Mission Critical Internet Security

I am a senior engineer for managed network security operations, who works mostly with FreeBSD, Linux, and Solaris. I read this book to learn more about security technologies associated with products by Cisco, Microsoft, and other vendors. (I also try to read a variety of computer security books.) If you’re planning to deploy Cisco routers, Microsoft Proxy Servers, or Raptor / Checkpoint / Pix firewalls, give this book a try. If not, you may find the first few chapters worthy nonetheless.

“Mission Critical” strictly adheres to the defender’s point of view, whereas books like “Hacking Exposed” demonstrate security by describing the attacker’s perspective. Chris Brenton’s “Mastering Network Security” (Sybex, 1999) is my favorite “defensive” book, although I bet his new book “Active Defense” (Sybex, 2001) will be the king of this category. “Mission Critical’s” focus on the Microsoft world at the expense of UNIX operating systems is a weakness, unlike the even-handed attention in Brenton’s books.

My favorite section in “Mission Critical” is chapter 4, “Internet Security Applications,” which describes cryptography, digital signatures, SSL, SSH, PGP, S/MIME, and Kerberos. The authors give just enough detail to explain how these technologies work without being boring or repetitive. Chapter 3, “IPSec,” is instructive, and I also think chapter 8, “Cisco IOS,” delivers plenty of content.

The book’s main weakness (other than failure to give UNIX enough attention) is its lack of cohesiveness. I could tell several writers were involved, each with a different opinion as to what “layer 3″ or “layer 4″ means, for example. (This matters; are we talking OSI or “DoD” TCP/IP? If “DoD” TCP/IP, is the bottom layer “network” as listed on page 22 or “host-to-host” as on page 157? And doesn’t “network” usually refer to layer 3 in the OSI model, anyway?) I survived the inconsistencies, but would the intended audience?

I strongly recommend prospective readers check the table of contents to see if the products discussed apply to your environment. As a general security book, “Mission Critical” rates 3 stars. As a book for professionals needing help with specific products, it’s a 4 star book. “Mission Critical” is another step in the right direction for Syngress.

(Disclaimer: I received my review copy free from the publisher.)
Rating: 4 / 5

As an IT professional, I bought this book to see what I am missing on the Internet security area. Just to discorve that there are so many issues that did not know. I especially like the chapter on Proxy Server (by Joli Ballew).

Well worth reading material.
Rating: 5 / 5