Implementing IPsec: Making Security Work on VPNs, Intranets, and Extranets

I did like the IPSEC - Securing VPNs by Davis. It steps through each aspect of IPSEC. It's a bit heavy on the math behind the encryption for my taste, but I found it easy to skip those parts.

Rating:
Summary: Don't Bother
Review: I didn't find this book useful at all. This is not a technical book. In fact I'm not sure who the target audience is. I'm a system architect and implementor and didn't get anything from reading this book.

I did like the IPSEC - Securing VPNs by Davis. It steps through each aspect of IPSEC. It's a bit heavy on the math behind the encryption for my taste, but I found it easy to skip those parts.

Rating:
Summary: Glossly overview of IPsec
Review: The book is more of an introduction to IPsec and covers it in a glossy form. You can learn more about IPsec by reading the RFC for it than the first 3 chapters of this book. The writers did not explain VPN very well and did only a very high level talk about intranets. I would recommend a different book if you want to understand IPsec well. This book is more for managers to read or the marketing/sales department.

Rating:
Summary: Title
Review: The nature of security management is changing rapidly. Just as physical security is becoming more noticeable in the workplace so too is information security becoming an indispensable component, as companies are putting their corporate jewels on publicly available networks.

Security was not part of the blueprint when the Internet was designed in the 1960s and 1970s. As the need for security became a pressing demand in the 1990s, the Internet Engineering Task Force, the overseer of the Internet, created Internet Protocol Security, or IPsec.

IPsec is a developing Internet standard for network-level security and is one of the most important security protocols to be developed in the last five years. IPsec is able to provide the level of transaction processing security that was lacking in the previous version of Internet Protocol.

While the authors do a good job of showing how IPsec works in theory, readers may find that there is not enough real-world information to justify its price. In large part that's because roughly one-third of the book is a copy of the IPsec RFC. Nor does the book detail how IPsec is specifically configured on devices such as routers and servers.

On the other hand, the book concludes with an excellent chapter about what to ask vendors. The questions provided in this book will help the prospective buyer differentiate between IPsec snake oil salesmen and those vendors whose products really do secure networks. Overall, however, the book is not required reading.

This review of mine originally appears at http://www.securitymanagement.com/library/000920.html

Rating:
Summary: This book is no bible
Review: This book does a fine job of filling you in on the hardware and software issues, leagal issues, and political issues surrounding IPSec. It touches on just about every topic even remotely related to IPSec. It does a poor job of telling you how to set up and implement any sort of IPSec networking. It was a well-written overview, but definitely not a book to base your entire network on. Though well-written, I found the network diagrams used in this book to be poorly designed and confusing. If you are looking for a basic intro to IPSec, then this one is great, otherwise, you'll probably want to read something else.

Rating:
Summary: This book is no bible
Review: This book does a fine job of filling you in on the hardware and software issues, leagal issues, and political issues surrounding IPSec. It touches on just about every topic even remotely related to IPSec. It does a poor job of telling you how to set up and implement any sort of IPSec networking. It was a well-written overview, but definitely not a book to base your entire network on. Though well-written, I found the network diagrams used in this book to be poorly designed and confusing. If you are looking for a basic intro to IPSec, then this one is great, otherwise, you'll probably want to read something else.

Rating:
Summary: A book on IPsec deployment, not implementation...
Review: This book provides a grounding in various aspects of IPsec, but it more serves as a buyer's guide than an implementation manual. If you're looking for details on how to actually write an IPsec implementation, this is NOT the book for you.