The best security for a network segment is isolation, but that's not an option if you want your users to enjoy Internet connectivity. Mission Critical Internet Security explores your options for protecting your network from attack across the Internet, emphasizing firewall solutions from Cisco, Symantec, Microsoft, and Check Point. This book begins with general advice about how to set up a comprehensive system of defenses (comprising a firewall, an intrusion detection system, authentication and cryptography schemes, and protocols like IPsec). It concludes with information (this is the bulk of the authors' work) on the specifics of configuring several products.
You'll enjoy the war stories that appear as sidebars; they call your attention to common errors (and make you feel better if you've made them). You'll also appreciate the carefully considered question-and-answer sections that explain umpteen design alternatives (SOCKS proxy versus Winsock proxy, for example) and engineering challenges (one example: building an IPsec virtual private network between firewalls from different manufacturers). Product-specific sections on Microsoft Proxy Server, Cisco PIX, Symantec Raptor, and Check Point FireWall-1 include a lot of detail, and Syngress promises to keep up with manufacturer upgrades (via Web updates to this book) for at least a year. Worth its price for its conceptual information alone (particularly the IPsec part), this book will really please you if you're installing one of the firewalls it focuses on. --David Wall
The growth of the Internet and its reach into the fabric of business and personal life has outdistanced most organizations' ability to protect the confidentiality and integrity of information. The increased exposure and the constant escalation of threats to network security have increased the need for effective controls that can restore availability, confidentiality, and integrity to information systems. Mission Critical! Internet Security shows how security can be provided in TCP/IP at any layer, and outlines the advantages and disadvantages of each approach. This book will answer the questions you have about Internet Security, including:
- If I use protocol switching on my network, what protocol should I use in place of IP?
- Should I be placing my VPN gateway at the same level as my firewall?
- Can I use IPSec to secure communications with my Win 9x machines?
- Are there back doors in PGP?
- Would a firewall or other security product interfere with the IDS?
- How does SOCKS Proxy differ from WinSock Proxy?
- I am setting up my outbound access control lists to specify which traffic I will permit users to use. How do I know which TCP or UDP port a particular application uses?