Network Security First-Step

Wonderful, easy read for Security Newbie as well as the seasoned pro!

Some recent IT Security headlines include: ¿Dutch trio hacked 1.5m personal computers¿ (October 20, 2005) ¿Hacker accesses 5,300 personal student records¿ (November 16, 2005) ¿NMCI gets hacked¿ (November 11, 2005) In 2002, CERT reported 82,094 security incidents the 2003 number jumped to 134,529 reported security incidents (CERT website) Obviously, threats to network security are growing more pervasive as hackers and crackers become bolder. Any IT professional, whether responsible for network infrastructure, servers, desktops, systems, web design, or database administration needs to be familiar with not only understanding network security, but also the tools and designs to develop a secure IT infrastructure. Network security is everyone¿s responsibility, from end-users, to IT staff, to CIOs and CTOs. Tom Thomas ¿Network Security First-Step¿ (ISBN 1587200996) provides a wonderful, readable introduction to Network Security design and best practices. ¿Network Security First-Step¿ is not only a great primer for those new to network security, but also a great reference for those who already have industry experience. I chose to add this book to my CCIE-Security reading list as my first step toward the written exam and CCIE recert. The book¿s opening chapters discusses the fundamentals of network security design, why a security policy for an organization underpins these fundamentals, and then describes the core security technologies and protocols. Subsequent chapters cover the basics of router security, firewalls, VPNs, Intrusion Detection, and Wireless Security. My personal favorite chapter was the one that discusses hacker and cracker ¿Tools of the Trade¿. The entire book is written in a style that is very fluid and conversational. Unlike many IT books, this one balances technical jargon with real-world examples and explanations. This volume would be a great addition to the bookshelf of both the IT engineer in the trenches as well as the CIO in his penthouse office. I highly recommend! Mark Reyero CCIE 12932

Security Springboard

I recently read Network Security First-Step (ISBN 1-58720-099-6) as the literal first step in my self-education on network security. I've done a little work with firewalls and ACLs, but due to some major security projects on the horizon, and also on my selfish desire to beef up my resume in that area, I've decided to dedicate some time to furthering my knowledge of network security. The book was written by Tom Thomas, who has authored or co-authored 17 books on networking and has also worked as an instructor. He also has a high level of experience in the industry. This experience shows in the quality of this book, which is advertised as an easy introduction into the world of network security. As such, it seemed like a natural place to start my security studies. Having read the book now, I'd have to say that it definitely lives up to the advertising. It is an introduction for the security novice, with just enough technical material to whet the appetite of even experienced networking guy like myself. When the material does get technical, the author uses real-world examples to explain the concepts and does so to great effect, making the book understandable for network novices. The book itself is 400 pages and consists of 10 chapters which cover a wide variety of topics. Chapter 1 is an introduction into the mind and tools of hackerdom. Chapter 2 covers basic security policies and practices. Chapter 3 is a basic overview of security technologies and their uses and benefits. Chapters 4 through 9 go more in-depth into the various security technologies introduced earlier (protocols, firewalls, router security, VPNs, wireless, and intrusion detection) and how they are used. Chapter 10 discusses tools for hacking and security auditing. I can't say enough about how valuable I found the information provided in this book. The author sprinkles the book with URLs which not only reinforce the topic he's covering, but also allow the reader to continue researching on their own. I now have a folder full of web bookmarks which I'm only beginning to delve into. This book doesn't just spoon feeding information to the reader, but also sets them up for a much deeper understanding on networking, depending upon their desire to go deeper. Another feature I like about the book is how the author laid out the advantages and limitations of each network security technology. He also doesn't try to sell any one technology as the Panacea for network security. Rather, he advocates a much more practical layered approach to network security. In conclusion, I recommend this book for anyone wanting to get started in network security. It stands as a springboard into a whole new area of study for my career. I've already come up with a few projects that must be implemented in our network just from reading this introductory book. In the coming months, I plan to read as many security and hacking titles as I can and use that information to better secure our network. I can tell it's going to be a busy year. On my 5 ping rating scale, I give this book an emphatic 5. !!!!!

Good First-Step to MUCH NEEDED Network Security!

Network Security First-Step (Your first step into the world of network security) Reviewer Name: Steve Owen Scheiderer, Network Administrator Reviewer Certification: MCSE NT 4.0, CCNA ISBN: 1-58720-099-6 If you¿ve ever been victimized by a hacker you¿re left standing there asking ¿How¿d they do this?¿ and ¿What could we have done to prevent it?¿ One of the most valuable insights of Network Security First-Step by Tom Thomas is that you don¿t have to be a rocket scientist to begin fighting hacker attacks. Thomas introduces the reader to the techniques ¿ often strikingly simplistic or scripted via readily available tools ¿ of the hacker with a ¿It takes one to fight one!¿ tactic. Although there is plethora of technical information, there is plenty of non-technical information to consider. There is something for network administrators, security experts, CEOs and average Jane and Joe user at the office (or at home). Even the most non-technical user learns the importance of and the role they play in protecting the network with a ¿loose lips sink ships¿ approach. CEOs and policy-makers learn to lead by example as they submit to best practices and written policies. This may be one of the greatest feature of the book for the more technically savvy network professional who absolutely needs to enlist the cooperation of both CEO and the average user if the network security war is to be won. Thomas builds on years of experience to show how hackers not only are interested in ¿targets of choice¿ but also ¿targets of opportunity¿. The goal is to protect the network on various levels to guard against either type of attack from the extremely sophisticated to those inflicted on sitting ducks (¿targets of opportunity¿). An entire chapter (Two) is dedicated to written security polices and each chapter is full of tools to use in this quest. Thomas¿ expertise simultaneously shines (especially in the ¿Secure IOS Template¿ pp. 216-228) and presents a challenge to the novice in the area of network security. At times terminology is presented prior to its definition (like ¿social engineering¿ on page 4 and definition on page 5; ¿choke point¿ on page 192 and definition on page 193). Patience will be a virtue for the reader when coming upon new terminology throughout the book. So many tools are presented that at times the reader can be left wondering ¿what does this tool do?¿ The ¿Acceptable Use Policy¿ of Granite Systems is offered ¿if you want to reuse this policy¿ (p. 54) but the reader was never told where the text (template) could be downloaded. Finally, at times chapter outlines, figures and flow of the text were hard to follow. Nevertheless, Thomas¿ expertise and insight make these minor challenges worth enduring and certainly this is complex topic which a book such as this can only begin to explore. I would definitely read other titles by this author and his team of technical editors. I give Network Security First-Step a 4.5 rating on a scale of 1 to 5. An on-line errata page would greatly assist the reader in filling in some of gaps, typos, etc. missed by the author and editors.

A 'must have' for anyone in the field of Network Security

When it comes to a broad topic such as Network Security, the guidelines become obscured with millions of factoids available everywhere. Organizations coming to you left, right, and center vying for attention and trying to instill fear and uncertainty in your network. Giving you examples of how an insecure network can ruin a company, or worse, ruin several companies with a single attack. Well, that is just fine for those who have been in the field for a while and know what is expected of them, but what about the student who wants to get into this ever-expanding field? Or the professional that has been 'out of the loop' for several years, how is he or she going to be introduced to the Network Security spectrum as it stands today? The answer, my friends, is in this book. The very first chapter is devoted to what we as security professionals are up against... Hackers! After all, you can give a blind man a rifle and tell him to defend himself, but if he doesn't have the knowledge to 'see' the enemy, how can he possibly do that? Tom delves into the mind of a hacker and shows you how he or she can enter your network through vulnerabilities, using tools (which anyone can use) or by using a method called 'social engineering.' The layout of the book is simply brilliant. Each chapter has an outline in the beginning, showing what you are expected to learn. For those that like to just 'skim the pages,' it allows for that as well. Not to mention the review questions at the end of each chapter give you an opportunity to evaluate your current level of knowledge. I know some of you out there are saying, 'What about Wireless Network Security?' Well, Tom goes into that issue too, from giving diagrams showing how to import a physical firewall into your network, to showing you how even that can be exploited. Tom has gone to great lengths to show us the 'bread and butter' of the internet and how it can ruin or enrich our lives through proper network security. Given the fact that this is a 'first-step' book, it just scratches the surface of the issue. Think of this release as a smorgasbord, it gives a wide scope of how the internet and network security works, but it leaves you thirsting for more knowledge on the subject.

Right step in learning Network Security

You don't need to work in the Information Technology field to know that Network Security has become a concern and area of focus for many businesses and governments. The media is constantly reporting on the various computer viruses, denial-of-service attacks, digital information theft, or latest vulnerabilities. There seems to be an endless number of people that either 1) like to cause grief for others or, 2) have just a little too much time on their hands. Whatever the case may be, these bad, bad people are creating opportunities for those of us interested in this dynamic and exciting field. As the title suggests, this book is a good 'first-step' toward building at least an awareness of Network Security. Looking for a broad overview of different technologies, concepts, best practices, etc. to start out with, I chose this book. I will mention at this point that before reading this book or doing any studying, I attempted CompTIA's Security+ exam. Let me just say that if you've been working as a Network/SysAdmin for a few years and happen to know what port 443 is used for, you probably won't pass it either. This book has filled in some of the holes (OK, gaping crevices) where I was lacking. It definitely covered many, if not all, of the topics I recall from the exam. The author, Tom Thomas, succeeded in covering a lot of information in an easy to read format along with many references for more in-depth study. I actually bookmarked all the websites mentioned so that I can use them for later reference. I liked the layout of the chapters - starting first with an overview, covering more specific topics, and then discussing the tools that hackers already use and network administrators should use. My recommendation: have a basic understanding of networking and the importance of securing electronic information resources before picking up this book. If you don't have that, you may want to pick up another CiscoPress title (which I have not read): Computer Networking First-Step. While the book intends to be an introduction to security, if you will, it actually went into more detail than I expected; chapter 6, Router Security, is a good example. Here you'll find an entire Cisco IOS template spanning 13 pages with comments on many of the commands and why they should or should not be used. If you've never worked with the Cisco IOS before, this chapter will probably lose you. If you like to write policies and procedures, Chapter 2 provides many examples of different security policies and how you might word them to fit your organization. Another chapter that I liked was Chapter 8 on Wireless Security. It certainly opened my eyes to my own deficiencies in this area (please, don't come 'sniffing' for my access point - at least not yet). Oh, and you can also learn to transform an ordinary Pringles can into a wireless antenna - very interesting if not entertaining! The book is mostly geared toward general vendor-neutral security concepts, but there is a bit of a bias toward Cisco products. What did you expect, though? It is, after all, the networking market leader and this book was printed by CiscroPress, right? Considering this, I was a little surprised to find so many grammatical errors throughout the book. All in all I consider this to be a good read for someone new to IT security; a stepping stone to further reading, areas of discipline or security certifications.

A good first step into security.

The author of this first-step book will definitely help you take the first steps into security. I would even say that Tom Thomas takes you even a step further than the basics with the material and configuration examples included. With that said I would be hesitant to recommend this to someone with no networking or IT background. I mention this because a lot of the information, although very informative, is geared for industry professionals who want to gain more information on the security field. As security becomes a greater concern in all aspects of Information Technology, it will become not only necessary but in some instances legally necessary to be up to date with the right information to battle attackers. ¿Network Security first-step¿ will give you a great deal of security information to begin with. I really enjoyed the section on Router Security (Chapter 6). For anyone dealing with day to day networking, you will almost certainly run into the need to secure your edge devices. Another really helpful part of the book in this chapter is the Secure IOS Template. This template will give you the necessary configuration components to secure your edge devices. Each command line in the Secure IOS Template is detailed with notes on what each line will achieve. My favorite theory section was on wireless security (Chapter 8). Mr. Thomas starts by reviewing the basics of wireless. He then delves into the possible threats and how they can be done. We then are treated to the different technologies used to secure wireless transmissions. In the end of the chapter we also get reviews of tools used to monitor for security breaches. One of the nice points on how the book is laid out is how it starts a chapter with what you will learn in the following text. Then in the end of the chapters is a summary of what you have learned and a short chapter test on the material called a Chapter Review. The only criticism is that the answers to the Chapter Reviews are located in an Appendix in the rear of the book. This causes you to have to flip to the back of the book to check your answers. I don¿t find this a terminal problem, but more annoying than anything else. If you want a book that covers a lot of security related topics with a dash of configuration examples to help you implement, then this book is for you.

Great Book on Network Security!!!

Cisco has done it again by creating and easy to read and enjoyable book on introducing the world of Network Security. Network Security first-step is by far the best introduction for those who want to know more about the ever growing field of network security. This book is clear, concise, and easily readable. The first chapter takes you through and answers the question ¿What is a network?¿ and by the end of the book you have an understanding on what to look out for those intending to do harm to your network via the Internet and such. Network Security first-step is by far one of the most easily read and understandable books that I have enjoyed on this incredible field. Most books out there tend to get into too much technical jibber-jabber and lose the focus of the reader, but this book keeps your attention and gives very ¿down to earth¿ explanations and scenarios. You really get a feel for what the world of security involves and quickly come to realize that this is a growing market in which the opportunities are endless. The illustrations in the book are extremely helpful while teaching each valuable lesson. This prepares the reader on what to expect if the decide to continue their education with Cisco while pursuing one of their many certification paths. One of the greatest aspects of this book is the way in which it is written. The author talks to you in a very upbeat, down to earth, and conversational way making you feel as if you are right there with him. There is a kind of mentorship occurring by which he uses everyday examples that you can relate to and incorporates them into learning about the subject at hand. The chapter summaries in Network Security first-step are right on target. The author stresses the most fundamental and vital points again to make sure the reader is completely ready to move on and build upon what each chapter has to offer without confusing them along the way. This book is again by far the best I have read concerning this topic of Network Security! This series is incredibly valuable to those just starting out or are just curious and want to know more about this specific area of technology. Cisco has proved again to be the leader in the world of Networking! If you are thinking about getting into the evolving world of Network Security, Network Security first-step is definitely the only book you will need to start your journey of understanding and learning from the world leader of networking, Cisco Systems. Cisco and Tom M. Thomas have created a masterpiece!

Great book!

Network Security: first-step by Tom Thomas is a ¿must have¿ for any network administrator or junior engineer plagued by various internet attacks and hacks who lack a foundational understanding of the many facets to network security. As the title suggests, this is fantastic reference tool that should be read before being faced with a security breach of your critical data. With security threats on the rise it would behoove you to learn potential security holes within your environment before your security is compromised. This book accomplishes just that! More than anything, it makes for a GREAT reference manual broken down into chapters based on technologies. So if one wishes to take the ¿first-step¿ in learning router security ¿ Chapter 6 is not only a great starting point, but additionally offers information on where to go to continue expanding your knowledge of the subject matter. These references include contact information of other various data security organizations as well as URL¿s dedicated to information on network security based around the technology of interest. The book can be read cover to cover or used as reference material but what really makes it valuable is its resourcefulness in pointing you in the right direction. The author does not hide the ball with respect to his sources and offers them up to the reader in order for them to delve into any particular subject matter further to their heart¿s content. On the other hand, however, the area on security policies seemed a little overkill but this is understandable since it is tailored to the security ¿newbie¿. The repetitiveness of ¿You have to have a written policy!¿ for network, e-mail, Internet use, VPN, extranet, etc. seemed verbose and redundant. Tom Thomas is technically accurate every step of the way and the book flows so smoothly that it can be read by both a beginning learner and a seasoned veteran alike without insulting their intelligence. The ever present minor grammatical and spelling errors, which are easily overlooked as evidenced by their presence, do not break the flow of the reading and I am confident that these superficial errors will be fixed during the book¿s second release. (Hopefully!) Overall, I give this book high marks for its ease of readability and its resourcefulness! With Cisco Press¿ launch of its new ¿first-step¿ series it is intending to capture an audience that was ignored. Far too common I saw people wanting to get into this industry only to be overwhelmed by its technical complexities but this series lays it out in an easily digestible format.

No text was provided for this review.