Network Security First-Step

I recently read Network Security First-Step (ISBN 1-58720-099-6) as the literal first step in my self-education on network security. I've done a little work with firewalls and ACLs, but due to some major security projects on the horizon, and also on my selfish desire to beef up my resume in that area, I've decided to dedicate some time to furthering my knowledge of network security. The book was written by Tom Thomas, who has authored or co-authored 17 books on networking and has also worked as an instructor. He also has a high level of experience in the industry. This experience shows in the quality of this book, which is advertised as an easy introduction into the world of network security. As such, it seemed like a natural place to start my security studies. Having read the book now, I'd have to say that it definitely lives up to the advertising. It is an introduction for the security novice, with just enough technical material to whet the appetite of even experienced networking guy like myself. When the material does get technical, the author uses real-world examples to explain the concepts and does so to great effect, making the book understandable for network novices. The book itself is 400 pages and consists of 10 chapters which cover a wide variety of topics. Chapter 1 is an introduction into the mind and tools of hackerdom. Chapter 2 covers basic security policies and practices. Chapter 3 is a basic overview of security technologies and their uses and benefits. Chapters 4 through 9 go more in-depth into the various security technologies introduced earlier (protocols, firewalls, router security, VPNs, wireless, and intrusion detection) and how they are used. Chapter 10 discusses tools for hacking and security auditing. I can't say enough about how valuable I found the information provided in this book. The author sprinkles the book with URLs which not only reinforce the topic he's covering, but also allow the reader to continue researching on their own. I now have a folder full of web bookmarks which I'm only beginning to delve into. This book doesn't just spoon feeding information to the reader, but also sets them up for a much deeper understanding on networking, depending upon their desire to go deeper. Another feature I like about the book is how the author laid out the advantages and limitations of each network security technology. He also doesn't try to sell any one technology as the Panacea for network security. Rather, he advocates a much more practical layered approach to network security. In conclusion, I recommend this book for anyone wanting to get started in network security. It stands as a springboard into a whole new area of study for my career. I've already come up with a few projects that must be implemented in our network just from reading this introductory book. In the coming months, I plan to read as many security and hacking titles as I can and use that information to better secure our netwo

Network Security: first-step by Tom Thomas is a "must have" for any network administrator or junior engineer plagued by various internet attacks and hacks who lack a foundational understanding of the many facets to network security. As the title suggests, this is fantastic reference tool that should be read before being faced with a security breach of your critical data. With security threats on the rise it would behoove you to learn potential security holes within your environment before your security is compromised. This book accomplishes just that! More than anything, it makes for a GREAT reference manual broken down into chapters based on technologies. So if one wishes to take the "first-step" in learning router security - Chapter 6 is not only a great starting point, but additionally offers information on where to go to continue expanding your knowledge of the subject matter. These references include contact information of other various data security organizations as well as URL's dedicated to information on network security based around the technology of interest. The book can be read cover to cover or used as reference material but what really makes it valuable is its resourcefulness in pointing you in the right direction. The author does not hide the ball with respect to his sources and offers them up to the reader in order for them to delve into any particular subject matter further to their heart's content. On the other hand, however, the area on security policies seemed a little overkill but this is understandable since it is tailored to the security "newbie". The repetitiveness of "You have to have a written policy!" for network, e-mail, Internet use, VPN, extranet, etc. seemed verbose and redundant. Tom Thomas is technically accurate every step of the way and the book flows so smoothly that it can be read by both a beginning learner and a seasoned veteran alike without insulting their intelligence. The ever present minor grammatical and spelling errors, which are easily overlooked as evidenced by their presence, do not break the flow of the reading and I am confident that these superficial errors will be fixed during the book's second release. (Hopefully!) Overall, I give this book high marks for its ease of readability and its resourcefulness! With Cisco Press' launch of its new "first-step" series it is intending to capture an audience that was ignored. Far too common I saw people wanting to get into this industry only to be overwhelmed by its technical complexities but this series lays it out in an easily digestible format.

The author of this first-step book will definitely help you take the first steps into security. I would even say that Tom Thomas takes you even a step further than the basics with the material and configuration examples included. With that said I would be hesitant to recommend this to someone with no networking or IT background. I mention this because a lot of the information, although very informative, is geared for industry professionals who want to gain more information on the security field. As security becomes a greater concern in all aspects of Information Technology, it will become not only necessary but in some instances legally necessary to be up to date with the right information to battle attackers. "Network Security first-step" will give you a great deal of security information to begin with. I really enjoyed the section on Router Security (Chapter 6). For anyone dealing with day to day networking, you will almost certainly run into the need to secure your edge devices. Another really helpful part of the book in this chapter is the Secure IOS Template. This template will give you the necessary configuration components to secure your edge devices. Each command line in the Secure IOS Template is detailed with notes on what each line will achieve. My favorite theory section was on wireless security (Chapter 8). Mr. Thomas starts by reviewing the basics of wireless. He then delves into the possible threats and how they can be done. We then are treated to the different technologies used to secure wireless transmissions. In the end of the chapter we also get reviews of tools used to monitor for security breaches. One of the nice points on how the book is laid out is how it starts a chapter with what you will learn in the following text. Then in the end of the chapters is a summary of what you have learned and a short chapter test on the material called a Chapter Review. The only criticism is that the answers to the Chapter Reviews are located in an Appendix in the rear of the book. This causes you to have to flip to the back of the book to check your answers. I don't find this a terminal problem, but more annoying than anything else. If you want a book that covers a lot of security related topics with a dash of configuration examples to help you implement, then this book is for you.

Great book for security newbies. Also a great resource for those with more experience in network security. Well written and easy to read. The technologies and terminology used, were explained so that even the beginner could follow along. Nicely done Mr. Thomas.

It is about time someone wrote a comprehensive book on network security starting from the ground up. This is well written, helpful and insightful. Mr. Thomas has done a superb job!!! I highly recommend this work for any IT professional specializing in security. Awesome Sourcebook!!!