To calculate the overall star rating and percentage breakdown by star, we don’t use a simple average. Instead, our system considers things like how recent a review is and if the reviewer bought the item on Amazon. It also analyses reviews to verify trustworthiness.
A brilliant book for beginners or experienced network administrators/engineers/architects, whether you're just getting into network security or you're experienced, this book will give you an illustrated guide into network security with some brilliant configuration examples, it explains what you need to know about securing your network with Cisco equipment. Highly Recommended.
I liked the deep analysis of the voice and multicast features of the Cisco firewalls. On each topic the author starts with sometimes not so brief description of the underlying technologies he examines but also includes output from captures and debug commands. I would recommend this book to anyone thinking to start or already has an experience with Cisco firewalls. I haven’t given 5 stars as sometimes I thing the book spend way too much analysis on a topic (i.e. voice). Don’t forget that this is a 1000 page book. Also there is not too much reference on other security devices (such as IPS, SWG etc). We shouldn’t forget that this book only focuses on the firewall aspect of the network security.
While reading the news on net-security.org, I found a review that I believe may be useful to other readers (it really reflects my impressions of the book):
[...] (by Zeljka Zorz).
"There used to be a time when firewalls were considered a full proof solution for protecting networks, and that time is long gone. History has taught us there are no silver bullets when it comes to computer and information security, but firewalls are still a great and versatile tool in the hands of those who know how to use them effectively. "Cisco Firewalls" will tell you how. [...] The theory behind this book is that the reader should learn what every firewall feature brings to the table so that he could make an informed and correct decision when dealing with his own firewall situation.
In order to do that, the author covers both ASA-centric and IOS-based firewall deployments, and addresses the motivations for the use of features of each of those two types clearly.
The chapter on additional protection mechanisms is very interesting, and so are those that deal with application inspection and that of voice protocols.
It's helpful to point out at this point that advanced users are welcome to skip through chapters, but others should stick to the order given to them by the author, since many of the chapter build on the knowledge introduced in the previous one(s).
The most important thing about this book is that the it's chock full of meaningful and handy examples. This is not a simple handbook - it aims at making the reader think for himself, and make the connection between theory and practice easy and natural.
The last three chapters deal with how IP multicast tasks and the introduction of the IPv6 standard influence the choices on firewall features, and the book ends with a chapter that deals with security design. It is not overly comprehensive, and here is definitely where I could have enjoyed reading more about how new trends like mobility and cloud computing affect the notion of using firewall to protect the future borderless network. But, perhaps that is a subject for another book.
Final thoughts This book is a must read for everyone who is charged with designing, implementing and deploying firewall solutions, and especially if they are Cisco's. The author has had the interesting notion of using troubleshooting tools to help show how the various firewall features work, so that, in fact, troubleshooting is "performed" throughout the book instead of at the end - and you'll be grateful for that"
I have been able to start reading the book and I can state that not only is this book written by a security specialist, but also by someone who truly understands the different contexts/environments in which a firewall can be placed. This is definitely a well-organized compendium with the foundations of network security and networking.
In my opinion, it has the following noteworthy points:
- Not just a collection of configuration recipes. This book is not simply about presenting configuration checklists and command explanations. The author presents the fundamental knowledge for each subject and he spices up each chapter with discussions over well-structured and realistic scenarios that will give the readers the capacity and tools to understand, recreate, design, troubleshoot and improve the networks they are in touch with.
- I am particularly fond of chapter 4. The idea of getting familiar with the firewall tools in an early chapter to illustrate "how stuff works" throughout the book, is really interesting. If you have this kind of knowledge it is certainly easier to employ each feature and avoid troubleshooting.
- Not one of those abstract and traditional what-a-firewall-is books. I found the author's approach to present the different purposes/roles that a firewall has really distinguishing. Surely, the reader will find the traditional subjects (e.g. packet filtering, stateful firewall) being covered, but the author takes these discussions to a higher level. With the hands-on labs presented in each chapter, it is possible to truly understand how things work. Moreover, the author talks about further features that firewalls have which are generally underrated. While reading this book, I have learned that a firewall can play important roles in voice, multicast and routing scenarios - with presented theory and discussed scenarios.
- Compendium with the foundations of network security and networking. Even though this is a Cisco labeled book, prospective buyers shouldn't think that its purpose is to just serve as a certification study guide or a configuration guide for Cisco Firewalls. This book dwells between the network security and computer networking realms. It presents valuable knowledge to those who either work with or are interested in either (or both) domains. Furthermore, readers don't need to be either a security specialist or a network guru to take full advantage of this book because the author makes it very easy and practical for anyone to follow the reading. Of course, the information presented is made concrete into Cisco Firewalls commands and how they work. But it could be easily extrapolated to other vendors. This must not be a negative aspect of this book.
- And for those who are dealing with PIX or ASA for a while, the chapters on NAT are a real treatise on the subject.
My company recently decided to move from FWSM to ASA5585 due to some performance and feature considerations. We were not that worried because on the firewall-side, the CLI is basically identical. Nevertheless, some of the functionalities that we needed were available only on ASA8.4 and then we found out that 8.4 requires the new NAT syntax introduced on release 8.3. The book was extremely helpful in that sense because it offers an incredibly detailed explanation on both the traditional (before 8.3) and new NAT models (post 8.3). After studying chapters 7 and 8 and the appendix, we were able to confidently use 8.4 on the 5585 and profit from the newest features. Thanks to the author for presenting such a nice material !!
This book does a great job on explaining the features on Cisco Firewall products. I do like the approach of teaching the tools first (chapter 4) and using them to demonstrate how stuff works. It was also interesting to see many topologies that contain ASA and IOS routers (and having the configuration information for both elements). The NAT treatment on ASA is simply awesome ! There are tons of details on both the 8.3 and previous models that will help you on your migration tasks. The info on the Zone-based Firewall (which I have in many branches) is really complete (from the basic scenarios to advanced configs, everything is there for both 12.4 and 15.X releases). Although it is not an official certification guide, the book is certainly helpful for those that need to prepare for the CCNP (Firewall and SECURE exams) and for the Security CCIE. Really worth the investment !
Configuration information is always there but the author does much more than simply explaining what each line of config means or presenting command syntaxes that could be found on Cisco website. The way in which he explores the details of the various scenarios presented is really cool! It becomes much easier to understand features and use them when deploying Security. If your experience is security products, you will learn much more about how firewalls deal with several networking aspects. I always worked with other technologies, like voice, and routing. If you are a networking guy, this is a great chance to learn more about security and how all the things work together. If you wanna configure firewall-related functionalities on your ASA or on IOS router with design in mind, this is a book to add to your shelf.
Delivered as described. I do wish it had been prominently labeled as the Indian Edition though. Looking through the description it does mention it as the publisher at the very bottom. No other indication though, but I could've looked harder.