The most practical, comprehensive solution to defending your network perimeter. Get expert insight from the industry's leading voices: Stephen Northcutt and the expertise of the SANS team. Inside Network Perimeter Security is a practical guide to designing, deploying, and maintaining network defenses. It discusses perimeter components such as firewalls, VPNs, routers, and intrusion detection systems, and explains how to integrate them into a unified whole to meet real-world business requirements. The book consolidates the experience of seventeen information security professionals working together as a team of writers and reviewers. This is an excellent reference for those interested in examining best practices of perimeter defense and in expanding their knowledge of network security. Because the book was developed in close coordination with the SANS Institute, it is also a valuable supplementary resource for those pursuing the GIAC Certified Firewall Analyst (GCFW) certification.

Average Customer Review: ( 18 customer reviews )
Write an online review and share your thoughts with other customers.

The books effectively straddles several difficult bordelines, that
adds significant value to it. For example, authors manage to not
express their preferences and provide coverage for both Windows and
UNIX, free and commercial software. Moreover, the book has both
valuable hands-on exercises (right down to 'permit icmp any any
packet-too-big' and 'SEC-6-IPACCESSLOGP') and strategic business
aspects (choosing the network design based on business and industry
requirements).

The book goes well beyond perimeter defense, stretching onto security
monitoring, incident response, vulnerability analysis, security audit
and network performance. Especially fun was a chapter devoted to the
"adversarial review". Security vs performance seem to be a timeless
conflict. The chapter is dedicated to this important aspect of
security design, covering performance impact of various security
technologies.

The important advantage of the book is real-life examples, case
studies and sample network security designs. They are given a thorough
evaluation, both from defender's and attacker's prospective. However,
some currently popular attacks are not given sufficient attention (such
as web hacking and malware). That seem to stem from the fact that in
the book infrastructure defense takes priority over information
protection. Apparently, the books focuses more on defense and
prevention (and thus is less valuable for those seeking to cause
computer mayhem).

Overall, the book is of great value to security novices and the
experienced professionals as well. The latter can use the book as a
complete guide for secure network design, implementation and
maintenance (extensive troubleshooting information is provided) under
real-life constraints. Even when most things in the book might already
be familiar, the added value is in integrated holistic approach to
network security presented by the true experts in the field. It
appears that is can make an effective study guide for SANS GCFW
certification.

Anton Chuvakin, Ph.D., GCIA is a Senior Security Analyst with a major
information security company. His areas of infosec expertise include
intrusion detection, UNIX security, honeypots, etc. In his spare time
he maintains his security portal info-secure.org

19 of 19 found the following review helpful:

All Good Things ......Sep 06, 2002

must come to pass. And with the publication of Inside Network Perimeter Security, a good thing has DEFINITELY come to pass!

With 18 years in the IT field, I have had the "blessing" of using literally thousands of vendor manuals, after-market "self-help" books, tutorials, resource kits and the like; covering operating systems, programming languages, networking, security, applications and utilities. Until now, I've found that I can invariably stick each one into one of my three "personal" review categories.

1. Idiot's Guide - information so general that the only people who could possibly derive any value from it are those who can best be evaluated on a performance review as: "Can IDENTIFY a computer 2 out of 5 times without assistance".

2. Trivial Pursuits - jam-packed with obscure tricks, keyboard shortcuts, links to Easter Eggs, and advanced functions that 98% of users will never have legitimate use for. Tries to be all things to all readers, and fails miserably. You wind up kicking yourself for paying [money] for 800 pages, and only using 5 of them.

3. Guru Goulash - so specific and/or technical that there are perhaps 100 people on Earth who can make sense of - and properly apply - the information it contains. You wonder why the author didn't save a boatload of paper and email a pdf to those 100 people, since he/she probably knows most of them. However, the author could have increased the value 100-fold simply by writing "cleanly" and intelligibly. IBM System 360 manuals, anyone?

BUT: after reading Inside Network Perimeter Security, I may have to develop a new category. The authors have hit the elusive "Sweet Spot"! A book that covers a broad range of topics within the IT Security field, is cleanly written to provide an introduction to these areas to an InfoSec novice; yet with enough "meat" to challenge a seasoned professional to dig a little deeper - and more importantly, to think a little harder.

Firewalls, VPN, routers, and IDS systems are all covered with just enough general information for a new practitioner, then go deeper into the concepts involved with concrete, real-world examples. How each of these components contributes to the idea of a securable "perimeter" is well explained. Most importantly, how each component interacts with, supports, supplements and complements each other as defensive measures is a crucial concept.

The entire tome is wrapped in the mantra of "defense in depth", undoubtedly the most valuable component of an effective IT security program, with real-life case studies to drive home the concepts. This has been done without getting to the level of specificity that limits the audience to either "Guru" or "Idiot" level. In this case, the "middle ground" and the "high ground" have found a commonality of purpose.

I applaud the manner in which diagrams, screen dumps, and example listings have been used. Normally, I find that these often distract from the written information. Here, they have been used judiciously, and effectively highlight the information being presented. The only thing better would be a companion disk with interactive screens to demonstrate the concepts.

Frequent use of "Tips" and "Notes", in conjunction with the aforementioned Case Studies, makes this an excellent long-term reference. This is my personal yardstick of the value of a book - will I come back to it repeatedly?

In the case of Inside Network Perimeter Security, the answer is a resounding YES. I expect to use this book as a solid reference for some time to come; and will undoubtedly use it a prime source in training my security team.

The SANS organization is known and respected as the premier proponent of IT Security. The authors, all members of SANS, have hit yet another home run with Inside Network Perimeter Security. The lack of a companion CD-ROM with extended examples, text version of the book, interactive screens, and perhaps some eval software; is the only thing that prevents it from being a "Grand Slam". Perhaps for the Second Edition?

C. Farley Howard; GSEC, CISSP

14 of 15 found the following review helpful:

Learning Security Thoroughly and CompletelySep 26, 2002
By D. Pitts
This is the real deal. This book has such a broad coverage, but with such depth, that it is like getting three or four books for the price of one. The word "Encyclopedia" should probably be in the title somewhere. Everything dealing with security is at least touched upon, but almost without exception, there are detailed and well prepared discussions on every topic. I have heard that at least one college level course is already using this as their textbook.

The style is very enjoyable and effective. A vast amount of real world experience is shared, often with interesting anecdotal stories. The authors engage you on a one on one basis and converse with you as if you are a close colleague. They discuss many of the commonly used approaches to provide security, but with the important added feature of discussing the critical thought processes that go into what aspects are weak and strong. This is a rarely shared benefit within the technology field that is crucial for learning how to become or remain a competent security practitioner. As an example, in one section two different designs created by students of the SANS firewall class are presented. The book discusses specifics about the designs and where the student's approach is adequate and alternatives that could be considered as improvements depending upon the circumstances. Good technical details are provided along the way, but the core strength is that the reader is taught how to think through problems to be solved instead of just given the answers with no idea about how to derive them on their own. The reader should be able to reason through new security challenges they may face in the future that may not be covered by any existing book or article by applying the wealth of information provided. This book is good at exploring some of the possibilities and encouraging thought provoking ideas about new ways to secure the enterprise, while realizing that sometimes risks must be accepted or mitigated.

Some of the interesting topics covered are: hardening of routers, networks, and computers, intrusion detection, vulnerability assessment, host-based firewalls, virus detection software, the process of design, centralized monitoring, log analysis and event correlation, network troubleshooting, and security policy. I found the appendix on Network Air Gaps very well written and interesting as it discusses an emerging new category of protection device with its own special developing niche.

As with any book, publishing deadlines mean that some new developments in the security field are not reflected within the content. Specifically, the Gauntlet Firewall has been subsequently sold by Network Associates to Secure Computing who is now merging it with its own Sidewinder firewall. Also, the fact that SunScreen Lite is bundled with Solaris 8 is mentioned, but the fact that the full version of SunScreen firewall is included with Solaris 9 is not presented. These types of deficiencies will afflict any book discussing products. Any practitioner should be independently researching and evaluating promising products no matter how they are first discovered anyway. These issues do not detract from the immense contribution this tome provides to the field of security.

This book is a gold mine of years of SANS knowledge in a well-packaged and digestible form. If you don't need this book, then you are not concerned with computer security.

9 of 9 found the following review helpful:

The SysAdmin's Desktop Reference to SecuritySep 16, 2002
By Mr. Gary Anderson
I have more IT books than I know what to do with. Let's see. There is one that I tripped on this morning in the living room, the 10 or so on the dining room table that my wife tells me to move before dinner and the stack that is covering my desk. Someone could come to the conclusion that I bought these books for decoration but it isn't so. I do read them. In fact, I have to read them.

After 15 years administering IT systems, you would think that I would know what I'm doing. Well, I do but the subject has gotten bigger everyday. As computers get smaller and as more people have them and as more businesses want to connect them, it has become a real nightmare for the system administrator. That's why my home and office are looking more and more like a public library.

The situation has come to a point that it is unmanageable. The sales director wants to equip the sales force with the latest technology in mobile computing. The general manager wants to get in on the eBusiness thing. And, of course, all users want to surf, and mail, and chat, whenever they want. To do top all of this off, everyone looks to the system administrator. Moreover, someone important always asks the system administrator (almost as an afterthought), "Hey, is this stuff secure?" The system administrator doesn't know which way to turn. Trying to find a good reference is like buying a hamburger and asking "Where's the beef?" It is either vendor-oriented or so narrow in its focus, that it leaves more questions unanswered than you had when you started. Thus, in the end, you buy a lot of books and you keep on searching.

Inside Network Perimeter Security is the first and only reference source that seems to know what system administration is all about. It starts from the premise that every system administrator knows: bad software and even worse service are the mottos of the IT industry. This book tells you what you always wondered about but could not find. Do you want to know what IPSec, or ICMP, or TCP Wrappers, or SSL or even security policies are? This is the book to buy. How do I configure the Cisco's Access Lists. It's in the book. Do you need to know how to set up a VPN on a Cisco or Windows 2000? It is in the book.

The best thing about this book is that it is easy to read and understand. It doesn't bored you with details for the novice nor does it overwhelm you with a ton of expert jargon and theory that only Paul Allen could understand.

If this book had been published a few years ago, I could have saved a lot of money and the shelf space. This is the desktop security reference that every system administrator must have.

8 of 8 found the following review helpful:

Excellent Network Security BookFeb 05, 2003
By E. Knut
This is a very well written book by a group of very experienced practitioners and teachers. Each chapter reflects their experience and the SANS Institute's no-nonsense approach to teaching highly technical security subjects, making the book a worthwile read for security administrators, analysts and engineers.

Every chapter starts with an introduction to the subject where general aspects are being highlighted in a way that they can be grasped by non-technical people too. From there the authors quickly jump to explaining the hard, technical details. Pros and cons of individual technologies are being discussed, giving expert opinion to those looking for help in deciding about technology choices. A summary, again readable by everybody and their manager closes each chapter.

This is the first book I've seen that groups together and relates all subjects relevant to network perimeter defense. Well chosen diagrams and "real world stories" make it an enjoyable and entertaining read. Highly recommended.

See all 18 customer reviews on Amazon.com