• RSS
  • Twitter
  • FaceBook

Security Forums

Log in

FAQ | Search | Usergroups | Profile | Register | RSS | Posting Guidelines | Recent Posts

Book Review - Cisco Security Specialist's Guide to PIX FWs

Users browsing this topic:0 Security Fans, 0 Stealth Security Fans
Registered Security Fans: None
Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> News // Columns // Articles

View previous topic :: View next topic  
Author Message
s3cur3m3
Trusted SF Member
Trusted SF Member


Joined: 19 Jun 2003
Posts: 16777202
Location: US

Offline

PostPosted: Wed Aug 27, 2003 3:23 pm    Post subject: Book Review - Cisco Security Specialist's Guide to PIX FWs Reply with quote

Cisco Security Specialist's Guide to PIX Firewalls

Authors: Umer Khan, Vitaly Osipov, Mike Sweeney, and Woody Weaver
Publisher: Syngress, December 2002
List Price: US $59.95 CAN $92.95
Book Details: Soft cover, 608 pages
Amazon.co.uk: Cisco Security Specialist's Guide to PIX Firewalls
Amazon.com: Cisco Security Specialist's Guide to PIX Firewalls
ISBN: 1931836639



From the Cover: "Your Complete Guide to Cisco's PIX Firewalls
  • Includes Coverage of the Cisco Secure PIX Firewall Advanced Exam (9EO-111)
  • Full Coverage of the Latest PIX Firewall Operating System Version 6.2
  • Complete Coverage of Configuring TurboACLs
Introduction

I expected that this book would give me what I was looking for out of a product-specific book, excellent coverage of the product and its features. It was all that and then some. I was thoroughly impressed with the coverage in this text. This book is perfect for anyone looking to gain familiarity with the Cisco PIX. It's also great for those looking to find solutions for existing PIX implementations. The main focus of this book is to prepare individuals for the corresponding exam as mentioned above. Without further delay, let's take a look at what's inside.


Book Outline


Chapter 1 - Introduction to Security and Firewalls

  • The Importance of Security
  • Creating a Security Policy
  • Cisco's Security Wheel
  • Firewall Concepts
  • Cisco Security Certifications

Chapter 2 - Introduction to PIX Firewalls

  • PIX Firewall Features
  • PIX Hardware
  • PIX Licensing and Upgrades
  • The Command-Line Interface

Chapter 3 - Passing Traffic

  • Allowing Outbound Traffic
  • Allowing Inbound Traffic
  • TurboACLs
  • Object Grouping
  • Case Study

Chapter 4 - Advanced PIX Configurations

  • Handling Advanced Protocols
  • Filtering Web Traffic
  • Configuring Intrusion Detection
  • DHCP Functionality
  • Other Advanced Features

Chapter 5 - Configuring Authentication, Authorization, and Accounting

  • AAA Concepts
  • Cisco Secure ACS for Windows
  • Configuring Console Authentication
  • Configuring Command Authentication
  • Configuring Authentication for Traffic Through the Firewall
  • Configuring Accounting for Traffic Through the Firewall
  • Configuring Downloadable Access Lists

Chapter 6 - Configuring System Management

  • Configuring Logging
  • Configuring Remote Access
  • Configuring Simple Network Management Protocol
  • Configuring System Date and Time

Chapter 7 - Configuring Virtual Private Networking

  • IPsec Concepts
  • Configuring Site-to-Site IPsec using IKE
  • Configuring Site-to-Site IPsec without using IKE (Manual IPsec)
  • Configuring Point-to-Point Tunneling Protocol
  • Configuring Layer 2 Tunneling Protocol with IPsec
  • Configuring Support for the Cisco Software VPN Client

Chapter 8 - Configuring Failover

  • Failover Concepts
  • Standard Failover Using a Failover Cable
  • LAN-based Failover

Chapter 9 - PIX Device Manager

  • Features, Limitations, and Requirements
  • Installing, Configuring, and Launching PDM
  • Configuring the PIX Firewall Using PDM
  • Monitoring the PIX Firewall Using PDM
  • Monitoring and Disconnecting Sessions

Chapter 10 - Troubleshooting and Performance Monitoring

  • Troubleshooting Hardware and Cabling
  • Troubleshooting Connectivity
  • Troubleshooting IPsec
  • Capturing Traffic
  • Monitoring and Troubleshooting Performance
Presentation and Content Quality


This book was 9 chapters (minus 1 for Chapter 1's Introduction) of hardcore PIX material. It was presented in a fashion in which I found easy to follow. Each chapter seemed to flow into the next in a somewhat subliminal manner. The organization had a very logical rythm that complimented the rich content by allowing me to use my troubleshooting background to get a better grasp on the material. For example, Chapter 2 starts with an Introduction to the PIX, including some basic commands - many of which will be familiar to those who have worked with Cisco routers - and beginning configuration. Following this, in Chapter 3, we have "Passing Traffic" as the main header, which is further broken down into allowing both inbound and outbound traffic, among other things. This is really where the troubleshooting logic kicked in for me as the authors made sure you knew how to pass all traffic before progressing to additional configurations. Those that have experience troubleshooting know how invaluable this concept is to the profession. In my opinion, the authors made an excellent move in organizing the book in this manner. Next, in Chapter 4, you have more advanced topics including how to filter web traffic and setting up DHCP. So, to sum up my point, you're first taught how to pass traffic through the PIX before you learn how to manipulate the different types of traffic which traverse the device. In other words, get it working first, then start adding things into the mix to see how much "trouble" you can cause.

Between each of the chapters, I found that there was a summary, a Solutions Fast Track - giving high points of the chapter's subject matter - , and a FAQ, which gave a few common questions relating to the particular chapter. What disappointed me a bit about the content was that a more comprehensive list of review questions was not presented at the end of each chapter. While the content was still excellent, I expected that a bit more emphasis would be placed on review of the material covered since this book would be considered preparation for a certification exam. It probably wouldn't have hurt if there were a CD included with an electronic copy of the book and some sample questions to help fine-tune weak areas of study.


Conclusion


All-in-all, this is a great book - very eloquently written. I highly recommend it to anyone looking to begin or enhance his/her knowledge on the PIX. It can be used as a learning tool, study tool, and a reference material - something many authors have trouble accomplishing. However, this book is proof that it can be done. The only thing that prevents me from giving this book a perfect rating is the lack of comprehensive review questions and/or a supplementary CD. That said, I am giving this book the following rating:


9/10


This review is copyright 2003 by the author and Security-Forums Dot Com, and may not be reproduced in any form in any media without the express permission of the author, or Security-Forums Dot Com.

Keywords: Cisco PIX Security Specialist Certification
Back to top
View user's profile Send private message
Display posts from previous:   

Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> News // Columns // Articles All times are GMT + 2 Hours
Page 1 of 1


 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Community Area

Log in | Register