Vous voulez voir cette page en français ? Cliquez ici.

Have one to sell? Sell yours here
Tell the Publisher!
I'd like to read this book on Kindle

Don't have a Kindle? Get your Kindle here, or download a FREE Kindle Reading App.

Designing and Building Enterprise DMZs [Paperback]

Hal Flynn


Available from these sellers.


Join Amazon Student in Canada


Book Description

Nov. 22 2006 1597491004 978-1597491006 1
This is the only book available on building network DMZs, which are the cornerstone of any good enterprise security configuration. It covers market-leading products from Microsoft, Cisco, and Check Point.

One of the most complicated areas of network technology is designing, planning, implementing, and constantly maintaining a demilitarized zone (DMZ) segment. This book is divided into four logical parts. First the reader will learn the concepts and major design principles of all DMZs. Next the reader will learn how to configure the actual hardware that makes up DMZs for both newly constructed and existing networks. Next, the reader will learn how to securely populate the DMZs with systems and services. The last part of the book deals with troubleshooting, maintaining, testing, and implementing security on the DMZ.

· The only book published on Network DMZs on the components of securing enterprise networks

· This is the only book available on building network DMZs, which are the cornerstone of any good enterprise security configuration. It covers market-leading products from Microsoft, Cisco, and Check Point

· Provides detailed examples for building Enterprise DMZs from the ground up and retro-fitting existing infrastructures

Special Offers and Product Promotions

  • Join Amazon Student in Canada


Product Details


Inside This Book (Learn More)
Browse Sample Pages
Front Cover | Copyright | Table of Contents | Excerpt | Index
Search inside this book:

Sell a Digital Version of This Book in the Kindle Store

If you are a publisher or author and hold the digital rights to a book, you can sell a digital version of it in our Kindle Store. Learn more

Customer Reviews

There are no customer reviews yet on Amazon.ca
5 star
4 star
3 star
2 star
1 star
Most Helpful Customer Reviews on Amazon.com (beta)
Amazon.com: 2.0 out of 5 stars  1 review
7 of 7 people found the following review helpful
2.0 out of 5 stars large, but not well executed Oct. 31 2006
By jose_monkey_org - Published on Amazon.com
Format:Paperback
i used to install firewalls as a consultant, and i spent a lot of time looking at varius configurations. in the intervening years, i've had the chance to keep current and examine a number of firewall devices for new features, configurations, and also look at some of the changes new technologies (ie WiFi) have brought. all in all, i think i was was pretty well prepared to look at "Designing and Building Enterprise Dmzs" from the angle of someone who's a moderate level firewall user.

i think it's fair to say that i'm disappointed in this new volume from Syngress, for numerous reasons. but before i get to the nits and complaints, i'll start with what i did like.

the book is large, nearly 700 pages of text covering a number of major commercial firewall products, such as checkpoint, nokia, microsoft, cisco, juniper netscreen, and sun. i like th fact that the authors were ambitious (more on that later), you do wind up with a lot of information in a single volume. if you've read firewalls books before, like the canon from oreilly, then you know a lot about firewalls, but you've probably understood that things are changing. new technologies require new solutions, and new offerings have hit the market. firewalls are now more abundant, more feature filled, and this book does a good job of tackling these products with, often, a good attempt at key coverage.

what i also like about this book is that it's not only about technologies, it's about management and about network layouts. this book doesn't pretend that there's one network, but instead shows how various approaches for various needs can be applied. the authors try to show you how each product's features can support those requirements, and what technologies can be used to guard access or secure hosts in a DMZ. this isn't just a book about firewalls and products.

ok, on to the complaints. you know a book is bad when you spot errors such as a bad CIDR specification for RFC 1918 address space (table 1.4), lots of port lists, and a brief primer on "servers" an services buried deep in a chapter on security cisco routers (chapter 11, page 540). i suspect the last point is due to the numerous authors in the book and a failure to find a cohesive structure, but that's a major failing of the book. it doesn't find a consistent voice and doesn't provide consistent coverage of the topics.

some chapters spend more time reviewing marketing materials for products (ie the chapter on juniper netscreen devices, chapter 9) than on getting down to a real feature comparison. this is a real failure of this book. the authors have a chance to cover all major commercial firewalls out there in a clear and unified way, taking an approach that can unify solutions across all, and haven't done so. you wind up with inconsistent coverage and have difficulty in finding the same information in any of the chapters. it's very tough to have multiple authors writing a book, but the editors should have budgeted time to provide a cohesive voice or enforced coverage standards. the reader would have benefitted dramatically for that.

as is often the case with syngress books, the screenshots are too often poorly done. again, this seems to be a function of the chapter and, i'm presuming, the author (based on their stated strengths in the intro to the book). the chapters using web-based and UNIX tools are often filled with poor quality, full screen screenshots that are illegible due to the scaling. the chapters on windows-based tools often have only a small window as a screenshot, enabling better legibility. care needs to be taken for these sorts of things.

the quality of the writing is ok, but it could be better overall. again, a function of the authors, i think, and not a strong editing job. often the writing is not very clear or well organized, and overall the book suffers for it. there's some good info in here, but it's buried under unclear and poorly organized text.

you should look over this book carefully if you're thinking about buying it. this will probably target people in large, heterogeneous environments or people studying for exams. i doubt someone will have all of these technologies in their production environment. however, if you want to see a lot of different firewalls compared, this is worth looking at, but be cautious about buying it.

Look for similar items by category


Feedback