BN.com Gift Guide
Customer Reviews for

Cisco ASA and PIX Firewall Handbook

Average Rating 4.5
( 6 )
Rating Distribution

5 Star

(3)

4 Star

(2)

3 Star

(1)

2 Star

(0)

1 Star

(0)

Your Rating:

Your Name: Create a Pen Name or

Barnes & Noble.com Review Rules

Our reader reviews allow you to share your comments on titles you liked, or didn't, with others. By submitting an online review, you are representing to Barnes & Noble.com that all information contained in your review is original and accurate in all respects, and that the submission of such content by you and the posting of such content by Barnes & Noble.com does not and will not violate the rights of any third party. Please follow the rules below to help ensure that your review can be posted.

Reviews by Our Customers Under the Age of 13

We highly value and respect everyone's opinion concerning the titles we offer. However, we cannot allow persons under the age of 13 to have accounts at BN.com or to post customer reviews. Please see our Terms of Use for more details.

What to exclude from your review:

Please do not write about reviews, commentary, or information posted on the product page. If you see any errors in the information on the product page, please send us an email.

Reviews should not contain any of the following:

  • - HTML tags, profanity, obscenities, vulgarities, or comments that defame anyone
  • - Time-sensitive information such as tour dates, signings, lectures, etc.
  • - Single-word reviews. Other people will read your review to discover why you liked or didn't like the title. Be descriptive.
  • - Comments focusing on the author or that may ruin the ending for others
  • - Phone numbers, addresses, URLs
  • - Pricing and availability information or alternative ordering information
  • - Advertisements or commercial solicitation

Reminder:

  • - By submitting a review, you grant to Barnes & Noble.com and its sublicensees the royalty-free, perpetual, irrevocable right and license to use the review in accordance with the Barnes & Noble.com Terms of Use.
  • - Barnes & Noble.com reserves the right not to post any review -- particularly those that do not follow the terms and conditions of these Rules. Barnes & Noble.com also reserves the right to remove any review at any time without notice.
  • - See Terms of Use for other conditions and disclaimers.
Search for Products You'd Like to Recommend

Recommend other products that relate to your review. Just search for them below and share!

Create a Pen Name

Your Pen Name is your unique identity on BN.com. It will appear on the reviews you write and other website activities. Your Pen Name cannot be edited, changed or deleted once submitted.

 
Your Pen Name can be any combination of alphanumeric characters (plus - and _), and must be at least two characters long.

Continue Anonymously
Sort by: Showing all of 3 review with 5 star rating   See All Ratings
Page 1 of 1
  • Anonymous

    Posted November 25, 2005

    Excellent Coverage of Cisco FWs

    Cisco ASA and PIX Firewall Handbook (ISBN 1-58705-158-3) by David Hucaby is an intermediate to advanced level book on Cisco firewalls. It primarily concentrates on the Cisco PIX firewall (which now apparently is becoming known as Cisco security appliance) but also provides coverage of the Firewall Services Module (found in Cisco¿s high end switches) and the IOS software firewall. Simply put, the author does a superb job of presenting a complex and broad subject in relatively easy-to-understand terms. Nevertheless, if you do not have any experience with Cisco firewalls, this book is not for you. Rather it is meant for someone who has been working with PIX firewalls but wants to gain a better and more in-depth understanding of the subject matter with an eye towards how to get something done ¿ hence the term ¿handbook¿ in the title of the book. If you¿re sitting at a bookstore browsing through a number of books on PIX firewall trying to decide which one to buy, skim through chapter 3 in this book. If you¿re really pressed for time, read through the coverage of VLAN hopping and firewall topology considerations in this chapter. If you¿re still not impressed by level of knowledge that the author brings to the table, either you already know so much that you don¿t need this book (and probably should think about writing one yourself if you¿re half-way-decent in conveying your ideas) or the material is too advanced for you and you¿d be better off getting an introductory book on the topic. For an average network security engineer responsible for maintaining the Cisco firewall series of appliances, the material presented in this book is invaluable (and up-to-date). Of course the material is not always revelatory throughout the book. There are sections which present information that most Cisco admins would already know. But nevertheless the author uses certain stylistic practices which are most helpful in understanding the differences between various areas of coverage. For example, for every command presented in the book, the author makes it a point to lay out the syntax for PIX v. 6.3, PIX v. 7.0 and FWSM next to each other. Further, whenever necessary, the author highlights the additional functionality found in version 7.0 and how it differs from version 6.3 in the PIX firewall. For example, the coverage of FW contexts (virtual FWs), new in version 7.0, is covered in sufficient detail ¿ enough so that the administrator can actually implement it in his/her environment if needed. (By the way, this section is a good illustration of the author¿s knowledge about the inner workings of the Cisco firewalls and provides for an enlightening look at how traffic actually passes through the FW.) In all fairness, I must point out that I was little disappointed in not finding any coverage of VPN tunnels in managing/administering the FWs. There is hardly any coverage given to the topic of remotely managing FWs (on the outside interface) while (IMHO) it happens to be a critical element of any FW administration scheme. Even though the author refers the reader to another book (Cisco IPSec VPN Handbook) for coverage of VPN functionality, I feel that the topic of FW management is simply not complete without discussing remote management ¿ and tunneling is necessary when management has to be done from the outside. Nevertheless, I hope that the author can take this into consideration if a decision is ever made to issue a second edition. Overall, this is a must-have book for any Network Security Engineer working with Cisco FWs. I highly recommend it and look forward to reading other books by this author.

    Was this review helpful? Yes  No   Report this review
  • Anonymous

    Posted November 8, 2005

    The Ultimate Handbook and Guide for any Firewall Engineers and Administrator

    I do not think the subtitle ¿The Complete Guide to the most popular Cisco firewall security features¿ goes to the level of credit that this book truly goes too. David Hucaby did not only write a guide, he wrote a book that will clearly sit on my quick grab shelf right next to my desk for years to come (or until the next version). For as the introduction states ¿the book is meant to be used as a tool in every day activities.¿ and that is clearly what it does. David wrote for both from the introduction and the structure of the book to the index, a complete guide and tool that deserves ranting and raving. As you begin flipping through the book the knowledge and understanding of how a security engineers or administrator operate becomes clear. While the structure alone being designed to support both chapters and sections within the chapters, help to ensure details are easily located and quickly referenced. Combine with the detailed index in this book, ensure he does not miss a beat. From the beginning you see the level of both understanding and time that was done when David wrote this book. Not only is David¿s book designed to be more than a reference guide. By going through the step by step process and understanding, but it details numerous features, commands and methods to help individuals understand what they are seeing or expecting. While exploring the book I found several nice facts including a quick bit in chapter 3 ¿Configuring Interfaces¿ where David talks about Priority Queue and the differences between current 6.x and new 7.x code. As we have learned with PIX code up to version 7.x it was all best-effort, but then has begun to change for the future. Thus this section while small is an excellent section to show the detail packed and excellent example of why this book needs to be on every security engineers and administrators desk or bookshelf. Other features in this book is provide us the reader with excellent examples of the evolution of Cisco¿s firewall operating code as it moves from version 6.x to 7.x platform. Cisco has begun to introduction new features and support new platforms like the Firewall Service Module (FWSM) and the new Cisco ASA into an already growing product line in high demand. With the book David spends time showing how the same configuration items behave with each different code level or hardware platform that Cisco has introduced and currently supports. This alone can clearly help any individual attempting to understand and compare Cisco Firewalls product lines. Yet while this is another excellent example of why the book is a must have, the final that comes to mind is the detailed Appendix¿s that David has included from a complete list of error codes for all PIX syslog errors or messages to A ¿Well-Known Protocol and Port Numbers¿ section. At one point I found myself looking from chapter to chapter and spot to spot without realizing I was jumping around. Cause regardless of where you are in the book you too will find yourself jumping around to either review something or cross-reference an item. If I was to change anything in the book, it would be the cover cause the material is as perfect as possible considering the length and time clearly spent learning and comparing the differences that the book contains. Why do I say the cover needs to be changed you ask? Well I think that as a security engineer or administrator you will be referencing this material so much that the soft cover will become damaged and show the wear and tear that comes with true usage and appreciation of a book of this caliber.

    Was this review helpful? Yes  No   Report this review
  • Anonymous

    Posted September 14, 2005

    Knowledge is Safety

    The subtitle for Cisco ASA and PIX firewall Handbook states that it is 'the complete guide' for PIX, ASA, FWSM, and IOS Firewall features. I have read other books on the PIX and the IOS Firewall and I agree that Hucaby is very thorough in walking the reader through the configuration and management of these devices. This is not a book to gain a basic understanding of network security, but is written with the intermediate to advanced network administrator in mind. Hucaby has good concise coverage of concepts while diving into the minutia of configuration examples. Case studies are used, but not to verbose. Hucaby simply states the goals and shows you the configurations in an outlined format. The structure of each chapter includes a description, steps to configure, sample configurations, and how to verify a feature is functioning. One of the appendices is invaluable for understanding the PIX and IOS Firewall logs. They are grouped by the alert levels. The other appendix charts the IP protocol numbers and TCP/UDP port numbers, also handy for reference when configuring. This book will now replace an older title I had on the PIX Firewall as my desk reference. I will also consult it when configuring the other firewall appliances. If you work through this book with your equipment, perhaps the greatest benefit will be the understanding you will gain for interpreting error logs. This will benefit both security as well as troubleshooting. During my first reading through of the book, I found useful commands that I was unaware of and do not show up when typing a question mark at the command prompt. Because of this I was able to more accurately view the traffic from a recent setup and had more confidence in knowing that it was working correctly. Primarily because the title is so concise, yet thorough, I rate this book 5 stars and look forward to reading more books by this author.

    Was this review helpful? Yes  No   Report this review
Sort by: Showing all of 3 review with 5 star rating   See All Ratings
Page 1 of 1