
405(3)
Load Balancers and Direct Server Return (DSR)
408(3)
Summary
411(2)
Chapter 13 Multiple Device Deployments
413(48)
General Deployment Guidelines
413(2)
Email Availability with Multiple ESAs
415(1)
Load-Balancing Strategies
415(9)
SMTP MX Records
415(1)
Domains Without MX Records
416(1)
Incoming and Outgoing Mail with MX Records
417(1)
Single Location with Equal MX Priorities
417(1)
Multiple Locations with Equal MX Priorities
417(1)
Unequal MX Priorities
418(1)
Disaster Recovery (DR) Sites
419(1)
Third-Party DR Services
419(1)
Limitations of MX Records
420(2)
Dedicated Load Balancers
422(1)
Load Balancers for Inbound Mail
422(1)
Load Balancers for Outgoing Mail
423(1)
Multitier Architectures
424(7)
Two-Tiered Architectures
425(1)
Three-Tiered Architectures
426(1)
Functional Grouping
427(2)
Large Message Handling
429(2)
Architectures with Mixed MTA Products
431(8)
Integration with External Systems
431(1)
External Email Encryption
432(1)
External Data Loss Prevention (DLP) Servers
433(2)
Email Archiving Servers
435(1)
Archiving Inline or Cul-de-Sac
435(1)
Archiving Through BCC
436(1)
Other Archiving Ideas
437(2)
Introducing, Replacing, or Upgrading ESA in Production
439(4)
Adding the First ESA to the Environment
439(1)
Replacing an ESA for Upgrade
440(3)
Management of Multiple Appliances
443(16)
Centralized Management Overview
443(1)
Creating a CM Cluster
444(1)
Joining an Existing CM Cluster
444(2)
Creating and Managing CM Groups
446(4)
Using CM in the WUI
450(3)
Using CM in the CLI
453(4)
Centralized Management Limitations and Recommendations
457(1)
Size of CM Clusters
457(1)
Configuration Files in Clusters
457(1)
Upgrading Clustered Machines
457(2)
Summary
459(2)
Chapter 14 Recommended Configuration
461(28)
Best Practices
461(3)
Redundancy and Capacity
461(1)
Securing the Appliance
462(2)
Security Filtering
464(7)
HAT Policy Settings
464(2)
Whitelisting and Blacklisting
466(2)
Spam Quarantining
468(1)
Deciding to Quarantine or Not
468(1)
End-User Quarantine Access
469(1)
Administrative-Only Quarantine Access
469(1)
Automated Notifications
470(1)
Being a Good Sender
471(8)
Being Rate Limited
471(1)
Outbound Sending Practices
472(1)
Handling Bounces
473(1)
Variable Envelope Return Path
474(1)
DNS and Sender Authentication
475(1)
Dealing with Blacklisting
475(2)
Compromised Internal Sources
477(2)
Bounce Verification
479(3)
Recommendations for Specific Environments
482(5)
Small and Medium Organizations
483(1)
Large or Complex Organizations
483(1)
Service Providers
484(1)
Higher Education
485(1)
Email "Front End" to Complex Internal Organizations
486(1)
Summary
487(2)
Chapter 15 Advanced Topics
489(28)
Recent Developments
489(1)
Authentication Standards
490(14)
Path-Authentication Standards: SPF and SIDF
491(2)
Determining the Identity of the Sender
493(1)
Deploying SPF
494(1)
SPF Challenges
495(1)
Using SPF and SIDF Verification on ESA
496(2)
Message Authentication: DKIM
498(1)
Enabling DKIM Signing on ESA
498(1)
The DKIM-Signature Header
499(1)
DKIM Selectors and DNS
499(1)
Other DKIM Signing Options
500(1)
DKIM Signing Performance
501(1)
DKIM Verification on ESA
501(1)
DKIM Challenges
502(1)
DKIM and SPF Recommendations
503(1)
Regulatory Compliance
504(2)
General Concepts
504(1)
Personally Identifiable Information (PII)
504(1)
Payment Card Data
505(1)
Personal Financial Information
505(1)
Mitigation
506(1)
Data Loss Prevention (DLP)
506(9)
Enabling Data Loss Prevention Policies
506(1)
Adding a DLP Policy
507(1)
Taking Action on Matching Messages
507(2)
Classifiers and Entities
509(1)
Custom Classifiers
509(3)
Customizing Policies
512(1)
Customizing Content Matching on Predefined Policies
512(1)
Customizing User and Attachment Rules
513(1)
Integration with Content Filters
514(1)
Summary
515(2)
Index 517
Chris Porter was one of the first field systems engineers hired by IronPort Systems in 2003, around the time of the launch of the ESA C-series product. He has served as systems engineer, SE manager, and now technical solutions architect at Cisco, who acquired IronPort in June 2007.

 

Chris has been involved in planning, deploying, and configuring Email Security Appliances (ESA) at hundreds of organizations, with a chief role in both pre-sales engagements and post-sales support. His experience has made him a trusted voice in ESA product design decisions.

 

Chris holds a bachelors and masters degree in Computer Science from Stevens Institute of Technology in Hoboken, NJ, and a CCNA certification. Chris is currently a technical solutions architect at Cisco, specializing in content security and the IronPort email and web-security products and services.

 
Daugiau apie elektronines knygas Daugiau apie elektronines knygas
Pastovi nuoroda: https://www.kriso.lt/db/97801327307092e.html
Raktažodžiai: