Product Description: The most practical, comprehensive solution to defending your network perimeter. Get expert insight from the industry's leading voices: Stephen Northcutt and the expertise of the SANS team. Inside Network Perimeter Security is a practical guide to designing, deploying, and maintaining network defenses. It discusses perimeter components such as firewalls, VPNs, routers, and intrusion detection systems, and explains how to integrate them into a unified whole to meet real-world business requirements. The book consolidates the experience of seventeen information security professionals working together as a team of writers and reviewers. This is an excellent reference for those interested in examining best practices of perimeter defense and in expanding their knowledge of network security. Because the book was developed in close coordination with the SANS Institute, it is also a valuable supplementary resource for those pursuing the GIAC Certified Firewall Analyst (GCFW) certification.
Amazon.com Review: Submarines handle awkwardly on the surface of the sea; airplanes are cumbersome when taxiing. Both modes of operation, however, are design requirements. Organizational computer networks have a similar requirement: they have to interface with other networks (thereby forming the Internet) in order to be useful. How network engineers manage their networks' perimeters has a lot to do with their usefulness, cost effectiveness, and--perhaps above all--security. Inside Network Perimeter Security concerns itself with this latter aspect of the connection to the outside world. It's carefully researched, cleverly written, and full of references to recent exploits and, more importantly, the trends they represent. The best details on emerging hack attacks will always be found online. This book takes a longer view, evaluating offensive and defensive technologies and offering well-reasoned advice on how to keep a network secure now and in the future.
Readers familiar with the previous work of the authors--particularly the highly respected Stephen Northcutt--will recognize the style here. It doesn't aim to teach you how to do much in particular--there are a few procedures, and some Cisco Internetwork Operating System (IOS) command listings--but rather tries to show how to think about networks and the data that comes from them. In a typical section, the authors analyze a log from Tiny Personal Firewall. They highlight the facts that are present in the log and the inferences that can be made from them. A similar style helps you master software tools and make network design decisions. This book is perfect for a network engineer wanting to improve his or her security skills for both design and administration purposes. --David Wall
Topics covered: How to design networks' borders for maximum security, and how to monitor them for unauthorized activity. After an introduction to firewalls, packet filtering, and access lists, the authors explain how to set up routers, special-purpose firewalls, and general-purpose hosts with security in mind. A large section has to do with security-conscious design, both for green field projects and existing networks that need expansion or improvement.
Great Book on SMB Network Security This is a great book for seasoned IT professionals that want to learn how to secure small and medium sized networks.
As others have said, if you want to read only one book, this is the one. The authors did a great job of describing concepts and relevant low level details and tools.
I enjoyed reading most of it, but I skimmed parts that described processes that seasoned engineers have applied countless times.
Highly recommended!
Excellent Very, very good. All the most important subjects of perimeter security, remote access, resources separation are addressed. TCP protocol details are clearly part of the explanation, therefore the more you know of it the better it is. Useful links and vendor specific technology references are also included, like Microsoft, Cisco and so on. Excellent.
A very informative read Stephen Northcutt, and the various contributing authors, have created a masterful and well rounded guide of the various considerations that go into securing the network perimeter. As a student of Information Technology this book has been instrumental in my education and has earned a permanent place on my bookshelf (when it is not in my hands directly).
If you want to buy just one book, buy this one. Stephen Northcutt has done a great job! this is the most comphrensive book on the subject. I particularly found the part on access lists very helpful. Niloufer Tamboly, CISSP
Fairly decent but can be thinned out a bit Fairly decent overview of perimeter security. If your a security professional you may learn a thing or two, if your a network administrator and your idea of security is a firewall then this book is meant for you. Its a fairly easy read, but some of the examples of the commands to enter in configuring routers and hosts could be eliminated. I felt the author was just taking up space with these examples. (not a big deal but I'm taking a star away on principal) I also felt the author could have gone into a little be more detail in the VPN chapter, especially when dealing with encryption, PKI, and authenication which I felt was glossed over. (again not a big deal, but when you call yourself the definitive guide, be more definitive and save the 'commands' for the user guides")
Anything Goes Trivia
Megaton Man
Tailipoe
Trevor
