I am writing my first book review here in my blog after almost two years. I guess it is the only technical book that I read within this period “Network Security first-step”. Honestly, I do not feel the necessity to read a book. I can easily google on the Internet write on forums or better ask my contracted partner for the necessary info.
I was sitting lazily in the office; one of my colleagues came and said: “if you want to order a book this year, find it on Barns&Noble and send me the link until afternoon”. Some ideas flow over my mind
– No, I don’t need a book
– Maybe a reference book would be good. No, I am using Cisco web site and it’s searchable
– Exam preparation books maybe. No, they are boring.
– If I found a book that I can read before sleep. Well written, easy to read, but not marketing Mambo Jambo, to get some real purified info.
I started to search than.
The book “Network Security first-step”
It has been written by Tom Thomas, published by Cisco Press in 2004. ISBN number is 1-58720-099-6. It has a red cover with a lock on it, 431 pages. It has a $29.95 price tag behind.
It is a must-read for any IT guy who has the “security” word in his/her title or job definition. If you are teaching any kind of information security courses /classes, you too. It is also a must-read for all networkers on security specialization path and Information security auditors.
It is nice to read if you are a CIO or IT technology manager/director and any kind of networker.
It starts with the basics of hacking; terminology, methods, and organizations working against hackers.
It talks about security technologies like ACLs, NAT, and TACACS. Continue with security protocols like DES, MD5, PPTP and SSH, A full chapter for firewalls, a full chapter for router security. A very clear and detailed VPN chapter has been followed by wireless security. Wireless security includes both technology-related titles like WEP, EAP, and history of war walking and wireless hacking tools. IDS chapter is so informative and honeypot was a new term for me explained in this chapter. The last chapter is about real-world hacking tools.
The most interesting thing in this book for me was the second chapter completely dedicated for security policies. Explains basics of building security policies and then it gives some reusable security policy samples.
Mentioned tools mostly open source tools that you can easily download from the Internet and work on your own in more detail. Related URLs has been given for tools and organizations. This will let you use this book as a start point for your further security studies.
He mention about his own company (Granite Systems) in some points. I have to say there are some hidden advertising on it.
This book does the trick. Get one copy of it for your own. I am aware this book has been published in 2004 and I am suggesting it in 2009. You can preview some chapters on the Amazon website. You will see why I suggested it.