Ipsec

Before reading this book I think it is good if you have a basic understanding of IPSec topics and terms. In any case, the book explains quite well the basic principles of IPSec and the associated things such as hashing and encryption algorithms (doesn't go too much into details on these ones though...)The chapter where I lost the thread was ISAKMP and IKE.Maybe it's me, but I think this was pretty confusing way of explaining it.Although most likely not the only book I would read about IPSec - it is certainly a good book as introduction into IPSec and many things are explained very well which I didn't find in some other books.

This book has everything that you need to know about inet security. Doraswamy and Harkins start at the beginning and explain things for the true novice in a way that can easily be understood evne for those without a technical background. The rest of the book is extremely thorough and even an expert should learn quite a bit. I can't think of a thing that has been left out. I have been in the field for over seven years and I learned a thing or two. As the security manager of a medium sized firm, I give a copy of this book to all of my new employees.

This book was short but had very detailed information on the new emerging IPSec protocol. I am an IP Security Engineer for Nortel Networks and have found that this book as some very useful information when it comes to troubleshooting IPSec in a VPN solution. I would recommend this book to anyone who needs to have an understanding of the IPSec architecture or even if you are just getting into security.

Even though the book is not a 1000-page thick, you will be suprised that it provides very good and detailed introduction on IPSec, the emerging security standard for internet. The author gives a brief review on cryptography, TCP/IP and IP Security, and then provoides very detailed information on the three primary parts of IPSec architecture, which are AH, ESP and Key management.Some examples may be missing the point. i.e., as to L2TP, if the payload is IP data, then IPSec can completely handles it. It is used and make sense only when the payload data is some other protocol like IPX etc. In author's example he still uses IP payload and that might confuse the readers. And explanation part of ISAKMP/OAKLEY is particularly hard to read, if the author had given an example, that process would be greatly clarified.Overall, this is a good book to start with whether you are going to implement IPSec or just want to know the architecture of IPSec.

As a network security professional working with IPSec based VPN solutions for the past year, I was looking for a reference that would fill in the gaps of my understanding of IPSec. This book did an excellent job. It presents the concepts and mechanics of IPSec components in a logical fashion. Some gramatical errors, but not bad enough to interfere with the message.