Internet Security and Firewalls (Networking)

This book totally focuses on firewall architecture, internals, policy models, design and configuration of firewalls. A great book for security architects and threat modelers. Good book for people working on BCP/DRP as well. Well written and focused to the purpose. Not for the faint hearted though. Here are my run down on the chapters Chapter 1: Covers history of the internet and basic OSI and TCP/IP model. Noting new here. Same old mundane stuff. The Author seems to have given a rundown of his own philosophy of how the internet may shape-up... This chapter can be totally skipped Chapter 2: Great chapter on drafting security model, risk analysis. Covers security concepts on PKI, Digital Certificates. Coverage on footprinting, Scanning, Sweeping, War dialing, war driving, enumeration. in the end the author gets to some code level depiction of stack based buffer attacks. Covers security strtegies. Overall a great chapter Chapter 3 and 4 : Good chapters covering the functions and internals of firewalls. Explains in detail about the router based filtering strategy, NATing, VPNs, Network and Application Layer Firewalls. Covers Proxy based firewalls, Socks security, Authentication (kerberos etc), Internals of NAT systems, PPTP, LT2P etc.. Chapter 5 and 6 : Great chapters of architecture and design for firewalls. Talks about Single router architecture, Dual router and Dual homed hosts. Explains in details about setting up perimeter based security and screened sub-net architectures. Great coverage on variations of screened sub-net architecture. Chapter 6 in general covers the policy models for firewalls in detail. Briefly talks about firewall products. Provides firewall evaluation Criteria. Provide a real world example of setting up a spilt screened subnet architecture. Provides a real world example of configuring a packet filtering architecture. Chapter 7: This chapter is giving an overview of bastion Hosts. The author could have done more justice in providing administrative level details of any pragmatic host implementation. Saying that, there is an attempt to show a real world configuration for a Windows based bastion host and unix based bastion host. Falls a bit short of my expectation. Chapter 8: This chapter is really short and provides security coverage for internet services such as web servers, email servers and such. Good justice is done in whatever is covered though. Chapter 9: Total waste of time Chapter 10 : These chapters are good for administrators to configure Microsoft ISA 2000 firewall and Linux based firewalls. Chapter 11: This chapter provides implementation and configuration details for router based firewalls. Covers Cisco routers. C-BAC functions, dynamic rules addition to ACLs, working of C-BAC, configuration of C-BAC.

This book talk extensively about security architectures, but, it falls short to live up to the expectations of a security administrator who is looking for refrence implementation. There is a lot of theory in this book. The explanations of certain aspects of security architecture is well written (like subnet architectures, bastion hosts). I would have given a five star if the book also provided extensive reference-implementations for different types of security setup in Windows domain.

Covers every thing that an administrator needs to know about setting up a perimeter security. This book is so well written that it fits into the needs of a beginner as well as an advanced security professional. I work as a security consultant and my girl friend is in school studying Masters in computer science. Buying this book helped both of us to gain a better perspective on security... This book is a MUST buy for security consultants...