Average customer rating:
- Comprehensive *and* not Cisco-specific...
- From application proxy firewalls to security policies and rules
- Cisco's Replacement for a Dummies Guide to Firewalls
- Does an Excellent Job
- no Cisco bias
|
Firewall Fundamentals
Wes Noonan , and
Ido Dubrawsky
Manufacturer: Cisco Press
ProductGroup: Book
Binding: Paperback
 Privacy
| Business & Culture
| Computers & Internet
| Subjects
| Books
Network Security
| Networking
| Computers & Internet
| Subjects
| Books
General
| Networks, Protocols & APIs
| Networking
| Computers & Internet
| Subjects
| Books
Internet
| Home Computing
| Computers & Internet
| Subjects
| Books
| Internet & Education
| Online Searching
| Web Browsers
| Web for Kids
General
| Computers & Internet
| Subjects
| Books
General
| Computer Science
| Computers & Internet
| Subjects
| Books
Firewalls
| Security & Encryption
| Computers & Internet
| Subjects
| Books
General
| E-commerce
| Industries & Professions
| Business & Investing
| Subjects
| Books
Look Inside Business Books
| Trip
| Specialty Stores
| Books
Look Inside Computer Books
| Trip
| Specialty Stores
| Books
All Titles
| Qualifying Textbooks - Fall 2007
| Stores
| Books
Business & Investing
| Qualifying Textbooks - Fall 2007
| Stores
| Books
Computers & Internet
| Qualifying Textbooks - Fall 2007
| Stores
| Books
Similar Items:
-
Cisco ASA and PIX Firewall Handbook
-
Intrusion Prevention Fundamentals
-
Penetration Testing and Network Defense (Networking Technology)
-
Firewall Policies and VPN Configurations
-
Network Security Fundamentals
ASIN: 1587052210 |
Book Description
The essential guide to understanding and using firewalls to protect personal computers and your network
- An easy-to-read introduction to the most commonly deployed network security device
- Understand the threats firewalls are designed to protect against
- Learn basic firewall architectures, practical deployment scenarios, and common management and troubleshooting tasks
- Includes configuration, deployment, and management checklists
Increasing reliance on the Internet in both work and home environments has radically increased the vulnerability of computing systems to attack from a wide variety of threats. Firewall technology continues to be the most prevalent form of protection against existing and new threats to computers and networks. A full understanding of what firewalls can do, how they can be deployed to maximum effect, and the differences among firewall types can make the difference between continued network integrity and complete network or computer failure. Firewall Fundamentals introduces readers to firewall concepts and explores various commercial and open source firewall implementations--including Cisco, Linksys, and Linux--allowing network administrators and small office/home office computer users to effectively choose and configure their devices. Firewall Fundamentals is written in clear and easy-to-understand language and helps novice users understand what firewalls are and how and where they are used. It introduces various types of firewalls, first conceptually and then by explaining how different firewall implementations actually work. It also provides numerous implementation examples, demonstrating the use of firewalls in both personal and business-related scenarios, and explains how a firewall should be installed and configured. Additionally, generic firewall troubleshooting methodologies and common management tasks are clearly defined and explained.
Customer Reviews:
Comprehensive *and* not Cisco-specific..........2006-10-06
As an IT professional, I know and understand that firewalls are a requirement in today's computing environment. But as a developer, the details of firewalls are pretty much a black box to me. I was pleasantly surprised with the book Firewall Fundamentals - An introduction to network and computer firewall security by Wes Noonan & Ido Dubrawsky. I actually understood most of it! :)
Contents:
Part 1 - Introduction to Firewalls: Introduction to Firewalls; Firewall Basics; TCP/IP for Firewalls
Part 2 - How Firewalls Work: Personal Firewalls - Windows Firewall and Trend Micro's PC-cillin; Broadband Routers and Firewalls; Cisco PIX Firewall and ASA Security Appliance; Linux-Based Firewalls; Application Proxy Firewalls; Where Firewalls Fit in a Network
Part 3 - Managing and Maintaining Firewalls: Firewall Security Policies; Managing Firewalls; What Is My Firewall Telling Me?; Troubleshooting Firewalls; Going Beyond Basic Firewall Features
Part 4 - Appendixes: Firewall and Security Tools; Firewall and Security Resources; Index
There were actually a number of surprising aspects to this book (all good). The first thing that surprised me is that this is a Cisco Press book. As such, I would have expected a huge bias towards Cisco technology at the expense of everything else. Yes, most of the options and solutions covered include the Cisco offering in that category. But the overall focus is on the underlying technology instead of the vendor offering. That means that you are getting great information on firewalls, not just how Cisco does it. Another surprising aspect for me was the range of experience that is targeted in the book (and successfully at that). Part 1 was perfect for someone like me who isn't intimately acquainted with the inner workings of a firewall. Part 2 covers the range of solutions, both hardware and software, personal and enterprise. And Part 3 is one of those sections that you'd likely use on a regular basis at work if you're responsible for the care and feeding of network security. The information is extremely practical, and having checklists for troubleshooting may just be something that bails you out of some ugly situations...
There's not too many books that can pull off the difficult task of reaching all experience levels on a subject. The fact that this book does it while being published under a vendor imprint is even more impressive. Definitely a book I'd recommend on the topic of firewalls...
From application proxy firewalls to security policies and rules.......2006-08-05
Firewalls have gone from a luxury to a necessity in the computer world, and today a thorough understanding of their function and setup is required reading for any serious networker, programmer, or computer operator. Firewall Fundamentals: An Introduction To Network And Computer Firewall Security addresses all issues, providing a through introduction to firewalls, how they protect, up to more advanced TCP/IP protocols and firewall configuration for Linux and other systems. From application proxy firewalls to security policies and rules, Firewall Fundamentals holds it all.
Cisco's Replacement for a Dummies Guide to Firewalls.......2006-07-23
Firewall Fundamentals provides what I see as the first clear book in many years on the oldest known protection for the Information Technology field. Authors Wes Noonan and Ido Dubrawsky take the concepts of protection at the basic level and slowly walk the reader through protection and defense from the introduction of threats to the details of advanced firewalls like the Cisco PIX and ASA appliances to Microsoft's ISA application. While this book may to be advanced in nature, it explains in detail the simple items that make the understanding of Firewalls and their technology important. Even from the goal of the book "...personal and desktop..." where the authors clear state that no level will be untouched does this book make one feel comfortable and unafraid.
Considering that this is a Cisco Press, book it surprised me that the amount of non-Cisco detail the authors' included, from Checkpoint and Microsoft ISA in the larger areas to Trend-Micro in the smaller areas. These guys ensured in this book a level of detail and understanding that will guarantee a complete read; even a Security Engineer, like myself who has learned the advanced concepts and deployment methods/reasons for security, gained new insight into the world I work in. For both Noonan and Dubrawsky present the items I sometimes miss, the obvious and clear issues that the regular individuals encounter and need to help them.
Noonan and Dubrawsky start with the simple items and basic concepts slowly and adding to them while not forgetting the assumed reader. This book is divided into four sections including the Appendixes: The first of the major section as always the Introduction which covers the basics from what a threat is to the difference between a personal (computer) based firewall to a network firewall.
After the basics are covered the authors' begin moving into the how of firewall technology from the personal computer to the common home-office like Linksys and finally into the realm of small office and hardware that include the Cisco platforms. While these chapters may appear to focus more on the Cisco Products they do include important other chapters that deal with items like where a firewalls belongs within the network. Within this section of the book we see items as mentioned like the Linksys and Cisco products, but we also see NetFilter and other freeware and pay products including Microsoft's ISA and Checkpoint mentioned, configured and discussed in detail. Within Chapter 7 the Linux products that are slowly advancing in the industry due to their cost and availability are detailed with the NetFilter product. Flow-charts and diagrams again help to explain not only this product, but the key concepts behind firewall technologies and examples of scripting help individuals learn and understanding what should be occurring with the product.
Finally the last key section deals with the importance of Managing and Maintenance any Firewall. From policy management to troubleshooting they do not leave anything out. I personally found the chapter entitled "What is My Firewall Telling Me?" very different from what I would expect in a simple how to read the logs chapter. The authors took time to explain the concepts of logging, the importance and different methods to read the log. Again they showed that this is not a book that is Cisco centric on Cisco heavy by using products and screen shots of non-Cisco items like Microsoft and NetIQ.
What this book is missing is a disclaimer that while published by Cisco Press it is not entirely Cisco Centric and this is a good thing. Yes as many people know Cisco is a large player in the field of networking and information security these author's do everything to ensure a fair and equal play of the others I have mentioned before. I feel that if you where looking for a book to help anyone with a small or home office environment protect it, this is the book you need. While I found adding it to my collection a positive and enjoyable experience, I can only hope that you will too.
Does an Excellent Job.......2006-07-04
Perhaps the most striking thing about this book is that it is not totally Cisco based. Often books from Cisco Press seem like they are really Cisco manuals that have been rewritten. When I picked this book up I was expecting to see nothing but the Cisco PIX Firwall and of course the new Adaptive Security Appliance (ASA). And yes, Chapter 6 is on the PIX/ASA Firewall. But then you go to Chapter 7 and it's about Linux based firewalls that can be put on a basic generic PC at a dramatically lower cost.
Also, somewhat surprising to see a chapter on what you might call personal firewalls, where it specifically covers the firewall that comes with Windows XP and the very popular Trend Micro's PC-cillin.
Basically this excellent book starts with a definition of firewalls, what they are, what they are supposed to do, why they sometimes fail. In short everything you need to know about firewalls. This includes some information that goes down to the basics of TCP/IP through what the screens look like for setting up the common firewalls. I also liked where he talks about points where some experts don't agree with others. When they do this, they point out the good and bad points of both positions.
All in all, an excellent book that meats the goals of discussing the fundamentals of firewalls.
no Cisco bias.......2006-06-30
So what is a firewall? Noonan and Dubrawsky explain, at a sophisticated level far deeper than a "Dummies" book. Starting with the basics. Namely, why you should have one. As a major defense against a bevy of malware attacks on your network. These include worms, Trojans, Denial of Service and the always popular and pernicious social engineering.
Given this motivation, the book classifies the different types of firewalls available. There are various ways to do this. One is simply to divvy up all firewalls into software, appliance or integrated classes. Another method, which might be more meaningful, focuses on the technology used by a firewall. Regardless of whether it's provided by hardware or software. The technology classification gives you packet filtering, NAT, circuit level, proxies, stateful and others. To understand the distinctions, the book also gives a quick education about TCP/IP.
One noteworthy take home message provided by the book is that a NAT firewall is a pretty simple functionality. It really doesn't give that much protection, despite what you might read elsewhere on the Web. The details given in the book should disabuse you on relying on a NAT as your firewall.
I looked and looked for a Cisco bias in the book. It comes from ciscopress.com, after all. But the authors furnish a pretty objective analysis. Yes, at various points, they talk about what Cisco provides in this arena. But Cisco is a major player, and needs to be discussed. It's a disservice to the reader to omit it. Plus, other vendors also get fair play, like Trend Micro or Microsoft.
Customer Reviews:
Not a bad book at all for a basic overview.......2006-08-15
I purchased this book because it was the text for a Network Security Fundamentals course I took as an elective for my undergrad in Computer Information Systems. I was already somewhat of a network guru, but even so, learned some things I didn't know and refreshed some of the things I knew but had forgotten. It was a solid book, and one that may be used as a reference outside of an academic setting (i.e. a computer technican learning his or her trade). A sound purchase, as long as you are not in need of advanced instruction.
Book Description
The only authorized textbook for the Cisco Networking Academy Program
Cisco Networking Academy Program Fundamentals of Network Security Companion Guide, along with the Fundamentals of Network Security Lab Companion and Workbook and the corresponding online course, provide a thorough introduction to network security.
This portable desk reference focuses on the overall security processes based on a security policy with an emphasis in the areas of secure perimeter, secure connectivity, security management, identity services, and intrusion detection. Along with the Cisco Networking Academy Program online course, this
Companion Guide covers the installation, configuration, monitoring, and maintenance using Cisco command-line interface (CLI) and web-based device managers on both the Cisco IOS Firewall and the PIX Security Appliance. It also covers how to
- Configure Network Address Translation, access lists, stateful traffic inspection, and application filtering
- Implement signature-based intrusion detection
- Configure identity management using authentication, authorization, and accounting
- Configure virtual private networks using industry-standard IPSec for both site-to-site and remote access connectivity
This Companion Guide also includes security appendixes that cover several installation tutorials for various hardware and software products.
This book and the course align with the new Cisco Firewall Specialist certification objectives. The Cisco Firewall Specialist encompasses the SECUR (formerly known as MCNS) and Cisco Secure PIX Firewall Advanced (CSPFA) exams. You can use this book and the course to begin certification preparation.
Companion CD-ROM
The CD-ROM contains 11 hi-res PhotoZoom Activities, 200+ exam- preparation questions in a practice Test Engine, more than 50 hands-on e-Lab Activities, 48 Demonstration Activities, plus 10 professional network security utilities, command references, and other resources for an enhanced learning experience.
This book is part of the Cisco Networking Academy Program Series from Cisco Press. The products in this series support and complement the Cisco Networking Academy Program.
Customer Reviews:
A complete reference and resource guide in one!.......2004-10-12
A complete reference and resource guide in one! Published by Cisco Press, Cisco Networking Academy Program Fundamentals of Network Security Companion Guide, ISBN 1587131226, by Cisco Systems, Inc., Cisco Networking Academy Program, thoroughly complements the Fundamentals of Network Security online course in the Cisco Networking Academy Program.
The book is extremely well laid-out! The beginning starts with an overview of Network Security and provides the reader with insight on how to identify, defend and secure computer-based networks. The book quickly jumps into router and PIX configuration, management and vulnerabilities. Topics covered at length include Router and PIX security, as well as configuration examples and overviews. In order to reinforce the chapter lessons, the book includes several labs and exercises in each section. Each chapter concludes with a summary and key terms that can provide the reader with invaluable information. The most useful part of this book is the chapter questions to reinforce your understanding of the material.
In order to complement the complete online course, there is a workbook that is published by Cisco Press, Cisco Networking Academy Program Fundamentals of Network Security Lab Companion and Workbook, ISBN 1587131234, by Cisco Systems, Inc. This workbook reinforces the methods and principals that are included in the companion guide.
The book is written for anyone interested in learning about Network Security and how Cisco devices integrate and ensure secure connectivity. Many of the chapters that are included in this book can be utilized by Network Administrators as a quick reference guide. Even if you are not registered in the Cisco online course, you will be able to utilize the Cisco Networking Academy Program Fundamentals of Network Security Companion Guide as a resource and a definitive study reference for students seeking to obtain the Cisco Firewall Specialist and CompTIA Security + certifications. The book is written for anyone interested in learning about Network Security and how Cisco devices integrate and ensure secure connectivity.
The CD included with the book "Cisco Networking Academy Program Fundamentals of Network Security Companion Guide CD-ROM" is similar to the online content and can be utilized to reinforce the material and lessons. The CD contains: Photo Zooms, Test Engine, E-Lab Activities, Demo Activities, and Additional Resources. The additional resources include command references and useful utilities to utilize on your network.
This book by far is the best Cisco Press book that I have reviewed this year. The Cisco Networking Academy Program Fundamentals of Network Security Companion Guide is rated 4 out of 5 stars.
For anyone pursuing the Cisco online curriculum.......2004-03-07
Fundamentals Of Network Security Companion Guide is an 870-page textbook specifically written and designed to complement the Cisco Networking Academy Program online curriculum. Developed by a team of Cisco Systems experts, this comprehensive instructional expressly reflects the lessons that students study online, and an accompanying CD-ROM features activities similar to the online material to better understand the concepts. Topics covered and extensively discussed with practical examples include basic router and switch security; router AAA security; router site-to-site or remote access to VPNs; PIX security appliance from basic to advanced protocols; and so much more. A serious, in-depth text highly recommended for anyone pursuing the Cisco online curriculum, Fundamentals Of Network Security Companion Guide is a seminal and highly recommended addition to professional Computer Security reference collections.
Average customer rating:
- HORRIBLE BOOK - WASTE OF TIME AND MONEY
- It cannot sink any lower than this...
- Broad coverage of material but just not that good
- Failed the S+ Exam
- Cheese
|
Security+ Guide to Network Security Fundamentals
Cisco Learning Institute
Manufacturer: Course Technology
ProductGroup: Book
Binding: Paperback
General
| Business & Investing
| Subjects
| Books
High-Tech
| Industries & Professions
| Business & Investing
| Subjects
| Books
Course Technology
| Publisher
| Certification Central
| Computers & Internet
| Subjects
| Books
General
| Certification Central
| Computers & Internet
| Subjects
| Books
Security+
| Exams
| Certification Central
| Computers & Internet
| Subjects
| Books
Network Security
| Networking
| Computers & Internet
| Subjects
| Books
Networks
| Networks, Protocols & APIs
| Networking
| Computers & Internet
| Subjects
| Books
General
| Networks, Protocols & APIs
| Networking
| Computers & Internet
| Subjects
| Books
General
| Computers & Internet
| Subjects
| Books
General & Reference
| Technology
| Science
| Subjects
| Books
General
| Arts & Photography
| Subjects
| Books
Look Inside Art Books
| Trip
| Specialty Stores
| Books
Look Inside Business Books
| Trip
| Specialty Stores
| Books
Look Inside Computer Books
| Trip
| Specialty Stores
| Books
Look Inside Science Books
| Trip
| Specialty Stores
| Books
All Titles
| Qualifying Textbooks - Fall 2007
| Stores
| Books
Arts & Photography
| Qualifying Textbooks - Fall 2007
| Stores
| Books
Business & Investing
| Qualifying Textbooks - Fall 2007
| Stores
| Books
Computers & Internet
| Qualifying Textbooks - Fall 2007
| Stores
| Books
Science
| Qualifying Textbooks - Fall 2007
| Stores
| Books
Similar Items:
-
Security+ Guide to Networking Security Fundamentals, Second Edition
-
Lab Network Security Fundamnt
-
Lab Manual For Security + Guide To Network Security Fundamentals
-
Guide to Operating Systems Security
-
Network+ Guide to Networks, Fourth Edition (Networking)
ASIN: 0619212942 |
Book Description
Written to map to CompTIA's Security+ Certification Exam, this text provides a comprehensive overview of network security and covers communication security, infrastructure security, cryptography, operational/organizational security, disaster recovery, business continuity, as well as computer forensics.
Customer Reviews:
HORRIBLE BOOK - WASTE OF TIME AND MONEY.......2006-01-04
I am a network engineer with almost 10 years experience. I have typically shied away from certification tests because I have always found them to be of the "right answer, wrong answer and TEST ANSWER" category. Security+ is absolutely no different but my job required that I take this certification. I signed up for a class at the local college and this was the textbook for that class.
I read the book cover to cover twice, skimmed it twice more, answered the end-of-chapter questions, took the practice exam included on the cd over 20 times and passed everytime with scores 85% and higher. I failed the security+ exam. The difference between the questions on the test and the topics in this book was amazing. DO NOT RELY ON THIS HORRIBLE BOOK TO GET YOU THRU THE TEST. IT IS A COMPLETE WASTE OF TIME AND MONEY.
If I could have given it negative stars, I would.
It cannot sink any lower than this..........2005-12-17
Generally speaking, this have to be by far one of the worst books I have come across for both the content related to the scope of the subject matter, and also extreme inaccuracies due to total lack of comprehension on the material from the author.
The subject matter is general security concepts as it relates to the Security+ exam. In this scope, I expected the material would focus the technologies themselves as they relate to security that is not specific to any one platform, as after all every major OS uses the Internet and E-mail for example. However, this book is overwhelmingly a Windows only book, and reflects a rather narrow vision of Windows-only problems, technologies, and solutions.
In the narrow view of Windows only security, there were so many deficiencies in this book, I could write a tomb on a material. I'll highlight a small sampling of the stuff that really stands out. When covering DNS, there is no mention of secure updates through TSKIP (page 118), nor was there any mention of Active Directory (LDAP) integrated DNS (page 118). These Windows DNS solutions are really important and fairly easy to configure. On UNIX side, one can block zone transfers completely and restrict it through tcpwrappers or xinetd (Exctended Internet Daemon), and Windows can do something using IPSec policy configuration. The book never touches any concept or thinking of this nature for DNS or any other technology for that matter.
On the topic of Windows domains, the author states that "Active Directory is stored in a Security Accounts Manager (SAM) database" (page 120), which oh my, is oh so wrong. Perhaps in older Windows NT this might have been true, but Active Directory uses a distributed database (LDAP) for storing passwords and such, which an extended Jet database stored on each domain controller. The author goes on to proclaim his ignorance of Active Directory noting that a "primary domain controller (PDC) is the name of the server that houses a SAM database. A domain can also have multiple backup domain controllers (BDCs) that are on other servers in the domain" (page 120). Anyone knowing anything about Active Directory is probably rolling on the floor laughing at this moment.
In the topic of databases, the author only discusses Microsoft SQL Server specific issues, and ignores general database security issues and solutions. In the extremely narrow scope of SQL Server, the author recommends installing a personal firewall to block the virus Slammer. However, if the author understood how Slammer works or read any technical articles published by Microsoft on the issue, he would understand that to stop slammer all one needs to do is have a password for SQL Server. What the author doesn't do is note that MSDE, a limited SQL Server database bundled with many Microsoft and third-party applications, doesn't have any password configured by default. However, a password can be added through use of a command-line tool.
For e-mail technologies, the author dissuades using POP3 with completely inaccurate statements about the protocol (page 192). The problem also being with his arguments besides being flat wrong, is that it is his personal opinion on which technology to use and doesn't use any arguments in regards to security. Additionally the author doesn't even cover how to secure either POP or IMAP using SSL or TLS. In the scope of Microsoft Exchange POP and IMAP, there's no mention of the extreme dangers of using un-encrypted POP or IMAP, where passwords fly across the wire in clear naked text. Exchange is integrated into Active Directory, and as such, passwords for these facilities are passwords into their account. Using insecure IMAP or POP traffic is broadcasting the keys to the fort as the expression goes. This situation is not shared by Unix solutions (as they can be configured differently), but as Exchange forces you to use domain accounts, securing the traffic is extremely, repeat extremely, vital and important for security. The author misses the boat with this concept, like other concepts.
In regards to web technologies, this has to be perhaps the most laughable area. The author confuses JavaScript with Java, and even goes so far as to state that JavaScript is a virtual machine and that JavaScript is based on Java (Page 201). Those laughing right now might know that JavaScript was originally called LiveScript and had nothing to do with Java. It was renamed to JavaScript for marketing purposes to popularize JavaScript in created an illusion that it was related to Java. The author goes on to cover only Internet Explorer on only Windows platform, and states that all browsers suffer from the same security weaknesses as ALL other browsers (page 202). If the author had any inkling about browser technology, he would know that the scripting engine in IE is from embedded solution (OLE) sometimes referred to ActiveScripting. This engine has access to all other OLE libraries including saving viruses, um files, on your computer without any sort of authentication. Thus, even if this engine was rock solid secure, it's base features allow hackers to bad things to your computer. This ActiveScripting is embedded into WSH (Windows Scripting Shell), and also IIS (ASP), which is a cause for many exploits in those systems. Internet Explorer itself is packaged up and is embedded into other applications like Outlook, Outlook Express, Windows Media Player, Windows Messenger, MSN Messenger, etc. As some might know, those applications have had many exploits in the past, especially Outlook. Of course all of this is well beyond the ken of the author.
For wi-fi solutions, this has to be the weakest section in the book. On the coverage of specifically WPA/802.11i, the author doesn't cover enterprise WPA or things like a RADIUS server used to authenticate VPN, dial-up, and WPA. He also doesn't even mention AES or EAP security with WPA.
This book is one of the most appalling books I have come across, and cannot even recommend the book even if only for a good laugh. The quality of books sometimes is concern for many in the industry, and this book sets an all new low standard to shoot for.
(I apologize for being unusually harsh, but I have rarely come across a book so regrettable.)
Broad coverage of material but just not that good.......2004-09-20
I'm using this book for a class. We're up to chapter 6 now, and while I'm learning a lot of basic concepts, I've stumbled several times on the writing. It's terribly unclear in places, and clarity is essential in some of these places -- to be short, it's poorly written.
The scope of the book is so wide that it necessarily is shallow. The illustrations are a bit silly and are not a great improvement to clarifying the concept. I am reminded of manuals that go into overwhelming detail as to what mouse-clicks or menu items to select, but don't explain why you want to do this to begin with.
I haven't taken any certification exams as yet, but I would only recommend this book as a brief introduction to subjects that are covered more thoroughly and competently in other books.
Failed the S+ Exam.......2004-08-07
I studied the text - all 17 chapters and the Appendix, then I took every one of The included study CD-based CertBlaster "Subject matter drills", then all 4 of the exams (passing every one on the first pass, and coming very close to perfection on the 2nd pass on any given test.)
I took AND FAILED the S+ exam today. ANY SIMILARITY BETWEEN THE STUDY TOOLS, THE TEXT BOOK, AND THE PRACTICE TEST WITH THE REAL TEST WERE RARE!!!! I basically wasted a week and several hundred dollars.
BTW. The Comptia S+ Exam was probably one of the worst knowledge measurement tools (e.g. exam) that I have EVER taken - and I have taken a huge number of them....
Just FYI
Will Harper, MCSE (NT 3,51/NT 4/W2K/XP), MCT, CCNA, A+, N+, CTT+ (and a bunch of other certs) AAS(IT/Networking), BSEE(computers), MBA.
Cheese.......2004-05-09
This textbook does not cover the material in the Security+ Exam. Entire test subjects are not included, and the lab exercises are terrible. The lab manual only includes a few useful labs and some of them are so outdated they are irrelevant. Authors contradict each other, and the chapters do not hold together well. If you're looking for a lightweight topical introduction, this may work for you, but it won't help you pass the certification exam. This is a very weak introduction to network security, and there are better books available that do cover the content you need to pass the exam. Consider instead "Principles of Computer Security: Security+ and Beyond" ISBN: 0072255099
Book Description
An introduction to the key tools and technologies used to secure network access
- Examine common security vulnerabilities and the defenses used to protect network resources
- Learn about cryptography, including modern-day techniques like 3DES, RSA, hashing, and the use of certificates
- Learn how to design, adopt, and enforce security policies
- Evaluate the nuances of secure network design
- Secure HTTP traffic by hardening operating systems, servers, and browsers
- Protect routers through administrative access policies and services
- Understand what firewalls do and how to implement them to maximum effect
- Inspect and monitor network activity with IDS
- Utilize VPNs for secure remote access
- Learn about PKI technologies
- Examine secure wireless design techniques
- Use logging and auditing tools, such as syslog, SNMP, RMON, and SAA, to manage network traffic
Companies have long been struggling with threats from the hacking community. Keeping pace with the rapid evolution of security technology and the growing complexity of threats is a challenge even in the best of times. The increased focus on security has sent IT managers and engineers scrambling to acquire the proper expertise to implement complex, multilayered solutions.
Network Security Fundamentals introduces the topic of network security in an easy-to-understand and comprehensive manner. This book is designed to provide a fundamental understanding of the various components of a network security architecture and to demonstrate how each component can be implemented to achieve best results. The book uses straightforward language to introduce topics and to show the features, mechanics, and functionality of various network security devices. A series of case studies helps illuminate concepts and shows how you can apply the concepts to solve real-world problems.
Divided into four parts,
Network Security Fundamentals takes you on a tour of all the essential technologies and modern defenses at your disposal to help you maintain network uptime and data integrity. Part I covers the basics, introducing terms and concepts and laying the foundation of a solid security structure. The discussion focuses on weaknesses and vulnerabilities along with an overview of the traditional defenses used to thwart attacks. Part II examines two components of security-cryptography and security policies. Part III looks at the various security components. Separate chapters cover web security, router security, firewalls, intrusion detection systems (IDS), remote access security, virtual private networks (VPN), Public Key Infrastructure (PKI), wireless security, and logging and auditing. Each chapter in this section is a self-contained tutorial, allowing you to skip to those topics of greatest interest or primary concern. Part IV includes several reference appendixes, including the Cisco SAFE Blueprint, NSA guidelines, and SANS policies.
Whether you are looking for an introduction to network security principles and practices or a security configuration reference, this book provides you with the invaluable insight you need to protect valuable company resources.
Customer Reviews:
A good start, but weak on Layer-2 defenses.......2007-06-08
First of all, let me state that this review is primarily in context of Cisco's 642-552 exam, since as of this writing, this is really the only book on their Recommended Reading for this particular exam. There are no Exam Certification series from Cisco for this specific exam, which is the foundation of their CCSP and Security Specialization certifications.
What is good about this title is coverage of security policy, vpn's, ids, firewalls, wireless, and PKI. Good introduction, and decent configuration examples. Certainly enough to get even a neophyte up and running.
So what is this title missing?
#1 SDM [Security Device Manager] configuration examples & exercises. Chances are if you're a newbie, you're going to be much more comfortable using the Browser-based GUI rather than the IOS Command Line. Additionally ALL the simulations for the 552 exam are based around SDM configuration. I would recommend you download SDM documentation from Cisco's website if you're planning on taking the 642-552 exam.
#2 There is inadequate coverage of common Layer 2 attacks, and the defense mechanisms to subvert them. For example, no explanation or examples are given on configuring Port Security which protects against MAC Spoofing, MAC Flooding, ARP Spoofing, and flooding the CAM table. And that is BASIC SWITCH SECURITY that is relatively easy to implement. Furthermore, there should also be discussions of IP Source Guard, VLAN Hopping, and Dynamic ARP Inspection. I HIGHLY recommend you search on Cisco's site about these features & configuring them.
#3 CBAC explanation is fairly unclear. Students will be confused by the fact that they named the ip inspect rules as "BLOCK" and "ALLOW" and associate each one w/ a traffic direction [ingress/egress respectively], when really these names do not accurately describe the behavior of CBAC
#4 Pg 174 "A software based firewall is only as secure as the operating system it relies on...Appliance based firewalls, such as NetScreen or PIX, do not have that vulnerability" ARE YOU KIDDING ME? IOS is still SOFTWARE. All...ALL...software can be exploited. See Hacking Cisco. Certainly it is harder, yes, but it is STILL susceptible application-layer attacks and buffer overflows.
Picks up where "Network Security First-Step" left off!.......2005-12-10
I picked up a copy of "Network Security Fundamentals" (ISBN 1587051672) by Gert De Laet and Gert Schauwers to add to my CCIE Security reading list. Network Security Fundamentals more or less picks up with Tom Thomas's "Network Security First-Step" (ISBN 1587200996). Whereas the Thomas book serves as an excellent introduction to securing your network, "Network Security Fundamentals" is an intermediate level network security book. It delves it more details not only network design essentials, but many other security topics such as Router Security, Firewalls, Intrusion Detection, VPNs, Remote Access, and Wireless.
I found the detailed coverage on Cryptography as well as securing Web Servers especially helpful and insightful. The book includes many device configuration examples, show commands, and debug outputs. I highly recommend this book to any Network Admin interested in securing his/her network as well as any potential CCIE Security candidates out there!
Mark Reyero
CCIE 12932
Nice....................2005-06-03
Excellant book for and new comer to this complexed field in Network Security. For me thought having a few certs (CCNA, CCDA, CCSA, JNCIA, CWSP, CWNA) the book is too entry level. The parts in encryption/VPN just didn't teach me anything I didn't know before opening this book.
BUT please buy this book if you are a new comer to this field. I promise; you will learn alot from this text.
Great IT Security overview book.......2004-12-23
The book presents security overview mostly in Cisco Networking Environment and is very well written without any serious flaws. I found just one minor, which might be considered as a technical reviewer's overlook (page 151, example 8-10). Also SNMP explanation in final chapter is quite formal and limited just to specifying a number of router configuration commands syntax. Authors don't tell anything about security issues associated with SNMP v1/v2 and how SNMP v3 addresses these. And SNMP case study does not shed a light on it as well. That is the reason I have reduced my rating of the book by one star. But the book is really well done and I even did read all the Appendix pages, which is a bit unusual with me.
Spot on - Great security book.......2004-09-20
Ciscopress have released yet another jem of a book, really great read and easy to understand, the two authors known in the introduction as the Two Gert's do a splendid job of describing all the major security concerns you should be fully aware of, this book is highly recommnded and is authored by some very experienced engineers at Cisco -- you will not be dissappointed
Henry
Sydney Australia
Book Description
KEY BENEFIT: This gateway into the world of computer security provides one-volume coverage of all the basic concepts, terminology and issues, along with practical skills essential to security. Topics covered range from those commonly found in security books such as virus attacks, buffer overflow, hacking spyware and network defense, as well as more specialized areas including cyber terrorism, industrial espionage and encryption.
Providing a comprehensive introduction, this volumes examines assessing a target system, denial of service attacks, malware, basics of assessing and securing a system, encryption, Internet fraud, and cyber crime, industrial espionage, cyber terrorism and information warfare, cyber detective, security hardware and software.
For system analysts network administrators, network security professionals and security audit professionals.
Customer Reviews:
An excellent place to start.......2006-11-17
I am using this book for an internet security course. The book is very informative and fairly easy to comprehend from a beginning standpoint. I agree that it includes information that other introductory books do not. This is one text that I will keep for future reference because of its broad scope of information on the important topic of internet security.
Very Good Book.......2005-09-08
I am using this book for an introduction to computer security course I teach. It has the breadth of topics I need (fundamentals of viruses, trojan horses, denial of service, firewalls, IDS, anti spyware, etc.). It even has some material few introductory books cover (cryptography, identity theft).
It has excellent exercises and review questions. I can unequivocally recomend it.
Outstanding book for beginners.......2005-07-31
I teach computer science at a small regional college. I had to review over a dozen different books for our introduction to computer security course. This book is hands down the very best for a beginner. It gives a broad introduction to all aspects of computer security (including some areas other books ignore completely). It also is replete with references, places to look for more information, and practical exercises.
This is the best book for a beginner.
Book Description
An introduction to network attack mitigation with IPS
- Where did IPS come from? How has it evolved?
- How does IPS work? What components does it have?
- What security needs can IPS address?
- Does IPS work with other security products? What is the âbig pictureâ?
- What are the best practices related to IPS?
- How is IPS deployed, and what should be considered prior to a deployment?
Intrusion Prevention Fundamentals offers an introduction and in-depth overview of Intrusion Prevention Systems (IPS) technology. Using real-world scenarios and practical case studies, this book walks you through the lifecycle of an IPS project–from needs definition to deployment considerations. Implementation examples help you learn how IPS works, so you can make decisions about how and when to use the technology and understand what âflavorsâ of IPS are available. The book will answer questions like:
Whether you are evaluating IPS technologies or want to learn how to deploy and manage IPS in your network, this book is an invaluable resource for anyone who needs to know how IPS technology works, what problems it can or cannot solve, how it is deployed, and where it fits in the larger security marketplace.
- Understand the types, triggers, and actions of IPS signatures
- Deploy, configure, and monitor IPS activities and secure IPS communications
- Learn the capabilities, benefits, and limitations of host IPS
- Examine the inner workings of host IPS agents and management infrastructures
- Enhance your network security posture by deploying network IPS features
- Evaluate the various network IPS sensor types and management options
- Examine real-world host and network IPS deployment scenarios
This book is part of the Cisco Press® Fundamentals Series. Books in this series introduce networking professionals to new networking technologies, covering network topologies, example deployment concepts, protocols, and management techniques.
Includes a FREE 45-Day Online Edition
Customer Reviews:
Cisco Centric, but a Very Good Overview.......2006-03-10
It's hard to imagine a system today that isn't connected to the outside world. And with this connection comes (at no extra charge) a way for the bad guys to get access to your data. And unlike our normal custure, there are few (if any) cops out there to do battle with the bad guys.
Unfortunately that leaves the security of your system up to you. And to help you, all kinds of products have emerged to protect your system from undesired penetration from the bad guys, be they from across the globe, or down the hall.
This book gives an overview of the whole problem from a very good description of the threats, to the general rules that any IPS system has to have. As it was written by a couple of Cisco folk, this book tends to follow Cisco concepts in software, hardware, and usage. This isn't all bad because Cisco has a good set of products in this area, arguably the most complete and best integrated together set of tools available. And if you're not using Cisco, this book will still be of use as you'll know what to look for in comparing your equipment with that from Cisco.
Those are certainly fundamentals.......2006-02-02
The book is clearly written, does not assume previous knowledge. If you need a place to start, this is a fine place to start. However, the content is very dated. Charts end at 2003, examples include Nimda, the land attack, slammer. Please don't get me wrong, those are all oldies, but goodies and each teaches an important lesson, but it would be nice to see something from 2005/2006. More effort should have been invested in a discussion on "zero day" attacks, the authors mention attacks may occur that have not been seen in the wild, but do not offer stategies for this. Since "zero day" attacks are not uncommon these days, the issue must be considered and addressed.
The last one third of the book includes the Cisco specifics, e.g. Cisco Security Agent, Policy Feature Card, etc that you expect to see in a Ciscopress book. I enjoyed this part of the book immensely. If you are a manager of a Cisco shop and want to know that you have implemented defense in depth well, this is a great discussion. If you are considering the Cisco product line, this will be truly helpful for you, the authors don't sell, but they lay out how to implement a number of the Cisco security tools in a clear, concise, complete and accurate manner.
Book Description
This hands-on, project-based approach to the fundamentals of network security concepts and skills helps students understand security best practices, laws, and standards that will enable them to build a complete security program. This book introduces a strong foundation that includes security policy, planning, and development of good processes. A step-by-step design teaches students security implementation using recent advances in security tools, such as firewalls, VPN's, encryption, techniques, and intrusion detection devises. Platform-specific defenses are revealed for the desktop, Windows networks, UNIX, Internet, and wireless systems. Laws and government regulation are also covered, including the Patriot Act, homeland security initiatives, and special information on relevant state laws.
Customer Reviews:
Good starting point for IT Supervisor.......2005-01-08
I rate this book as 4 stars, what are the good chapters to be considered:
Unix chapter, this section is exceptionally good and you'll learn about how to configure standard secure Unix Box (Solaris or Linux)
Windows 2000 & 2003 Chapter is a nice and average technical discussions, it has good explanation of Group Policy and I like it very much even though it short.
Policy Chapter, this chapter is exceptionally good for any starting IT Managers, if your type of Manager who want to know where you want to start doing your IT policy then considered this chapter.
IDS and VPN Chapter, This is very good technical material for starting basic management of Firewall.
e-Commerce Chapter, this is the last chapter that i pressume it has theoretically approach design and strategy but few technical discussions.
Bad Side of the Book:
Firewall Chapter (the most important one), it's a crap it only discuss few ideas but never discuss about Firewall Technology and features and tips on how to choose good Firewall, It never discuss basic tips on what strategy you need to considered in maintaining your Firewall. It never discuss about Firewall Appliance and OS based Firewall comparison.
The only thing i appreciate is the author give some insight about the protocols that is always used that must be on top policy and that's it.
Hope this help for anyone going to buy this book.
Great one.......2004-02-23
The book is well written and the concepts it covers are both current and relative. It covers the concepts of basic computer and network security. It has alot of illustration figures. After each chapter there are "Key term quiz" and "Multiple choice quiz" which are helpfull for the students to test their self.
It's great.
Book Description
An introduction to designing and configuring Cisco IPsec VPNs
Understand the basics of the IPsec protocol and learn implementation best practices
Study up-to-date IPsec design, incorporating current Cisco innovations in the security and VPN marketplace
Learn how to avoid common pitfalls related to IPsec deployment
Reinforce theory with case studies, configuration examples showing how IPsec maps to real-world solutions
IPsec Virtual Private Network Fundamentals provides a basic working knowledge of IPsec on various Cisco routing and switching platforms. It provides the foundation necessary to understand the different components of Cisco IPsec implementation and how it can be successfully implemented in a variety of network topologies and markets (service provider, enterprise, financial, government). This book views IPsec as an emerging requirement in most major vertical markets, explaining the need for increased information authentication, confidentiality, and non-repudiation for secure transmission of confidential data. The book is written using a layered approach, starting with basic explanations of why IPsec was developed and the types of organizations relying on IPsec to secure data transmissions. It then outlines the basic IPsec/ISAKMP fundamentals that were developed to meet demand for secure data transmission. The book covers the design and implementation of IPsec VPN architectures using an array of Cisco products, starting with basic concepts and proceeding to more advanced topics including high availability solutions and public key infrastructure (PKI). Sample topology diagrams and configuration examples are provided in each chapter to reinforce the fundamentals expressed in text and to assist readers in translating concepts into practical deployment scenarios. Additionally, comprehensive case studies are incorporated throughout to map topics to real-world solutions.
Customer Reviews:
A Lot of Information with a Slight Cisco Emphasis.......2006-08-05
The introduction to this book clearly states that it is intended for engineers, consultants, administrators and others who have an interest in securing their networks with Cisco routers and VPN products. After all, the book is published by Cisco Press. This is not a bad idea, Cisco makes an awful lot of the equipment used in this area, but it may be something you want to consider if you are using competitive equipment.
Within this limitation, however, the book gives an excellent introduction to the problem and the solutions. There is an awful lot of background information that while sometimes tending to make your eyes close by themselves, gives you the background you really need to know when you are having a problem in a particular area.
The depth given in this book is far beyond the 'type this in' approach given in a lot of books. It is an excellent source of the information needed for a clear understanding of the problems and solutions. Highly Recommended to anyone getting involved with communications security.
mostly about IPsec.......2006-07-27
Ostensibly, this book is about both the general topic of Virtual Private Networks and Cisco's IPsec. In reality, it is mostly about the latter. (The book is from Cisco Press, isn't it?)
The explanations of VPN are quite well done, to be sure. Applicable to any vendor's VPN offerings, not just Cisco's. But it is how IPsec works that constitutes most of the text. En route, there are also nice discussions of the underlying cryptographic processes. No maths is presented. Just qualitative explanations of various public key encryption methods. If you are a sysadmin, you should already be familiar with much of this PKI material. Cisco has clearly sweated out the details of some heavy duty cryptographic processes, to ensure the privacy of the IPsec VPNs.
The book also exposes you to some low level IP packet formatting issues. The idea of a VPN tunnel rests on these foundations, of encapsulating messages at one end of the tunnel, and being able to unwrap them at the other end.
I get the feeling that the typical sysadmin who deploys IPsec between her 2 networks that need a VPN, won't actually need to know much of the cryptographic discussion in the book. Perhaps to make some initial configuration decisions. But on a day-to-day basis, once IPsec is set up, maintenance seems minimal. Which suggests good design by Cisco.
Book Description
The world of IT is always evolving, but in every area there are stable, core concepts that anyone just setting out needed to know last year, needs to know this year, and will still need to know next year. The purpose of the Foundations series is to identify these concepts and present them in a way that gives you the strongest possible starting point, no matter what your endeavor.
Network Security Foundations provides essential knowledge about the principles and techniques used to protect computers and networks from hackers, viruses, and other threats. What you learn here will benefit you in the short term, as you acquire and practice your skills, and in the long term, as you use them. Topics covered include:
- Why and how hackers do what they do
- How encryption and authentication work
- How firewalls work
- Understanding Virtual Private Networks (VPNs)
- Risks posed by remote access
- Setting up protection against viruses, worms, and spyware
- Securing Windows computers
- Securing UNIX and Linux computers
- Securing Web and email servers
- Detecting attempts by hackers
Books:
- Foundation ActionScript for Flash 8 (Foundation)
- Head First Java, 2nd Edition
- History: Fiction or Science? (Chronology, No. 1)
- How to Do Everything with Microsoft Office PowerPoint 2003 (How to Do Everything)
- Information Technology Project Management, Fourth Edition
- Information Technology Project Management, Fourth Edition
- Information Theory, Inference & Learning Algorithms
- Inside Microsoft Windows SharePoint Services 3.0 (Pro Developer) (Pro Developer)
- Introduction to the Design and Analysis of Algorithms (2nd Edition)
- Introduction to the Theory of Computation
Books Index
Books Home
Recommended Books
- Vault Guide to Finance Interviews, 6th Edition
- The Annotated Pride and Prejudice
- Developments in the International Harmonization of Accounting
- Indecent Exposure: A True Story of Hollywood and Wall Street
- Modeling Structured Finance Cash Flows with Microsoft Excel: A Step-by-Step Guide.Book & CD-ROM
- The Canterbury Tales:
- Mayflower: A Story of Courage, Community, and War
- Ready Notes, Volume 1, Chapters 1-13 for use with Fundamental Accounting Principles
- Making Sense of Social Security Reform
- Peliculas de Mi Vida, Las: Una Novela
