AOH :: ISNQ4824.HTM

Book Review: End-to-End Network Security




Book Review: End-to-End Network Security
Book Review: End-to-End Network Security



http://books.slashdot.org/article.pl?sid=07/11/14/153220 

Author: Omar Santos
Pages: 480
Publisher: Cisco Press
Rating: 9
Reviewer: Ben Rothke
ISBN: 1587053322
Summary: Excellent and comprehensive look at how to secure a Cisco 
infrastructure

"One of the mistakes many organizations make when it comes to 
information security is thinking that the firewall will do it all. 
Management often replies incredulously to a hacking incident with the 
thought "but don't we have a firewall". Organizations need to realize a 
single appliance alone won't protect their enterprise, irrespective of 
what the makers of such appliances suggest and promise. A true strategy 
of security defense in depth is required to ensure a comprehensive level 
of security is implemented. Defense in depth uses multiple computer 
security technologies to keep organizations risks in check. One example 
of defense in depth is having an anti-virus and anti-spyware solution 
both at the user's desktop, and also at the gateway."

End-to-End Network Security: Defense-in-Depth [1] provides an in-depth 
look at the various issues around defense in depth. Rather than taking a 
very narrow approach to security, the book focuses on the comprehensive 
elements of designing a secure information security infrastructure that 
can really work to ensure an organization is protected against the many 
different types of threats it will face on a daily basis.

The books 12 chapters provide a broad look at the various ways in which 
to secure a network. Aside from a minor mistake in chapter 1 where the 
author confuses encryptions standards and encryption algorithms (but 
then again, many people make the same mistake), the book provides a 
clear and to the point approach to the topic at hand. After reading the 
book, one will have a large amount of the information needed to secure 
their Cisco-based network.

While it is not in the title, the book is completely centered on Cisco 
hardware, software, and Cisco IOS. It is a Cisco Press title written by 
a Cisco employee, as you would expect, it has a heavy Cisco slant. For 
those that do not work in a Cisco environment, the information in the 
book will likely be far too Cisco centric for their needs. A review of 
the index shows that the book provides a near A-Z overview of 
information security. One of the only missing letters is 'J', but then 
again, that would require writing about Juniper.

Chapter 1 starts off with a detailed overview of the fundamentals of 
network security technologies. Chapter 2 details the various security 
frameworks and methodologies around securing network devices. The 
six-step methodology that the author writes of is comprised of 
preparation, identification, classification, traceback, reaction and 
postmortem.

The author mistakenly writes that manual analysis of complex firewall 
policies is almost impossible because it is very time-consuming. The 
truth is that the time-consuming aspect does not make it impossible. It 
can be done, but the author is correct that the use of automated tools 
makes such analysis much quicker and easier.

Chapters 5 and 6 provide an excellent overview of reacting to 
information security incidents. The chapters cover all of the necessary 
details, from laws, log finals, postmortem and more.

Chapter 9 provides and extensive overview of the various elements of IPT 
security. It includes various ways to protect the many parts of a Cisco 
IPT infrastructure. In this chapter and the others, the author does a 
very good job of detailing the various configurations steps necessary to 
secure a Cisco device, both at the graphical level and also at the ISO 
command line level.

Chapter 12 concludes the book with 3 case studies of using defense in 
depth a small, medium and large enterprise networks. Different size 
networks have different requirements and constraints and are not secured 
in the same manner.

Overall, End-to-End Network Security: Defense-in-Depth is an excellent 
and comprehensive book on how to secure a Cisco infrastructure. It 
details the many threats such an environment will face, and lists 
countermeasures to mitigate each of those threats. Anyone involved in 
securing Cisco-based networks will find this book to be quite helpful in 
their effort to secure their network.

Ben Rothke is a security consultant with BT INS and the author of 
Computer Security: 20 Things Every Employee Should Know [2].

[1] http://www.amazon.com/exec/obidos/ASIN/1587053322/c4iorg 
[2] http://www.amazon.com/exec/obidos/ASIN/0072262826/c4iorg 
 
....and of course: http://www.shopinfosecnews.org 


__________________________________________________________________      
Visit InfoSec News
http://www.infosecnews.org/ 

Site design & layout copyright © 1986-2014 CodeGods