| | |  | Computer Security | Home » » Inside Network Perimeter Security (2nd Edition) | | | | | | | Product Promotions: | | | | | Description: | | Security professionals and administrators now have access to one of the most valuable resources for learning best practices for network perimeter security. Inside Network Perimeter Security, Second Edition is your guide to preventing network intrusions and defending against any intrusions that do manage to slip through your perimeter. This acclaimed resource has been updated to reflect changes in the security landscape, both in terms of vulnerabilities and defensive tools. Coverage also includes intrusion prevention systems and wireless security. You will work your way through fortifying the perimeter, designing a secure network, and maintaining and monitoring the security of the network. Additionally, discussion of tools such as firewalls, virtual private networks, routers and intrusion detection systems make Inside Network Perimeter Security, Second Edition a valuable resource for both security professionals and GIAC Certified Firewall Analyst certification exam candidates. | | | Product Details: | | | Author:
| Stephen Northcutt | | Paperback:
| 768 pages | | Publisher:
| Sams | | Publication Date:
| March 14, 2005 | | Language:
| English | | ISBN:
| 0672327376 | | Product Length:
| 9.06 inches | | Product Width:
| 6.98 inches | | Product Height:
| 1.65 inches | | Product Weight:
| 2.64 pounds | | Package Length:
| 8.9 inches | | Package Width:
| 6.9 inches | | Package Height:
| 1.8 inches | | Package Weight:
| 2.55 pounds | | Average Customer Rating:
|  based on 7 reviews |
| | | | Customer Reviews: | |
Average Customer Review:
 ( 7 customer reviews )
Write an online review and share your thoughts with other customers.
Most Helpful Customer Reviews
8 of 8 found the following review helpful:
 Excellent book at discussing how to defend your network perimeterFeb 05, 2006
By Sean E. Connelly
"Just a bithead - CCIE#17085"
This review is for the 2nd edition of this book.
"Inside Network Perimeter Security" (INPS) by Northcutt, Zeltser, Winters, Kent, and Ritchey suitably covers the broad topic of securing a network's edge. The book is based, on part, from various SANS Institute training material (Northcutt is the CEO of the SANS Institute). Most of the items documented in INPS are honed from years of discussions in classes (and is mentioned an `excellent supplementary resource" for the GIAC Certified Firewall Analyst (GCFW)).
The book first focuses on perimeter fundamentals - including dedicating about 100 pages to the three main types of firewalls (Packet, Stateful & Proxy). The second section discusses how to fortify other areas of the perimeter - by implementing hardened routers and hosts, VPNs, IDSs, and IPS. The third section discusses designing a secure perimeter from the ground up (consider it best practices). This includes a much-needed chapter on wireless security. The last section is how to monitor and maintain the perimeter.
It is hard to characterize who this book should be aimed at. While configurations examples are given for many different platforms and OSs, the configs cannot be considered complete. I feel this book would serve network admins well as a starting point and as introduction to concepts that they might not be familiar with.
Some items I like from Inside Network Perimeter Security:
-Chapter 6 gives a great discussion on Cisco routers. What really impresses me is, since the documentation is from someone besides CiscoPress, you get an idea of other ways to harden Cisco routers (see the telnet trick on page 142). The first appendix also gives a great collection of different ACLs (consider it an update of the NSA's list). I have over 50 CiscoPress books, and information found in these 2 chapters I have not seen documented in any CiscoPress book.
-Chapter 21 provides a `quick' list of tools to use to help troubleshoot and isolate an issue. While there are some great books that are wholly dedicated to showing the ins-and-outs of different tools, sometimes you can't see the trees through the forest. Within just a few short pages, INPS is able to suggest a plethora of different tools to use based upon the issue.
The book mentions that it's goal "...is to create a practical guide for designing, deploying, and maintaining a real-world network security perimeter." I believe they have done just that!
I give this book 5 pings out of 5:
!!!!!
3 of 3 found the following review helpful:
state of the artJun 20, 2005
By W Boudville
The authors provide a nicely detailed explanation of current network defenses and practises. Each major topic in this field is well covered. Firewalls and packet filtering are clearly done. The preferred choice of example router is from Cisco. But the principles are obviously applicable to devices from any competing vendor.
The book also recommends egress filtering; which is not often discussed in other texts. It helps guard against your net being used to send out malware. This helps the overall environment of the Internet. Moreover, there is also a tangible benefit to you. By doing egress checks, you can detect if one of your machines has been subverted. Which is always good to know.
VPNs are given an entire chapter, due to their importance. The book also goes beyond talking about Intrusion Detection Systems to discuss Intrusion Prevention Systems. More proactive.
To some sysadmins, the most important chapter might be that on wireless networks. As these have grown hugely, so too have the attacks against them. You can learn how to bolt down your wireless network.
7 of 9 found the following review helpful:
 Four stars if reorganized and distilled, five if updatedAug 30, 2006
By Richard Bejtlich
"TaoSecurity"
I first looked at Inside Network Perimeter Security, 2nd Ed (INPS:2E) for my blog, in May 2005. I decided to try reading it this week because I've been reading books on related topics. Individually, the INPS:2E authors largely know their craft. Unfortunately, the book is so poorly organized and diffused that I don't know why other reviewers rate it so highly. Furthermore, the choice of material covered and certain recommendations drag the book down. A third edition might be promising, but I recommend avoiding INPS:2E.
On the macro level, I question the ordering of the book's parts. It's best to lead with definitions, policy, and design, but that doesn't happen here. Part I is mostly about firewalls, with a chapter about policy at the end (Ch 5). Fundamentals of Secure Perimeter Design (Ch 12) appears in Part III (Designing a Secure Network Perimeter). Another design chapter (Ch 23) pops up in Part IV. This makes no sense. The book should have been divided into Theory / Implementation / Processes or some other rational system, with all related material in the proper place.
For example, the operation of FTP (control vs data channels, active vs passive FTP, etc.) is separated into three chapters (2, 3, and 4). FTP should have been explained early in one place, then referenced later. Host IPS appears as part of Ch 11, when it should have been in Ch 10 (Host Defense Components). VPNs appear in Ch 7 and again in Ch 16. TCP state is explained in Ch 3 (Stateful Firewalls), when it should have been covered in Ch 2 (Packeting Filtering) or in a different and earlier section. Yet another firewall -- Pf -- isn't shown until Ch 10 (which covers host defense). Ch 6 (The Role of a Router) covers routers, but Ch 2 mostly covered using routers for filtering.
Beyond organization, the book's choice of technical material is sometimes questionable. INPS:2E spends a good deal of time on reflexive ACLs, even though Cisco recommends using CBAC instead. INPS:2E mentions CBAC but gives no implementation details. Worse, the extrusion RACL suggestion on p 51 allows outbound FTP control (port 21 TCP) but makes no provision for FTP data channels. Ch 19 promotes the virtues of Big Brother, a monitoring tool that's been declining for years since its acquisition. Nagios should have been covered instead. When I also see discussions of IPChains (Ch 2) and FWTK (Ch 4), I question the relevancy of the text.
Despite these problems, most of the book's technical recommendations are sound. I found fault with a few suggestions, e.g. "a good way to improve security is to disable SSID broadcasts on all wireless access points" (p 364). I did like the tip on changing Windows MAC addresses on p 365.
If a third edition is planned, I would like to see a ground-up rewrite. A lead author should plan the chapters of the book, including a rough outline of each chapter's contents. Experts can work within that framework, and then have the lead author edit for consistency and coherency. As it stands, INPS:2E reads more like a collection of disparate thoughts loosely bound by a network security theme. If the existing material was rewritten with clarity and structure in mind, the book would probably be 350-400 pages (not 660).
Richard Deal's Cisco Router Firewall Security, while Cisco-centric, is a better book on this subject. The older Security Sage's Guide to Hardening the Network Infrastructure is helpful. Sean Convery's Network Security Architectures might be the best of all.
1 of 1 found the following review helpful:
It's a firewall bookMay 12, 2007
By jebus
Needed it for class. This book uses Cisco syntax. It's a decent reference, although it's easier to find information on an internet search. This book is not organized that well and has poorly named titles making it hard to search the index for specific information.
Network Security BookMay 12, 2007
By Ana Antoski
"Information Assurance"
This is an excellent book. Authors do not assume that you already know. So, every network element is explained in details from a security perspective.
See all 7 customer reviews on Amazon.com
| | |
|
