|
 |
|
 |
 |
Mission Critical Internet Security (Mission Critical Series)
|
by Bradley Dunsmore and Jeffrey Brown
Sales Rank: 1934583
|
$0.89
At Amazon
|
|
Paperback: 656 pages
Publisher: Syngress; 1 edition December 30, 2000
Language: English
ISBN-10: 1928994202
ISBN-13: 978-1928994206
Product Dimensions:
9.3 x 7.5 x 1.3 inches
Shipping Weight: 2.2 pounds
Product Review
The best security for a network segment is isolation, but that's not an option if you want your users to enjoy Internet connectivity. Mission Critical Internet Security explores your options for protecting your network from attack across the Internet, emphasizing firewall solutions from Cisco, Symantec, Microsoft, and Check Point. This book begins with general advice about how to set up a comprehensive system of defenses (comprising a firewall, an intrusion detection system, authentication and cryptography schemes, and protocols like IPsec). It concludes with information (this is the bulk of the authors' work) on the specifics of configuring several products.
You'll enjoy the war stories that appear as sidebars; they call your attention to common errors (and make you feel better if you've made them). You'll also appreciate the carefully considered question-and-answer sections that explain umpteen design alternatives (SOCKS proxy versus Winsock proxy, for example) and engineering challenges (one example: building an IPsec virtual private network between firewalls from different manufacturers). Product-specific sections on Microsoft Proxy Server, Cisco PIX, Symantec Raptor, and Check Point FireWall-1 include a lot of detail, and Syngress promises to keep up with manufacturer upgrades (via Web updates to this book) for at least a year. Worth its price for its conceptual information alone (particularly the IPsec part), this book will really please you if you're installing one of the firewalls it focuses on. --David Wall
Topics covered: How to protect a private network from outside intrusion, while allowing its users Internet access and connectivity via virtual private networks (VPNs). Particularly detailed coverage goes to IPsec, Kerberos, Cisco PIX, Symantec (formerly Axent) Raptor, Microsoft Proxy Server, and Check Point FireWall-1.
Product Description
The growth of the Internet and its reach into the fabric of business and personal life has outdistanced most organizations' ability to protect the confidentiality and integrity of information. The increased exposure and the constant escalation of threats to network security have increased the need for effective controls that can restore availability, confidentiality, and integrity to information systems. Mission Critical! Internet Security shows how security can be provided in TCP/IP at any layer, and outlines the advantages and disadvantages of each approach. This book will answer the questions you have about Internet Security, including:- If I use protocol switching on my network, what protocol should I use in place of IP?
- Should I be placing my VPN gateway at the same level as my firewall?
- Can I use IPSec to secure communications with my Win 9x machines?
- Are there back doors in PGP?
- Would a firewall or other security product interfere with the IDS?
- How does SOCKS Proxy differ from WinSock Proxy?
- I am setting up my outbound access control lists to specify which traffic I will permit users to use. How do I know which TCP or UDP port a particular application uses?
Customer Reviews & Comments
I am a senior engineer for managed network security operations, who works mostly with FreeBSD, Linux, and Solaris. I read this book to learn more about security technologies associated with products by Cisco, Microsoft, and other vendors. (I also try to read a variety of computer security books.) If you're planning to deploy Cisco routers, Microsoft Proxy Servers, or Raptor / Checkpoint / Pix firewalls, give this book a try. If not, you may find the first few chapters worthy nonetheless. "Mission Critical" strictly adheres to the defender's point of view, whereas books like "Hacking Exposed" demonstrate security by describing the attacker's perspective. Chris Brenton's "Mastering Network Security" (Sybex, 1999) is my favorite "defensive" book, although I bet his new book "Active Defense" (Sybex, 2001) will be the king of this category. "Mission Critical's" focus on the Microsoft world at the expense of UNIX operating systems is a weakness, unlike the even-handed attention in Brenton's books. My favorite section in "Mission Critical" is chapter 4, "Internet Security Applications," which describes cryptography, digital signatures, SSL, SSH, PGP, S/MIME, and Kerberos. The authors give just enough detail to explain how these technologies work without being boring or repetitive. Chapter 3, "IPSec," is instructive, and I also think chapter 8, "Cisco IOS," delivers plenty of content. The book's main weakness (other than failure to give UNIX enough attention) is its lack of cohesiveness. I could tell several writers were involved, each with a different opinion as to what "layer 3" or "layer 4" means, for example. (This matters; are we talking OSI or "DoD" TCP/IP? If "DoD" TCP/IP, is the bottom layer "network" as listed on page 22 or "host-to-host" as on page 157? And doesn't "network" usually refer to layer 3 in the OSI model, anyway?) I survived the inconsistencies, but would the intended audience? I strongly recommend prospective readers check the table of contents to see if the products discussed apply to your environment. As a general security book, "Mission Critical" rates 3 stars. As a book for professionals needing help with specific products, it's a 4 star book. "Mission Critical" is another step in the right direction for Syngress. (Disclaimer: I received my review copy free from the publisher.)
|
Mission Critical Internet Security (Mission Critical Series)
Available from Amazon
Price: $0.89
| |
|
|
|
|
