Designing Network Security, Second Ed.

Reviewer Name: Todd Keller, Network Engineer

Reviewer Certification: CCNA

This book is exceptional at its task, bridging the gap of security technologies for both technical staff and management alike.

Its straightforward approach to bring the overall security stance into perspective starts out with a security primer on fundamentals of cryptography and the overall security principals and technologies that empower organizations to deter and prevent most attacks by understanding the why's and how's.

The coverage of the technologies and approaches are both technical enough to understand and yet are in "plain English" for those that aren't fluent in "geek speak."

The implementation portion of the book covers true life practice and policy with examples of how to fit into most any network but that are real enough that even someone new to the field could understand and start to piece together the whole picture. By appearance this book is truly written for the senior technicians to fully incorporate security into daily practice. Reality shows that the book is still realistic enough to keep the scope within reason and allow the management and less seasoned technicians alike the ability to read and grasp the how's and why's so they can prepare for the investment and implementation aspects that will certainly follow the understanding of what security implications truly are in a network environment.

The best reading in the book however is covered in the security policy section of the book. This is where the real life work is in today’s age since the single weakest point in any security implementation is the end user. The policies and guidelines outlined in any company create the true meat of the company’s stance on security. Technicians alone cannot secure every aspect of the network without the users learning their part in protecting and following up on the policies that this book can help the management create. The book lays the foundations to understand both the technology aspects of security and how it can be prepared to fully secure the network using today’s technologies and then to understand the principles that undermine security. Once these fundamental concerns are addressed they can be applied to a policy that educates and informs users and staff of what is required of them to maintain that security.

From the perspective of someone that has administrated and managed networks from both aspects it would be very hard to not recommend this book as required reading for anyone that has a part in their networks security or functions. While this book is published by Cisco Press and covers a great deal of Cisco oriented configuration information, the book is standalone for any network, Cisco based or not.