Mixed Thoughts on Inside Network Perimeter Security, 2nd Ed

I promise that I read the books I review, so this is not a review. You won't see me post anything at Amazon.com about Inside Network Perimeter Security, 2nd Ed. I read parts of it, but nowhere near enough to justify a formal review. Here are a few thoughts on the book.

The five authors and four technical editors did a lot of work to write this book. It weighs in at 660+ pages, with not that many figures or screen shots.

Despite being a second edition, I found evidence of old material. I noticed that chapter 2 describes IPChains. IPChains -- where was that last in the mainstream, in the Linux 2.2 kernel? Chapter 6 implies SSH v2 isn't available on Cisco gear, but readers will remember I got that working a few months ago. Ch 19 promotes the virtues of Big Brother, a monitoring tool that's been declining for years since its acquisition. Nagios should have been covered instead.

A quote in ch 11 on Intrusion Prevention Systems bugged me: "SoureFire [sic] ditched Snorty the pig and became Realtime Network Awareness (RNA), a passive sensor and visualization tool company in terms of primary internal focus." Let's ignore the misspellings and confusing English and answer this point. Sourcefire hasn't "ditched" Snort; RNA works with Snort. Someone doesn't understand Sourcefire or Snort.

I ended up reading most of ch 11 as it was fairly informative about network- and host-based IPSs. Otherwise, I didn't find a really compelling reason to read the book. There is some good material on network architecture, but nothing I haven't seen elsewhere. I guess that was my overall reason to stop paying attention to Inside Network Perimeter Security, 2nd Ed: I didn't see much new material for me. I also don't really care for books that provide advice but not configuration guidance. I like to flip though technical books and see that offset courier print denoting command and configuration syntax. Aside from the router hardening syntax in ch. 6, there's a lot of suggesting in this book but not as many concrete examples as I would like.

If anyone has opinions on Inside Network Perimeter Security, 2nd Ed, please post them.

Update: I reviewed this book on 30 August 2006.