The classic guide to network and Internet security has been thoroughly updated for today's latest security threats. In the second edition of Network Security, this most distinguished of author teams draws on hard-won experience to explain every facet of information security, from the basics to advanced cryptography and authentication; secure Web and email services; and emerging security standards. Highlights of the book's extensive new coverage include Advanced Encryption Standard (AES), IPsec, SSL, PKI Standards, and Web security.

Average Customer Review: ( 18 customer reviews )
Write an online review and share your thoughts with other customers.

Chapter 11 alone is worth the (high) price of the book. It is absolutely the best introduction to the subtle issues that arise with network protocols you are likely to ever find. And Chapters 2 through 6 do a better job of covering cryptography (with particular emphasis on some of the not-so-obvious issues) than many books devoted solely to cryptography. And chapter 26 makes some nice points.

One criticism I have is that---with few exceptions---the rest of the book does not come close to the standard achieved in the chapters mentioned above. The chapter on SSL/TLS is OK and the chapter on Kerberos is passable (if dull), but the remaining chapters are relatively weak. Another criticism is that the title of the book is misleading. Outside of the cryptography chapters, the book is very narrowly focused on networking protocols. In my opinion, there is far more to network security than cryptography and protocols. Take a look at Ross Anderson's book, Security Engineering, to get a nice broad overview of security. Finally, the chapters related to IPsec are really poor. The author(s) seems to be so peeved with the standards committee for doing some stupid things that he/she/they do more carping than describing.

In summary, I highly recommend chapters 2 thru 6, 11 and 26. But you'll need to look elsewhere if you want to learn about more than protocols and cryptography.

15 of 15 found the following review helpful:

A witty and authoritative introduction to network securitySep 22, 1998

Who would have thought that a detailed technical book on network security would be fun to read? I wouldn't have, but this one is highly technical and also lots of fun to read. As the fundamental tenet of cryptography, instead of some abstract mathematical theorem about something or other being NP complete we get "If lots of smart people have failed to solve a problem, then it probably won't be solved (soon)". But don't get me wrong, this is not a content-free book for top management, it is highly technical, with long chapters on secret-key cryptography, hashes and message digests, public-key cryptography, number theory, authentication and much more. Unlike Bruce Schneier's book, Applied Cryptography, which is more like an encylopedia than a book, this one is enjoyable to read while still carefully explaining state-of-the-art cryptographic protocols--not an easy feat to pull off. For anyone with a university degree in engineering, the sciences, or mathematics who wants to learn a lot about network security and be entertained while doing so, this book can't be beat.

14 of 14 found the following review helpful:

Explains tedious theory in an understandable wayFeb 22, 2000
By James Kenyon
I took this book along on a business trip with the expectation that it would work better than chamomile tea before bed -- instead it kept me up well into the night. It turns a, necessarily, tedious subject into compelling reading. A "must-read" and "must-have" reference for any person charged with managing a distributed computing environment.

11 of 11 found the following review helpful:

A great book got even betterMay 26, 2002

The second edition of this witty and informative book on network security is even better than the first edition and is clearly the best book on the subject currently available. Secret and public key algorithms and protocols, message hashes, authentication, Kerberos, PKI, IPsec, SSL/TLS, and e-mail security are all explained at length. Chapter 26 on security folklore is a real gem. In security, the devil is in the details. For anyone planning to design a security system that is actually supposed to work, this chapter is must reading. The book is aimed at readers with a university degree in the sciences, engineering, or mathematics. If you want to learn everything there is to know about network security, look no further.

11 of 11 found the following review helpful:

Comprehensive and written in plain englishMay 12, 1999
By mikedan@microsoft.com
Far and away the best book on network security and basic cryptography. This book is very well written and contains a number of simple examples to explain even the most complex theory. This is so far the only crypto book I've been able to read cover-to-cover more than once without pulling my hair out. Its not as deep on many topics as the Schneier or Stallings books. But if you buy one security/crypto book, buy this one.

See all 18 customer reviews on Amazon.com