<< 1 >>
Rating: 
Summary: An overview of IPSec lacking in depth
Review: I have found that the book gives an overview of IPSec, however, I don't believe that it goes in to enough analysis of it. I have read various RFCs on IPSec and was hoping for more of an interpretation and examples on the subject, as opposed to simply having the same idea rehashed, in a similar fashion. These RFCs are rather difficult to read, so a rehash of them would be beneficial if it explained the ideas more clearly. However, I found that the book sometimes used the exact phrases as the RFC and did not help further clarify the issue for me.Secondly, the first third of the book is dedicated to TPC and cryptography subjects. This is useful if you are getting a first overview to this subject but for me, further PKI or IPSec chapters would have been more useful. Not that I am promoting them, but I'd suggest one of Schneier's well-known books for an indepth look at cryptography. Thirdly, I find that the book was not well edited and has numerous mistakes in it. This made it slightly difficult (although, more bothersome than difficult) to read. For example, I also found that Figure 10-18 is wrong and incomplete. This lack of proofing makes me question the validity of claims that were made throughout the book, especially the claim of how long a given length key (for example 1024 or 2048 bits) will be secure for. I am not saying that his claims are false, but I wonder if they were made with the same haste as the final proofing of the book was. I enjoyed the final chapter, which presented a VPN solution, because it gave me an idea of the steps that are required for deployment. Note that although this doesn't degrade the value to me of this chapter, the 3 components he used in his deployment example are all products of Network Associates Inc, his employer.
Rating:
Summary: An overview of IPSec lacking in depth
Review: I have found that the book gives an overview of IPSec, however, I don't believe that it goes in to enough analysis of it. I have read various RFCs on IPSec and was hoping for more of an interpretation and examples on the subject, as opposed to simply having the same idea rehashed, in a similar fashion. These RFCs are rather difficult to read, so a rehash of them would be beneficial if it explained the ideas more clearly. However, I found that the book sometimes used the exact phrases as the RFC and did not help further clarify the issue for me. Secondly, the first third of the book is dedicated to TPC and cryptography subjects. This is useful if you are getting a first overview to this subject but for me, further PKI or IPSec chapters would have been more useful. Not that I am promoting them, but I'd suggest one of Schneier's well-known books for an indepth look at cryptography. Thirdly, I find that the book was not well edited and has numerous mistakes in it. This made it slightly difficult (although, more bothersome than difficult) to read. For example, I also found that Figure 10-18 is wrong and incomplete. This lack of proofing makes me question the validity of claims that were made throughout the book, especially the claim of how long a given length key (for example 1024 or 2048 bits) will be secure for. I am not saying that his claims are false, but I wonder if they were made with the same haste as the final proofing of the book was. I enjoyed the final chapter, which presented a VPN solution, because it gave me an idea of the steps that are required for deployment. Note that although this doesn't degrade the value to me of this chapter, the 3 components he used in his deployment example are all products of Network Associates Inc, his employer.
Rating: 
Summary: Decent introduction, numerous errors.
Review: This book provides a good introduction to TCP/IP and basic cryptography, but one would be better off reading the RFC's for IPSec/ISAKMP/IKE. However, the numerous technical and spelling errors indicate that the book has not been proof read, or has been published in a hurry. For example, some of the numbers on table 2-9 on page 78 are wrong, and the example on page 83 has errors. It's also ironic that a book from RSA press misspels Ronald Rivest (the "R" in RSA) as Ronold. I read through this book mainly to get a better understanding of IPSec/IKE/ISAKMP after reading the RFCs, but these chapters are just a summary of the RFCs, with some omissions (such as the different IKE Phase-1 auth types etc). The bottom line is that I'd probably borrow this book from a library but wouldn't pay money for it. I'd give it 2.5 stars.
Rating: 
Summary: A must for network traffic analysis and intrusion detection.
Review: This is a clearly written and nicely illustrated book.
Rating: 
Summary: excellent pki book, needs chapter on ldap
Review: this is a great book, I work for a VPN software developer and always wondered about the details about things like smart cards, tokens and even just certificates. This is it, now i really everyone uses some form of PKI. This book is written by RSA press, RSA as we know "invented" encryption.
<< 1 >>
| 
