Inside Network Perimeter Security: The Definitive Guide to Firewalls, Virtual Private Networks (VPNs), Routers, and Intrusion Detection Systems

Every chapter starts with an introduction to the subject where general aspects are being highlighted in a way that they can be grasped by non-technical people too. From there the authors quickly jump to explaining the hard, technical details. Pros and cons of individual technologies are being discussed, giving expert opinion to those looking for help in deciding about technology choices. A summary, again readable by everybody and their manager closes each chapter.

This is the first book I've seen that groups together and relates all subjects relevant to network perimeter defense. Well chosen diagrams and "real world stories" make it an enjoyable and entertaining read. Highly recommended.

Rating:
Summary: Learning Security Thoroughly and Completely
Review: This is the real deal. This book has such a broad coverage, but with such depth, that it is like getting three or four books for the price of one. The word "Encyclopedia" should probably be in the title somewhere. Everything dealing with security is at least touched upon, but almost without exception, there are detailed and well prepared discussions on every topic. I have heard that at least one college level course is already using this as their textbook.

The style is very enjoyable and effective. A vast amount of real world experience is shared, often with interesting anecdotal stories. The authors engage you on a one on one basis and converse with you as if you are a close colleague. They discuss many of the commonly used approaches to provide security, but with the important added feature of discussing the critical thought processes that go into what aspects are weak and strong. This is a rarely shared benefit within the technology field that is crucial for learning how to become or remain a competent security practitioner. As an example, in one section two different designs created by students of the SANS firewall class are presented. The book discusses specifics about the designs and where the student's approach is adequate and alternatives that could be considered as improvements depending upon the circumstances. Good technical details are provided along the way, but the core strength is that the reader is taught how to think through problems to be solved instead of just given the answers with no idea about how to derive them on their own. The reader should be able to reason through new security challenges they may face in the future that may not be covered by any existing book or article by applying the wealth of information provided. This book is good at exploring some of the possibilities and encouraging thought provoking ideas about new ways to secure the enterprise, while realizing that sometimes risks must be accepted or mitigated.

Some of the interesting topics covered are: hardening of routers, networks, and computers, intrusion detection, vulnerability assessment, host-based firewalls, virus detection software, the process of design, centralized monitoring, log analysis and event correlation, network troubleshooting, and security policy. I found the appendix on Network Air Gaps very well written and interesting as it discusses an emerging new category of protection device with its own special developing niche.

As with any book, publishing deadlines mean that some new developments in the security field are not reflected within the content. Specifically, the Gauntlet Firewall has been subsequently sold by Network Associates to Secure Computing who is now merging it with its own Sidewinder firewall. Also, the fact that SunScreen Lite is bundled with Solaris 8 is mentioned, but the fact that the full version of SunScreen firewall is included with Solaris 9 is not presented. These types of deficiencies will afflict any book discussing products. Any practitioner should be independently researching and evaluating promising products no matter how they are first discovered anyway. These issues do not detract from the immense contribution this tome provides to the field of security.

This book is a gold mine of years of SANS knowledge in a well-packaged and digestible form. If you don't need this book, then you are not concerned with computer security.