LinuxISO.org: A Review of 'The Process of Network Security'Dec 30, 2000, 21:00 (0 Talkback[s])
(Other stories by Brian Cupps)
[ Thanks to Carlie for this link. ]
"As the author, Thomas A. Wadlow, states in his acknowledgment, "I remember a time when you could use the Internet (ARPANET back then) without worrying about someone deliberately trying to crash your system or steal data from your network." Well, times have changed. As more and more people join the ranks of the net savvy and more corporations see the benefits of using networks as tools to advance in today's marketplace, network security becomes more important to all of us. No company can risk becoming a headline because their network was compromised. 'The Process of Network Security....' is a great book that begins to shed some light on the problems we face and how we can remedy those problems. This book differs from the other network security books I've read because this book deals with the process of network security instead of focusing solely on specific products and/or solutions."
"This book is written for network managers and administrators. Readers should also be familiar with computing and network processes and terminology. Divided into 16 chapters, this book has a good flow about it. The focus is on helping the reader to understand just what security is, what to do when a system is compromised, and how to protect these systems in the future. One of the key points stressed in this book is that we should not try to protect more than needs protecting; "Security should be commensurate with the value of what you are protecting. Part of that value is actual value; another part is the work it will take you to rebuild; another, more subtle part is the work it will take you to trust your network again." Learning the network security process is more valuable than learning a technical solution only. As things change in this industry, if you know how the process works, you can always adapt a new technical solution."
"In the first few chapters the author helps you to understand what you need to protect, the process of protection, and what role you play in that process. As with most situations, you are meant to be a part of a team of people that handle all aspects of your network security. No one person can do it all. One thing that is emphasized immediately is the importance of a security policy. Think of this as the foundation of your network security initiative. According to you and your organization, this is the law, and the following guidelines are suggested."