Inside Network Perimeter Security: The Definitive Guide to Firewalls, Virtual Private Networks (VPNs), Routers, and Intrusion Detection Systems

Like other titles from the SANS Institute, this book is highly informative & very readable. With the exeption of writing security policies, which one should know before implementing any security solution beyond using strong passwords, this book covers every area security professionals need to know about to effectively provide layered, defense in depth, solutions. While other books go into more detail on specific areas & technologies, this book does an excellent (and rare) job of covering how the pieces fit together.

Thanks (again), Stephen & the folks from SANS! The rest of you should (literally) stop sitting there reading this review & buy it! Read it! Now!

Rating:
Summary: Fairly decent but can be thinned out a bit
Review: Fairly decent overview of perimeter security. If your a security professional you may learn a thing or two, if your a network administrator and your idea of security is a firewall then this book is meant for you. Its a fairly easy read, but some of the examples of the commands to enter in configuring routers and hosts could be eliminated. I felt the author was just taking up space with these examples. (not a big deal but I'm taking a star away on principal) I also felt the author could have gone into a little be more detail in the VPN chapter, especially when dealing with encryption, PKI, and authenication which I felt was glossed over. (again not a big deal, but when you call yourself the definitive guide, be more definitive and save the 'commands' for the user guides")

Rating:
Summary: All Good Things ......
Review: must come to pass. And with the publication of Inside Network Perimeter Security, a good thing has DEFINITELY come to pass!

With 18 years in the IT field, I have had the "blessing" of using literally thousands of vendor manuals, after-market "self-help" books, tutorials, resource kits and the like; covering operating systems, programming languages, networking, security, applications and utilities. Until now, I've found that I can invariably stick each one into one of my three "personal" review categories.

1. Idiot's Guide - information so general that the only people who could possibly derive any value from it are those who can best be evaluated on a performance review as: "Can IDENTIFY a computer 2 out of 5 times without assistance".

2. Trivial Pursuits - jam-packed with obscure tricks, keyboard shortcuts, links to Easter Eggs, and advanced functions that 98% of users will never have legitimate use for. Tries to be all things to all readers, and fails miserably. You wind up kicking yourself for paying [money] for 800 pages, and only using 5 of them.

3. Guru Goulash - so specific and/or technical that there are perhaps 100 people on Earth who can make sense of - and properly apply - the information it contains. You wonder why the author didn't save a boatload of paper and email a pdf to those 100 people, since he/she probably knows most of them. However, the author could have increased the value 100-fold simply by writing "cleanly" and intelligibly. IBM System 360 manuals, anyone?

BUT: after reading Inside Network Perimeter Security, I may have to develop a new category. The authors have hit the elusive "Sweet Spot"! A book that covers a broad range of topics within the IT Security field, is cleanly written to provide an introduction to these areas to an InfoSec novice; yet with enough "meat" to challenge a seasoned professional to dig a little deeper - and more importantly, to think a little harder.

Firewalls, VPN, routers, and IDS systems are all covered with just enough general information for a new practitioner, then go deeper into the concepts involved with concrete, real-world examples. How each of these components contributes to the idea of a securable "perimeter" is well explained. Most importantly, how each component interacts with, supports, supplements and complements each other as defensive measures is a crucial concept.

The entire tome is wrapped in the mantra of "defense in depth", undoubtedly the most valuable component of an effective IT security program, with real-life case studies to drive home the concepts. This has been done without getting to the level of specificity that limits the audience to either "Guru" or "Idiot" level. In this case, the "middle ground" and the "high ground" have found a commonality of purpose.

I applaud the manner in which diagrams, screen dumps, and example listings have been used. Normally, I find that these often distract from the written information. Here, they have been used judiciously, and effectively highlight the information being presented. The only thing better would be a companion disk with interactive screens to demonstrate the concepts.

Frequent use of "Tips" and "Notes", in conjunction with the aforementioned Case Studies, makes this an excellent long-term reference. This is my personal yardstick of the value of a book - will I come back to it repeatedly?

In the case of Inside Network Perimeter Security, the answer is a resounding YES. I expect to use this book as a solid reference for some time to come; and will undoubtedly use it a prime source in training my security team.

The SANS organization is known and respected as the premier proponent of IT Security. The authors, all members of SANS, have hit yet another home run with Inside Network Perimeter Security. The lack of a companion CD-ROM with extended examples, text version of the book, interactive screens, and perhaps some eval software; is the only thing that prevents it from being a "Grand Slam". Perhaps for the Second Edition?

C. Farley Howard; GSEC, CISSP

Rating:
Summary: If you want to buy just one book, buy this one.
Review: Stephen Northcutt has done a great job! this is the most comphrensive book on the subject. I particularly found the part on access lists very helpful. Niloufer Tamboly, CISSP

Rating:
Summary: A very informative read
Review: Stephen Northcutt, and the various contributing authors, have created a masterful and well rounded guide of the various considerations that go into securing the network perimeter. As a student of Information Technology this book has been instrumental in my education and has earned a permanent place on my bookshelf (when it is not in my hands directly).

Rating:
Summary: Excellent holistic security book
Review: The first thing that appeals to the reader of this excellent book
["Inside Network Perimeter Security" by Steven Northcutt, et al] is a
curious title. So will the authors take the reader "inside perimeter"
or will they cover the perimeter security inside and out? In fact,
they excel at both. It is well known that the defense perimeter of the
modern Internet-enabled business is not just the choke router
connecting the company to the public network. Perimeter manifests
itself in wireless leaks outside the building, in VPN links stretching
out to partners an suppliers and forgotten modems on the company
premises.

The books effectively straddles several difficult bordelines, that
adds significant value to it. For example, authors manage to not
express their preferences and provide coverage for both Windows and
UNIX, free and commercial software. Moreover, the book has both
valuable hands-on exercises (right down to 'permit icmp any any
packet-too-big' and 'SEC-6-IPACCESSLOGP') and strategic business
aspects (choosing the network design based on business and industry
requirements).

The book goes well beyond perimeter defense, stretching onto security
monitoring, incident response, vulnerability analysis, security audit
and network performance. Especially fun was a chapter devoted to the
"adversarial review". Security vs performance seem to be a timeless
conflict. The chapter is dedicated to this important aspect of
security design, covering performance impact of various security
technologies.

The important advantage of the book is real-life examples, case
studies and sample network security designs. They are given a thorough
evaluation, both from defender's and attacker's prospective. However,
some currently popular attacks are not given sufficient attention (such
as web hacking and malware). That seem to stem from the fact that in
the book infrastructure defense takes priority over information
protection. Apparently, the books focuses more on defense and
prevention (and thus is less valuable for those seeking to cause
computer mayhem).

Overall, the book is of great value to security novices and the
experienced professionals as well. The latter can use the book as a
complete guide for secure network design, implementation and
maintenance (extensive troubleshooting information is provided) under
real-life constraints. Even when most things in the book might already
be familiar, the added value is in integrated holistic approach to
network security presented by the true experts in the field. It
appears that is can make an effective study guide for SANS GCFW
certification.

Anton Chuvakin, Ph.D., GCIA is a Senior Security Analyst with a major
information security company. His areas of infosec expertise include
intrusion detection, UNIX security, honeypots, etc. In his spare time
he maintains his security portal info-secure.org

Rating:
Summary: Great book for Network Security
Review: There is serious shortage of security books that cover actual design and architechture. This is a book that fills the void.
One of the great things about the book is that it's not partial to any particular vendor. It concentrates on the technology.
This book offers sound security fundamentals. I would recommend
that any new security personnel read this book. It provides a great roadmap for your security career.

Rating:
Summary: Great Resource for Security Engineers
Review: This book is an invaluable reference for Sysadmins, Network Design Engineers, and Security Engineers with most any networking focus. The authors offer real examples of configurations for multiple products to illustrate the points made in the discussions so the recommendations can be implemented wit h a minimum of trouble. The topics covered cross the range of issues associated with perimeter networks, Firewall, VPN, IDS. Each section offers it's own insights and solutions.

You want to have this book in your reference library !

Rating:
Summary: Fairly decent but can be thinned out a bit
Review: This book is no doubt an excellent resource for security professionals, all chapters give very good info on Perimeter security. Good for those preparing for SANS GCFW Certification.