Rating: 
Summary: A complete survey of network security and more
Review: This is a big book, 745 pages, a bit about almost every topic in information security. The advantage of a book like this is that if you want to know three paragraphs about a security term that you are not familiar with, you can find it. The disadvantage of these survey type books is that they do not usually give you enough information to do anything. Though there are some spots especially in the first few chapters where this happens, Merike Kaeo, the author, quickly succeeds in making this a book that goes beyond telling the reader about things and begins to share how to do things on Cisco equipment which is far more valuable. If you are a Cisco network engineer or administrator and are interested in learning more about information security this is probably a good book for you. I think this book would also benefit a manager or someone with purely theoretical information security knowledge that wants to be able ask technical people pragmatic questions. The Voice over IP chapter was one of the clearest explanations I have seen, however a bit more of a warning about security, changing standards and interoperability would have been appreciated. When work begins on 3rd edition, I would suggest more focus on using routing and switching technology to segment the internal network so a worm infection does not take down the entire facility. In general user VLANS to not need to talk to other user VLANS, they only need to communicate with servers. My favorite part of the book is Appendix D, somehow I had never seen Rob Thomas paper on DDOS.
Rating: 
Summary: Mixed Bag
Review: Up through Chapter 7, this book presents a fairly good overview of information security in general, network security basics, cryptography, and a good measure of "security philosophy" as well. It reads pretty well and there are relatively few inconsistencies, until... From Chapter 8 onwards, there are lots of mistakes (my personal favorite is a botched explanation of TCP proxies on page 248) and many cases of examples not matching the explanatory text. And when it comes to enabling TACACS+ on routers, some sections of this book directly contradict Cisco's "IOS 12 Network Security" book. All in all, a decent reference for Cisco routers & firewalls, but you might want to supplement it with something more substantial. The O'Reilly books and Cheswick/Bellovin come to mind...
| 
