Internet Security and Firewalls

Product Description
From blocking e-mail traffic to restricting the Web sites an employee can visit, firewalls can be effective in implementing network security and warding off hackers. Internet Security and Firewalls is intended for network administrators who want to get started with securing their networks. If you want to learn security issues in a network and implementation of firewalls as part of your corporate security policy, this book is perfect for you. It provides a complete f… More >>

Internet Security and Firewalls

4 replies
  1. Lily Boldin says:

    There is not much in this book. I expected to find details about firewalls and security. There are no details here. This book is not even for people who just want informative knowledge about firewalls.
    Rating: 2 / 5

  2. Anonymous says:

    Covers every thing that an administrator needs to know about setting up a perimeter security. This book is so well written that it fits into the needs of a beginner as well as an advanced security professional. I work as a security consultant and my girl friend is in school studying Masters in computer science. Buying this book helped both of us to gain a better perspective on security… This book is a MUST buy for security consultants…
    Rating: 5 / 5

  3. William McAfee says:

    This book totally focuses on firewall architecture, internals, policy models, design and configuration of firewalls. A great book for security architects and threat modelers. Good book for people working on BCP/DRP as well. Well written and focused to the purpose. Not for the faint hearted though.

    Here are my run down on the chapters

    Chapter 1: Covers history of the internet and basic OSI and TCP/IP model. Noting new here. Same old mundane stuff. The Author seems to have given a rundown of his own philosophy of how the internet may shape-up… This chapter can be totally skipped

    Chapter 2: Great chapter on drafting security model, risk analysis. Covers security concepts on PKI, Digital Certificates. Coverage on footprinting, Scanning, Sweeping, War dialing, war driving, enumeration. in the end the author gets to some code level depiction of stack based buffer attacks. Covers security strtegies. Overall a great chapter

    Chapter 3 and 4 : Good chapters covering the functions and internals of firewalls. Explains in detail about the router based filtering strategy, NATing, VPNs, Network and Application Layer Firewalls. Covers Proxy based firewalls, Socks security, Authentication (kerberos etc), Internals of NAT systems, PPTP, LT2P etc..

    Chapter 5 and 6 : Great chapters of architecture and design for firewalls. Talks about Single router architecture, Dual router and Dual homed hosts. Explains in details about setting up perimeter based security and screened sub-net architectures. Great coverage on variations of screened sub-net architecture. Chapter 6 in general covers the policy models for firewalls in detail. Briefly talks about firewall products. Provides firewall evaluation Criteria. Provide a real world example of setting up a spilt screened subnet architecture. Provides a real world example of configuring a packet filtering architecture.

    Chapter 7: This chapter is giving an overview of bastion Hosts. The author could have done more justice in providing administrative level details of any pragmatic host implementation. Saying that, there is an attempt to show a real world configuration for a Windows based bastion host and unix based bastion host. Falls a bit short of my expectation.

    Chapter 8: This chapter is really short and provides security coverage for internet services such as web servers, email servers and such. Good justice is done in whatever is covered though.

    Chapter 9: Total waste of time

    Chapter 10 : These chapters are good for administrators to configure Microsoft ISA 2000 firewall and Linux based firewalls.

    Chapter 11: This chapter provides implementation and configuration details for router based firewalls. Covers Cisco routers. C-BAC functions, dynamic rules addition to ACLs, working of C-BAC, configuration of C-BAC.
    Rating: 4 / 5

  4. Rob Anderson says:

    This book talk extensively about security architectures, but, it falls short to live up to the expectations of a security administrator who is looking for refrence implementation. There is a lot of theory in this book. The explanations of certain aspects of security architecture is well written (like subnet architectures, bastion hosts). I would have given a five star if the book also provided extensive reference-implementations for different types of security setup in Windows domain.
    Rating: 4 / 5

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.