Security Sage's Guide to Hardening the Network Infrastructure

This is the minimum every network administrator should know about network security and is an excellent guide for administrators at the intermediate level of security knowledge. One of the things I really liked about the book was that it not only tells the reader how to secure their network but also tells them how to test the system using specific techniques and tools. This includes footprinting a network with tools like whois and DNS interrogation, monitoring traffic, and sniffing. The other great feature of the book is that it includes vendor specific attacks and defenses - the things the vendor won't be telling you. Some of the vendors mentioned include Check Point, PIX, Microsoft ISA Server, NetScreen, and Novell. The authors also examine routing devices and protocols, network management and security, IPSec, VPNs, and security software. In addition to the internal network considerations the authors look at the items on the edge of the local network. These items include network switches and routers, including attacks and defenses by brand. They complete the book with a good discussion of internal network design including the importance of firewall selection and placement, Intrusion Detection Systems, and segmentation. Security Sage's Guide to Hardening the Network Infrastructure is highly recommended for people interested more in how to secure a network than how to hack one as well as how to test that security.

Why is it that when you need a good technical book it written way over your head or one of those "dummies" or "idiots guide" books? i'm not a rocket scientist but I graduated college and dont have time to read and re-read pages because they are written for other geeks to understand. whats great about the Sage guide is that it's not a "manual" -- it's like a conversation. the author talks to you like you are a human being and then when you're done you can do your job. other books (my boss bought me this one and the one with the bald biker gang guy on the cover) leave you with no "action" or thing that you can apply in real life. after reading this book, i immediately followed three of their suggestions and i have logs to prove that i've been stopping some attacks. Even better, our deputy director is now investigating buying vulnerability software for our unit based on the examples shown in the first part of the book. I think everyone that is looking to get a hold on the security of their own network needs to read this just once.

I am a network engineer with over 10 years of experience, my book shelf is filled with networking books and I found this one to be among the best.Its a well organized book that cover all aspect of network security, it takes you step by step to security your infrastructures. The book gives you a comprehensive picture of the network architecture, devices and protocols, at same time offers hands-on and practical guidance to help you secure your network.If you are serious about protecting your network, this is a must have.Strongly recommended!!!.

What distinguishes this book from the plethora of security books available these days is the fact that it combines in-depth tutorials on core networking technologies (such as switching and routing) with discussions on security-specific issues such as Access Control Lists, firewalls, Intrusion Detection systems and VPNs, to name a few. If you are a network manager who wants to learn how to secure your network, this book is for you. If you are a security engineer specialized on application security and if you want to learn more about the core networking protocols of the Internet, this book is for you too. I especially appreciated the "Notes from the underground", "Tools and tips" and "Checklist" section available in each chapter. These alone are well worth the price of the book.Highly recommended !

Bravo!I have been searching for this book for quite some time. There are so many books (too many) telling me how to secure my web-site, my OS, my databases, etc. but this is the first book that instructs, explains and coaches us to secure the very infrastructure that allows all of these networked components to function.This book covers a lot of ground; providing valuable information in easily-digestible chunks like 'tools & traps', and 'Notes from the Underground' that provide perspective to the pitfalls of failing to take adequate care in implementing our network infrastructures.The writing is witty, intelligent and doesn't condescend. I would feel quite comfortable giving this to my non-technical Executive to read.This book is money well spent! Bravo!