Loading ...
Sorry, an error occurred while loading the content.

REVIEW: "Network Security Fundamentals", Gert De Laet/Gert Schauwers

Expand Messages
  • Rob, grandpa of Ryan, Trevor, Devon & Ha
    BKNTSCFD.RVW 20051127 Network Security Fundamentals , Gert De Laet/Gert Schauwers, 2005, 1-58705-167-2, U$50.00/C$73.00 %A Gert De Laet %A Gert
    Message 1 of 1 , Feb 20, 2006
    • 0 Attachment
      BKNTSCFD.RVW 20051127

      "Network Security Fundamentals", Gert De Laet/Gert Schauwers, 2005,
      1-58705-167-2, U$50.00/C$73.00
      %A Gert De Laet
      %A Gert Schauwers
      %C 800 East 96th Street, Indianapolis, IN 46240
      %D 2005
      %G 1-58705-167-2
      %I Cisco Press
      %O U$50.00/C$73.00 feedback@... 800-382-3419
      %O http://www.amazon.com/exec/obidos/ASIN/1587051672/robsladesinterne
      http://www.amazon.co.uk/exec/obidos/ASIN/1587051672/robsladesinte-21
      %O http://www.amazon.ca/exec/obidos/ASIN/1587051672/robsladesin03-20
      %O Audience i- Tech 2 Writing 1 (see revfaq.htm for explanation)
      %P 454 p.
      %T "Network Security Fundamentals"

      The introduction states that the intended audience is comprised of two
      groups: system administrators who are new to network security
      concepts, and managers who need guidance for product purchase and
      strategy decisions.

      Part one is an introduction. Chapter one is supposed to be an
      overview of network security. It is a very short piece full of
      idiosyncratic definitions, isolated bits of security information, and
      with a set of extremely simplistic "reading check" type questions at
      the end. A few network security vulnerabilities (and, oddly, a
      discussion of buffer overflows) make up chapter two. Various security
      tools are listed in chapter three.

      Part two should be about the diverse building blocks that go into
      making up a protective system or architecture, but it really isn't.
      Chapter four is a very spotty overview of cryptography, failing to
      address some significant concepts. A very limited explanation of
      security policy and its creation is in chapter five. (The sample
      policy provided, even within its limited scope, is rather thin.)
      Secure design, in chapter six, is possibly even worse: vague opinings
      and a sales pitch for the Cisco SAFE blueprint document.

      Part five addresses specific security tools. Chapter seven looks at
      Web security by presenting certain security related settings for
      Windows systems and browsers. Router access configurations and the
      Cisco CBAC (Content-Based Access Control) content inspection and
      intrusion detection system (IDS) is outlined in chapter eight.
      Apparently more intent on selling Cisco products than educating
      readers, chapter nine does provide the basic information about
      different types of firewalls, but in a disorganized and confusing
      manner. Much the same approach is taken with IDSs in chapter ten.
      Chapter eleven describes two centralized remote authentication systems
      (RADIUS, Remote Authentication Dial-In User Service; and TACACS+,
      Terminal Access Controller Access Control System plus), but mostly in
      terms of packet types rather than functions. Virtual Private Network
      technologies are described in a disjointed manner in chapter twelve.
      A few aspects of public key infrastructure are presented in chapter
      thirteen, along with a great many screen shots of Windows dialogue
      boxes. The security, or insecurity, of wireless LANs is briefly
      reviewed in chapter fourteen. Chapter fifteen lists some auditing
      technologies.

      Those who are not familiar with security would probably feel more so
      after reading this book, although some of the material is of
      questionable accuracy and even more debatable clarity. Managers might
      be a bit more aware of some of the issues involved in protection
      strategy and product choice, although at the risk of making some
      errors. On balance, this work is probably serviceable as a quick
      guide. The more accurate works of which I am aware are more demanding
      of the reader, and there are some "instant introductions" to network
      security that are considerably worse.

      copyright Robert M. Slade, 2005 BKNTSCFD.RVW 20051127


      ======================
      rslade@... slade@... rslade@...
      It is the test of a good religion whether you can joke about it.
      - G. K. Chesterton
      Where does the idea come from that if what we are doing is fun,
      it can't be God's will? The God who made giraffes has a sense of
      humor. Make no mistake about that. - Catherine Marshall
    Your message has been successfully submitted and would be delivered to recipients shortly.