Network Security: Private Communication in a Public World

I found the second edition an excellent piece of work. The content is focused, consise, and easy to ready. This is the case, even though the complex subject matters could easily have been made more difficult and confusing. This was well organized. Not just a list of facts. The diagrams are very helpful. This book does not include alot of fluff and delivers the content in a personal and pertinent manner.

Rating:
Summary: Focused, Concise, Organized, Easy to read - - 5 Stars
Review: Focused, Concise, Organized, Easy to read - - 5 Stars

I found the second edition an excellent piece of work. The content is focused, consise, and easy to ready. This is the case, even though the complex subject matters could easily have been made more difficult and confusing. This was well organized. Not just a list of facts. The diagrams are very helpful. This book does not include alot of fluff and delivers the content in a personal and pertinent manner.

Rating:
Summary: Explains tedious theory in an understandable way
Review: I took this book along on a business trip with the expectation that it would work better than chamomile tea before bed -- instead it kept me up well into the night. It turns a, necessarily, tedious subject into compelling reading. A "must-read" and "must-have" reference for any person charged with managing a distributed computing environment.

Rating:
Summary: Explains tedious theory in an understandable way
Review: I took this book along on a business trip with the expectation that it would work better than chamomile tea before bed -- instead it kept me up well into the night. It turns a, necessarily, tedious subject into compelling reading. A "must-read" and "must-have" reference for any person charged with managing a distributed computing environment.

Rating:
Summary: Some great stuff, but narrowly focused
Review: I worked for 10 years in computer and network security, including many years as a cryptanalyst and a couple of years at a startup company. I now teach at San Jose State University, where I'm using this book as the primary textbook for a graduate class in computer security. The strengths of the the book are its coverage of basic cryptography (chapters 2 thru 6), "security handshake pitfalls" (chapter 11) and "security folklore" (chapter 26).

Chapter 11 alone is worth the (high) price of the book. It is absolutely the best introduction to the subtle issues that arise with network protocols you are likely to ever find. And Chapters 2 through 6 do a better job of covering cryptography (with particular emphasis on some of the not-so-obvious issues) than many books devoted solely to cryptography. And chapter 26 makes some nice points.

One criticism I have is that---with few exceptions---the rest of the book does not come close to the standard achieved in the chapters mentioned above. The chapter on SSL/TLS is OK and the chapter on Kerberos is passable (if dull), but the remaining chapters are relatively weak. Another criticism is that the title of the book is misleading. Outside of the cryptography chapters, the book is very narrowly focused on networking protocols. In my opinion, there is far more to network security than cryptography and protocols. Take a look at Ross Anderson's book, Security Engineering, to get a nice broad overview of security. Finally, the chapters related to IPsec are really poor. The author(s) seems to be so peeved with the standards committee for doing some stupid things that he/she/they do more carping than describing.

In summary, I highly recommend chapters 2 thru 6, 11 and 26. But you'll need to look elsewhere if you want to learn about more than protocols and cryptography.

Rating:
Summary: Excellent reference. Concise, to the point very readable
Review: Network Security: Private Communication in a Public World is one of the best technical security books around.

This edition is updated from the first edition to include topics such as IPSec, SSL/TLS, e-commerce, PKI and more.

The book is geared for system programmers and developers who need to add security and cryptographic functionality into their systems. Those looking for a high-level security book will not really benefit from this title.

The authors writing style is quite readable, especially about such a subject that can be quite dry at times. The book is not as deep and theoretical as Schneier's
Applied Cryptography' (and is also much shorter), but is clearly written to be much more practical.

The book is made for those that have somewhat of a background in security and cryptography. The newbie will likely be overwhelmed with a lot of the concepts and implementation issues.

Overall, Network Security: Private Communication in a Public World is an excellent reference and text for anyone needing to come up to speed in infosec. It is concise, to the point and very readable.

Rating:
Summary: A great book got even better
Review: The second edition of this witty and informative book on network security is even better than the first edition and is clearly the best book on the subject currently available. Secret and public key algorithms and protocols, message hashes, authentication, Kerberos, PKI, IPsec, SSL/TLS, and e-mail security are all explained at length. Chapter 26 on security folklore is a real gem. In security, the devil is in the details. For anyone planning to design a security system that is actually supposed to work, this chapter is must reading. The book is aimed at readers with a university degree in the sciences, engineering, or mathematics. If you want to learn everything there is to know about network security, look no further.