I recently read Network Security First-Step (ISBN 1-58720-099-6) as the literal first step in my self-education on network security. I've done a little work with firewalls and ACLs, but due to some major security projects on the horizon, and also on my selfish desire to beef up my resume in that area, I've decided to dedicate some time to furthering my knowledge of network security. The book was written by Tom Thomas, who has authored or co-authored 17 books on networking and has also worked as an instructor. He also has a high level of experience in the industry. This experience shows in the quality of this book, which is advertised as an easy introduction into the world of network security. As such, it seemed like a natural place to start my security studies. Having read the book now, I'd have to say that it definitely lives up to the advertising. It is an introduction for the security novice, with just enough technical material to whet the appetite of even experienced networking guy like myself. When the material does get technical, the author uses real-world examples to explain the concepts and does so to great effect, making the book understandable for network novices.
The book itself is 400 pages and consists of 10 chapters which cover a wide variety of topics. Chapter 1 is an introduction into the mind and tools of hackerdom. Chapter 2 covers basic security policies and practices. Chapter 3 is a basic overview of security technologies and their uses and benefits. Chapters 4 through 9 go more in-depth into the various security technologies introduced earlier (protocols, firewalls, router security, VPNs, wireless, and intrusion detection) and how they are used. Chapter 10 discusses tools for hacking and security auditing. I can't say enough about how valuable I found the information provided in this book. The author sprinkles the book with URLs which not only reinforce the topic he's covering, but also allow the reader to continue researching on their own. I now have a folder full of web bookmarks which I'm only beginning to delve into. This book doesn't just spoon feeding information to the reader, but also sets them up for a much deeper understanding on networking, depending upon their desire to go deeper. Another feature I like about the book is how the author laid out the advantages and limitations of each network security technology. He also doesn't try to sell any one technology as the Panacea for network security. Rather, he advocates a much more practical layered approach to network security.
In conclusion, I recommend this book for anyone wanting to get started in network security. It stands as a springboard into a whole new area of study for my career. I've already come up with a few projects that must be implemented in our network just from reading this introductory book. In the coming months, I plan to read as many security and hacking titles as I can and use that information to better secure our network. I can tell it's going to be a busy year.
On my 5 ping rating scale, I give this book an emphatic 5.