Network Security Technologies and Solutions
Product Description
CCIE Professional Development Network Security Technologies and Solutions A comprehensive, all-in-one reference for Cisco network security Yusuf Bhaiji, CCIE No. 9305 Network Security Technologies and Solutions is a comprehensive reference to the most cutting-edge security products and methodologies available to networking professionals today. This book helps you understand and implement current, state-of-the-art network security technologies to ensu… More >>
Network Security Technologies and Solutions
Related videos from YouTube:If you enjoyed this post, please consider to leave a comment or subscribe to the feed and get future articles delivered to your feed reader.
Comments
Depending on where you are in your career is how I’m going to rate this book. If you are somewhat new to security, especially in the Cisco world, this book is the book for you and deserves 5 stars. If you have been in the Cisco security world for several years, are looking to study for your CCSP or CCIE, this book is NOT for you and deserves 1 or 2 stars.
This book does a great job on going over much of the Cisco security portfolio. It goes over the Cisco firewalls, AAA, NAC solutions, IPS, MARS, VPNs, etc. It gives some basic configurations for most of these. Again, I said basic and for a lot of these I would go as far as to say MINIMAL.
Again, if you are looking for study material for some of the CCSP exams or CCIE, this book wont get you close. Those exams dive WAY deeper into the different technologies than what this book offers.
My real issue with the book is the top line in the title “CCIE professional developement”. If I see this and I see its 700+ pages, I’m thinking a Jeff Doyle TCP/IP Vol content book. Nope, not even close. If the authors wanted to cover all the different technologies that they did, but consider this book a “CCIE developement”, they should of split this book into two books and expanded GREATLY on the different technologies.
Rating: 3 / 5
The book is surely a good reference and deals with many security topics,and is up to date.
Unfortunately many links provided are not working.
However it takes far more research on Internet to prepare for CCIE Security, and in some cases (such as Transparent Firewall or Multiple Contexts) to understand better, since they are very important and somehow too shortly addressed.
Rating: 4 / 5
Yusef Bhaiji offers an extremely well written, easy to understand, highly descriptive solution to network security technologies and solutions from a Cisco network security stand point.
In addition to dividing the book into five parts mapping to Cisco security technologies and solutions: perimeter security, identity security and access management, data privacy, security monitoring, and security management, the book also offers a Best Practices Framework. This is accomplished by noting critical Regulatory compliance and Legislative Acts, such as GLBA – Gramm-Leach-Bliley Act, HIPAA – Health Insurance Portability and Accountability Act, SOX – Sarbanes-Oxley Act and the applicable Cisco solutions to each of these regulatory compliance and legislative acts in a clear, descriptive manner.
Specific attack vectors and mitigation techniques are described through vulnerability, threats, and exploits that are a very common threat to today’s networks. In addition to describing the risk assessment, specific solutions and mitigation techniques are offered to offset these threats. A security incident response methodology discusses the specific steps which helps prepare for any security event.
Rating: 5 / 5
Yusuf does a great job at putting together all the relevant material on network security technologies in one place – and all that with comes with an easy to read guide compiled nicely into relevant chapters/parts.
Overall book is divided into five parts, and information is presented in a manner that it serves both novice and advanced readers.
a few things can be improved in a later edition, e.g.., a)allocation of breadths to the newer areas (more on zone-based FW than CBAC) and b) less repetitiveness around the subject matter (ie, overlap with other cisco titles).
All in all, a great title and highly recommended for network security professional at all levels!
Rating: 5 / 5
During the first 7 chapters the author gives overviews of security vulnerabilities and attack mitigations in the current networking world. When finer points are confusing, there is detailed explanation to make the problem clear. For example distinguishing between MAC spoofing and ARP spoofing. Each threat is outlined with a description, background, problems, and mitigation techniques using Cisco configuration. This is not just a theory book but manages to fit in useful configuration examples in almost every turn of the page. This is not a quick read: you will want to have a lab setup to practice on while you read.
Unlike many security discussions that make much of vulnerabilites that are highly unlikely or virtually impossible to pull off, the author clearly states when an attack is improbable, and not worth the effort to consider.
The second unit of the book focuses on identity and access management. I found the sections on layer 2 access control most useful. Particularly the use of 802.1x protocol with a RADIUS server. Something I am currently trying to implement in a network.
Part 3 is all about privacy and encryption and covers many ways to tunnel, hide, and encrypt data packets. The last sections are about Intrusion Detection and Security Management.
Perhaps one of the most helpful setions in the book are the guidelines for establishing a security policy and making it work in a real world environment. Chapter 25 walks you through starting with a security model that gives you a foundation for fleshing out your companies standards, guidelines and procedures so you will be ready for your next audit as well as the real security threats of today.
Rating: 5 / 5