"A Guide to Virtual Private Networks", Martin W. Murhammer et al,
%A Martin W. Murhammer
%A Tim A. Bourne
%A Tamas Gaidosch
%A Charles Kunzinger
%A Laura Rademacher
%A Andreas Weinfurter
%C One Lake St., Upper Saddle River, NJ 07458
%I Prentice Hall
%O 800-576-3800 416-293-3621 fax: 201-236-7131
%P 174 p.
%T "A Guide to Virtual Private Networks"
You don't have to look very far to figure out that this book is by
IBM, of IBM, and probably for IBM. All of the authors (even those
that don't rate the front cover) work for IBM, and ... well, lookee
here! IBM just happens to make products that relate to virtual
private networks (VPNs)!
Chapter one is a reasonable overview of the basic concepts behind
VPNs. However, the level of the writing is inconsistent, some parts
of the explanation are a bit confused (they tend to use the term
"tunnel" a lot, even where "circuit" might be more fitting), and
overall one gets the feeling that this should be presented on a big
screen in a dark auditorium, with a suit droning on and on. There is
a tendency to illustrate (with not very illuminating figures) rather
than explain, when it comes to the technical bits. Either that, or
just start to list off protocols.
Encryption is explained fairly well in chapter two. There is some
detail as to the actual operation of some algorithms. (I notice that
DES [Data Encryption Standard] is not among them, and that it is
claimed fully, and not just derivatively, for IBM.) The discussion of
key and algorithm strength is weak, however, and there is no
discussion of the basic problems or concerns of key management.
Chapter three provides format details of the IPsec (Internet Protocol
security) AH (Authentication Header) and ESP (Encapsulating Security
Payload) protocols. References for the appropriate draft documents
are given at the end of the chapter. The Internet Key Exchange (IKE)
(also known as Internet Security Association and Key Management
Protocol [ISAKMP]) is discussed in chapter four. Chapters five to
seven look at scenarios for branch offices, business partners, and
remote access, respectively. There is little new content, and most of
the material could be inferred from the text of earlier chapters.
Showing admirable forbearance, most of the detail of IBM products is
held for the appendices.
While not all parts are particularly readable, the book does, at
least, have the advantage of being short. The fundamental concepts of
VPNs are given, enough so that a technical manager could get a basic
grasp of what was required. Possible attacks, and the complexities of
implementation, are not dealt with very well.
copyright Robert M. Slade, 1999 BKAGTVPN.RVW 990321
====================== (quote inserted randomly by Pegasus Mailer)
rslade@... rslade@... slade@... p1@...
GOVERNMENT.SYS corrupted, reboot Ottawa? (Y/N)
eGroup home: http://www.eGroups.com/group/techbooks
- Simplifying group communications