This is the only computer book to focus completely on infrastucture security: network devices, protocols and architectures. It offers unique coverage of network design so administrators understand how they should design and protect their enterprises. Network security publishing has boomed in the last several years with a proliferation of materials that focus on various elements of the enterprise.

* This is the only computer book to focus completely on infrastucture security: network devices, protocols and architectures
* It offers unique coverage of network design so administrators understand how they should design and protect their enterprises
* Helps provide real practical solutions and not just background theory

Average Customer Review: ( 9 customer reviews )
Write an online review and share your thoughts with other customers.

If you are serious about protecting your network, this is a must have.
Strongly recommended!!!.

10 of 15 found the following review helpful:

Disappointing lack of original material and command syntaxJun 19, 2004
By Richard Bejtlich "TaoSecurity"
This is a tough review to write, since I worked with the lead authors and series editor at Foundstone, and I'm mentioned by name on p. 384. "Security Sage's Guide to Hardening the Network Infrastructure" (HTNI) is mainly a collection of advice given in other security books, packaged with brochure-like commercial product descriptions. Much of the technical defensive recommendations lack the command-level syntax to put that advice into practical use. I was excited by the table of contents, but disappointed once I finished the book. I can't recommend HTNI unless your library doesn't already address essential networking and security techniques.

Let me first address comments by earlier reviewers. Some liked the "Notes from the Underground." These "notes" seem out of place when they bear titles like "Novell and Ethernet Frame Types" or "Types of Ethernet" (both ch 7); they belong in standard networking texts. Another reviewer said "the writing is witty, intelligent and doesn't condescend." I disagree after reading this sentence on p. 141: "Add to this the fact that Microsoft is certainly the 'black sheep' of the security world and you end up with one disaster of a firewall product." Another gem appears on p. 322, regarding SOHO switches: "And while you're at your favorite hardware vendor getting the switches, pick us up a pack of beef jerky." That isn't "witty" -- it's an unnecessary slam on small offices who can't fork over "half a million dollars" in switching gear (see p. 321) but need Internet access nevertheless.

Another reviewer liked the "hands-on and practical guidance." This is where the book is weakest. Why does an entire chapter on router security (ch 5) not provide any command syntax at all for securing a Cisco router? While ch 8 gives a few helpful commands, it is hardly comprehensive. For example, SSH is mentioned as a secure management protocol, but setup instructions for IOS are missing. Instead of providing product screen shots with little informational content, the authors should show how to "harden the network infrastructure" as readers expect.

HTNI's coordinating author needed to apply greater consistency to the text, since it bears the signs of being written by several independent authors. For example, some network diagrams are fairly clear, while others use completely different symbols and are not easy to follow. Some figures convey useful ideas, like the logical network layouts in ch 10, while ch 3's figure 3.8 shows two Pix firewalls connected by a cable. Do we need to see this figure to understand how to link two firewalls for sharing redundancy tables? Speaking of redundancy, topics covered in one section are often repeated elsewhere; too many contributors felt compelled to explain firewall variations or the OSI model. Some of the Web links were also incorrect, with "ntomap" in ch 2 attributed to NAI (rather than NT Objectives) and my own Web site given a ".org" TLD instead of ".com".

I did find some aspects of HTNI useful. I liked the stories about asset criticality in ch 1. I thought the advice, albeit lacking implementation-level details, was sound overall. The authors seemed to cover competitors to their own Foundstone brands fairly, although their products got more screen shots. I also liked the "mini case studies" in ch 7 addressing switch deployment.

I came to HTNI after reading a five-star Syngress book on Ethereal, and I'm looking forward to their new book on Snort 2.1. I thought Erik Birkholz's "Special Ops" (another Syngress book) was excellent, and placed it on my recommended reading list. Other Foundstone-supported books like "Hacking Exposed," "Incident Response," or "Anti-Hacker Tool Kit" are great reads. HTNI is full of ideas, but they are either old news or lacking the command-level syntax to implement them in the reader's enterprise. A second edition of HTNI would be a winner if thoroughly scrubbed and suitably enhanced by actionable advice.

1 of 2 found the following review helpful:

A book written from the trenchesMay 18, 2004
By G. Gheorghiu
What distinguishes this book from the plethora of security books available these days is the fact that it combines in-depth tutorials on core networking technologies (such as switching and routing) with discussions on security-specific issues such as Access Control Lists, firewalls, Intrusion Detection systems and VPNs, to name a few.

If you are a network manager who wants to learn how to secure your network, this book is for you. If you are a security engineer specialized on application security and if you want to learn more about the core networking protocols of the Internet, this book is for you too.

I especially appreciated the "Notes from the underground", "Tools and tips" and "Checklist" section available in each chapter. These alone are well worth the price of the book.

Highly recommended !

See all 9 customer reviews on Amazon.com