s3cur3m3 Trusted SF Member
Joined: 19 Jun 2003 Posts: 16777202 Location: US
|
Posted: Wed Aug 27, 2003 3:23 pm Post subject: Book Review - Cisco Security Specialist's Guide to PIX FWs |
|
|
Cisco Security Specialist's Guide to PIX Firewalls
Authors: Umer Khan, Vitaly Osipov, Mike Sweeney, and Woody Weaver
Publisher: Syngress, December 2002
List Price: US $59.95 CAN $92.95
Book Details: Soft cover, 608 pages
Amazon.co.uk: Cisco Security Specialist's Guide to PIX Firewalls
Amazon.com: Cisco Security Specialist's Guide to PIX Firewalls
ISBN: 1931836639
From the Cover: "Your Complete Guide to Cisco's PIX Firewalls
- Includes Coverage of the Cisco Secure PIX Firewall Advanced Exam (9EO-111)
- Full Coverage of the Latest PIX Firewall Operating System Version 6.2
- Complete Coverage of Configuring TurboACLs
Introduction
I expected that this book would give me what I was looking for out of a product-specific book, excellent coverage of the product and its features. It was all that and then some. I was thoroughly impressed with the coverage in this text. This book is perfect for anyone looking to gain familiarity with the Cisco PIX. It's also great for those looking to find solutions for existing PIX implementations. The main focus of this book is to prepare individuals for the corresponding exam as mentioned above. Without further delay, let's take a look at what's inside.
Book Outline
Chapter 1 - Introduction to Security and Firewalls
- The Importance of Security
- Creating a Security Policy
- Cisco's Security Wheel
- Firewall Concepts
- Cisco Security Certifications
Chapter 2 - Introduction to PIX Firewalls
- PIX Firewall Features
- PIX Hardware
- PIX Licensing and Upgrades
- The Command-Line Interface
Chapter 3 - Passing Traffic
- Allowing Outbound Traffic
- Allowing Inbound Traffic
- TurboACLs
- Object Grouping
- Case Study
Chapter 4 - Advanced PIX Configurations
- Handling Advanced Protocols
- Filtering Web Traffic
- Configuring Intrusion Detection
- DHCP Functionality
- Other Advanced Features
Chapter 5 - Configuring Authentication, Authorization, and Accounting
- AAA Concepts
- Cisco Secure ACS for Windows
- Configuring Console Authentication
- Configuring Command Authentication
- Configuring Authentication for Traffic Through the Firewall
- Configuring Accounting for Traffic Through the Firewall
- Configuring Downloadable Access Lists
Chapter 6 - Configuring System Management
- Configuring Logging
- Configuring Remote Access
- Configuring Simple Network Management Protocol
- Configuring System Date and Time
Chapter 7 - Configuring Virtual Private Networking
- IPsec Concepts
- Configuring Site-to-Site IPsec using IKE
- Configuring Site-to-Site IPsec without using IKE (Manual IPsec)
- Configuring Point-to-Point Tunneling Protocol
- Configuring Layer 2 Tunneling Protocol with IPsec
- Configuring Support for the Cisco Software VPN Client
Chapter 8 - Configuring Failover
- Failover Concepts
- Standard Failover Using a Failover Cable
- LAN-based Failover
Chapter 9 - PIX Device Manager
- Features, Limitations, and Requirements
- Installing, Configuring, and Launching PDM
- Configuring the PIX Firewall Using PDM
- Monitoring the PIX Firewall Using PDM
- Monitoring and Disconnecting Sessions
Chapter 10 - Troubleshooting and Performance Monitoring
- Troubleshooting Hardware and Cabling
- Troubleshooting Connectivity
- Troubleshooting IPsec
- Capturing Traffic
- Monitoring and Troubleshooting Performance
Presentation and Content Quality
This book was 9 chapters (minus 1 for Chapter 1's Introduction) of hardcore PIX material. It was presented in a fashion in which I found easy to follow. Each chapter seemed to flow into the next in a somewhat subliminal manner. The organization had a very logical rythm that complimented the rich content by allowing me to use my troubleshooting background to get a better grasp on the material. For example, Chapter 2 starts with an Introduction to the PIX, including some basic commands - many of which will be familiar to those who have worked with Cisco routers - and beginning configuration. Following this, in Chapter 3, we have "Passing Traffic" as the main header, which is further broken down into allowing both inbound and outbound traffic, among other things. This is really where the troubleshooting logic kicked in for me as the authors made sure you knew how to pass all traffic before progressing to additional configurations. Those that have experience troubleshooting know how invaluable this concept is to the profession. In my opinion, the authors made an excellent move in organizing the book in this manner. Next, in Chapter 4, you have more advanced topics including how to filter web traffic and setting up DHCP. So, to sum up my point, you're first taught how to pass traffic through the PIX before you learn how to manipulate the different types of traffic which traverse the device. In other words, get it working first, then start adding things into the mix to see how much "trouble" you can cause.
Between each of the chapters, I found that there was a summary, a Solutions Fast Track - giving high points of the chapter's subject matter - , and a FAQ, which gave a few common questions relating to the particular chapter. What disappointed me a bit about the content was that a more comprehensive list of review questions was not presented at the end of each chapter. While the content was still excellent, I expected that a bit more emphasis would be placed on review of the material covered since this book would be considered preparation for a certification exam. It probably wouldn't have hurt if there were a CD included with an electronic copy of the book and some sample questions to help fine-tune weak areas of study.
Conclusion
All-in-all, this is a great book - very eloquently written. I highly recommend it to anyone looking to begin or enhance his/her knowledge on the PIX. It can be used as a learning tool, study tool, and a reference material - something many authors have trouble accomplishing. However, this book is proof that it can be done. The only thing that prevents me from giving this book a perfect rating is the lack of comprehensive review questions and/or a supplementary CD. That said, I am giving this book the following rating:
9/10
This review is copyright 2003 by the author and Security-Forums Dot Com, and may not be reproduced in any form in any media without the express permission of the author, or Security-Forums Dot Com.
Keywords: Cisco PIX Security Specialist Certification
|
|