Wouldn’t it be nice if you could get practically all the guidance you need to implement effective computer security in a single book? Not just theory, but reality, too? Not obsolete information, but the latest scoop? No more searching aimlessly through white papers, RFCs, technical documentation, and all that jazz? If that sounds good, check out Network Security Bible. Written by security pros with more than 60 years experience, it covers everything from basic access control principles to the frontiers of secret communication.
You’ll start by understanding your goal: a practical, defense-in-depth strategy that promotes confidentiality, data integrity, and availability without generating unacceptable inconvenience and cost. Since management skills and executive support are crucial, there’s a full chapter on management right up front: policies, training, planning, legal and liability issues, and much more.
Next, you’ll find more than 250 pages of coverage on securing operating systems and applications, including chapters on Windows, UNIX and Linux, web browsers and clients, email servers, and DNS. Needless to say, your Windows workstations are critical to your defense-in-depth security strategy. The authors systematically walk you through hardening Windows: shutting off unneeded services, enabling encryption (on XP Pro), configuring anti-virus and firewalls, locking down permissions, toughening passwords, establishing physical security, and keeping users safe once they’re running.
Network Security Bible also contains a full section on network security, including chapters on both network architecture and wireless security. The authors wrap up with detailed coverage of assessing both the threats you face and the countermeasures you’ve implemented. Bill Camarda, from the March 2005 Read Only