vpnsite.net

Price : $29.00

Product Description

The most practical, comprehensive solution to defending your network perimeter. Get expert insight from the industry’s leading voices: Stephen Northcutt and the expertise of the SANS team. Inside Network Perimeter Security is a practical guide to designing, deploying, and maintaining network defenses. It discusses perimeter components such as firewalls, VPNs, routers, and intrusion detection systems, and explains how to integrate them into a unified whole to meet real-world business requirements. The book consolidates the experience of seventeen information security professionals working together as a team of writers and reviewers. This is an excellent reference for those interested in examining best practices of perimeter defense and in expanding their knowledge of network security. Because the book was developed in close coordination with the SANS Institute, it is also a valuable supplementary resource for those pursuing the GIAC Certified Firewall Analyst (GCFW) certification.

Customer Reviews

Review date : 2006-03-13
This is a great book for seasoned IT professionals that want to learn how to secure small and medium sized networks.

As others have said, if you want to read only one book, this is the one. The authors did a great job of describing concepts and relevant low level details and tools.

I enjoyed reading most of it, but I skimmed parts that described processes that seasoned engineers have applied countless times.

Highly recommended!

Review date : 2005-09-10
Very, very good.
All the most important subjects of perimeter security, remote access, resources separation are addressed.
TCP protocol details are clearly part of the explanation, therefore the more you know of it the better it is.
Useful links and vendor specific technology references are also included, like Microsoft, Cisco and so on.
Excellent.

Review date : 2005-01-26
Stephen Northcutt, and the various contributing authors, have created a masterful and well rounded guide of the various considerations that go into securing the network perimeter. As a student of Information Technology this book has been instrumental in my education and has earned a permanent place on my bookshelf (when it is not in my hands directly).

Review date : 2005-01-24
Stephen Northcutt has done a great job! this is the most comphrensive book on the subject. I particularly found the part on access lists very helpful. Niloufer Tamboly, CISSP

Review date : 2004-03-02
Fairly decent overview of perimeter security. If your a security professional you may learn a thing or two, if your a network administrator and your idea of security is a firewall then this book is meant for you. Its a fairly easy read, but some of the examples of the commands to enter in configuring routers and hosts could be eliminated. I felt the author was just taking up space with these examples. (not a big deal but I’m taking a star away on principal) I also felt the author could have gone into a little be more detail in the VPN chapter, especially when dealing with encryption, PKI, and authenication which I felt was glossed over. (again not a big deal, but when you call yourself the definitive guide, be more definitive and save the ‘commands’ for the user guides")

Bandwidth v. Connection Speed
The information age is moving forward and the internet continues to bind the world together in its vast web of technology. As the amount of information that is shared through the internet increases, the need for faster connections also increases. But is a faster connection really the panacea for all internet woes?

An Analogy
A common misconception is that the speed of an internet connection dictates how fast data will be transferred. However, this is not the case. Let me explain. The freeway has a speed limit. That speed limit represents the fastest speed you can go (assuming that the speed limit is a law of nature) under ideal conditions- i.e. little or no traffic. However, the scenario changes drastically when you hit rush hour. All of a sudden, you?re stuck doing 15 mph, a full 60 mph below your capacity! Why? Because there are too many other drivers trying to use the same space.

The Meaning
Now let?s extend this analogy to your internet connection. Your connection has a benchmark speed, something like 10mbps (megabits per second) for DSL and 30 mbps for cable modem. That speed is like the speed limit on the freeway. It is the theoretical top speed that the connection can handle. Unfortunately, just like the freeway, conditions for surfing the net are rarely (if ever) ideal. Your bits are getting stuck behind everyone else?s bits, radically reducing the speed at which your data moves over the connection. This problem is particularly pronounced when you have several users using the same connection. So how do you fix it?

A Solution?
Many people are turning to buying an extra DSL or cable line as a solution to this problem. However, this is akin to building an additional two lane highway alongside an existing two lane highway. You?ll still experience more slowing than if you were to just add two additional lanes to the existing highway. But how does one build additional lanes on their road to the information superhighway?

Get a Bigger Pipe
There are several different options. First, you can try to optimize the connection you already have. Second, you can try to have a larger connection installed. Internet connections are often referred to as ?pipes,? alluding to the flow of information that they handle. The bigger the pipe, or the more lanes on the highway, the faster your data will go. However, having a bigger ?pipe? like a T1 or T3 installed is often costly and inconvenient.

Building a Better Pipeline
However, there is yet another option. A broadband aggregator takes two separate internet connections, whether it?s a pair of DSL lines, cable modem lines, T1s, etc., or any combination of these connections, and pools the bandwidth to make a pipe equal to the size of the aggregate of the two independent connections. For example, if you take two DSL connections of the same bandwidth, your effective bandwidth will double. A word of caution: your connection speed will still have the same speed constraints (i.e. your top speed will not double) you will just have twice as much room for your data to get through. Think same speed limit, extra lanes.

But Wait, There?s More!
There are additional benefits to getting a broadband aggregator. Most aggregators have a built-in VPN (virtual private network) security portal, making it extremely difficult for the wrong people to access your network through your internet connections. In addition, some aggregators feature load balancing, which allows you to dictate how much information is sent to each connection, preventing any one connection from being overwhelmed. Finally, broadband aggregators have built in redundancy: if one internet signal goes down, the aggregator automatically sends all traffic to the remaining active line. This is perfect for people running a dedicated internet server or who need to be connected to the internet 24-7.

And in the End?
The key to the internet isn?t the speed of the connection, it?s the fatness of the pipe.

Nathan Kartchner works in Product Development for Sewell Direct, an online retailer of quality connectivity solutions, like the Splitronic Broadband Aggregator and the Matrox DualHead2Go multi-monitor adapter.