Cisco Secure Internet Security Solutions (Cisco Press Core Series)

Cisco Secure Internet Security Solutions (Cisco Press Core Series)





At present, no available publication deals with Internet security from a Cisco perspective utilizing the Cisco Secure product family. Cisco Secure Internet Security Solutions covers the basics of Internet security and then concentrates on each member of the Cisco Secure product family, providing a rich explanation with examples of the preferred configurations required for securing Internet connections.Aimed at networking professionals responsible for securing the corporate connection to the Internet, this book starts by explaining the threats posed by the Internet and progresses to a complete working explanation of the Cisco Secure product family. The individual components of the Cisco Secure product family are discussed in detail with advice given on how to configure each individual component to meet system requirements. Cisco Secure PIX Firewall is covered in depth from an architectural point of view to provide a reference of the PIX commands and their use in the real world.If this book were a person, it would be a career bureaucrat. It provides the data you need efficiently enough, but it doesn't go into any details you won't find on spec sheets, is fairly dry reading, and doesn't really seem to know what it wants to be.

Cisco Secure Internet Security Solutions is straight from Cisco's course sheets, and it starts off fairly strong. It goes over the basic Internet attacks and explains DoS, SYN floods, SNMP problems, and other typical hacker attacks in clear language that's aimed at the mid-level Cisco professional. It doesn't go into reams of novice-level detail, but rather gives concise summaries. It then covers some of the solutions Cisco has created for the standard array of l33t probes and system invasions. And, in a very nice feature, it actually provides a set of simple global commands that it suggests should be configured on all Cisco products (like denying access from reserved IP addresses), and then explains what each step does and why you should do it, line by line. The next few chapters go into some detail about the Cisco secure product family, discussing PIX Firewalls and Cisco Secure Policy Manager and what you'd use them for. So far, so good.

Later, a couple of long tutorials on configuring the Cisco Secure Scanner and the Secure Policy Manager are filled with helpful screen shots and a fair amount of explanation. But the software is complex, and the book offers no demo or sample software to experiment with. If you aren't able to get your hands on a copy, you might as well resign yourself to reading this section numerous times until you get it. And even then, it still concentrates mostly on how to use the software as opposed to how it works or where it can be used properly, which may or may not be what you're looking for. Fortunately, the book ends well, giving examples of common Internet security threats and suggested solutions.

The writing is dry and filled with numerous charts, but that's pretty typical for Cisco Press books, which aren't known for their dazzling style. If you've read other Cisco books and enjoyed them, or if you don't require a lot of handholding or silly in-jokes, the book will serve you adequately.

The book has two major flaws, however: The first is that in the end it's still mostly regurgitated Cisco documentation, and it doesn't seem to offer a whole lot of real-world experience for the reader to use. In the case of subject matter that's as constantly changing and critical as security, it would have been nice to have a couple of real-world examples of substandard systems to troubleshoot and perhaps show the reader what a hacker would look for when breaking into a network. Admittedly, the book is on Cisco Internet security solutions, not how to keep kids out of your system, but a certain level of teaching would have been nice--and would have shown how Cisco is poised help you in a much better light.

The second is that in the end, this book is little more than an overview of what Cisco can do for you, sans an overview of the competition or the areas that may have no competition. It doesn't really compare products that may do some of the same things, doesn't contrast Cisco's firewalls with other firewall products to give the reader an idea of the features, and in short provides only Cisco solutions to security without showing how other solutions may fail. For a book that really tries to help you understand security issues, discussing only the Cisco view leads to a strange mix of tutorial and blatant shilling, which goes into real depth in some parts and then stalls in others. It gets the job done if you want to know about Cisco security products and approaches, and it does it well. It even is a not-bad introduction to security issues. But ultimately, it's neither fish nor fowl. --William Steinmetz









List Price: $ 55.00



Price: $ 0.81