Trusted SF Member
Joined: 26 Aug 2003
Location: Warwickshire, England, UK
|Posted: Sun Jun 26, 2005 10:20 pm Post subject: Book Review - Virtual Private Networks, Second Edition
Virtual Private Networks, Second Edition
Author: Charlie Scott, Paul Wolfe, Mike Erwin
Date Published: January 1999
Book Specifications: Softcover, 211 pages
Publisher's Suggested User Level: None
Reviewer's Suggested User Level: Network Administrators, Remote Clients
Suggested Publisher Price: US $34.95 / CAN $51.95
From back cover:
Historically, only large companies could afford secure networks, which they created from expensive leased lines. Smaller folks had to make do with the relatively untrusted Internet. Nowadays, even large companies have to go outside their private nets, because so many people telecommute or log in while they're on the road. How do you provide a low cost, secure electronic network for your organisation?
The solution is a virtual private network: a collection of technologies that creates secure connections or “tunnels” over regular Internet lines – connections that can be easily used by anybody logging in from anywhere. A number of products now exist to help you develop that solution.
This book looks into VPN (Virtual Private Networking) technologies, and products which implement them. It covers the philosophies behind VPN, along with a discussion of several popular VPN solutions, including PPTP, L2TP, Cisco PIX Firewall, AltaVista Tunnel, and the Secure Shell (SSH).
Although published in 1999, this book is still relevant to VPN technology today, although there are far more VPN solutions available now than those discussed in this book.
Chapter Synopsis & Review Comments
Chapter 1 opens with the authors discussing the need for VPN technology, security risks and solutions.
Chapter 2 looks at the basic VPN technologies available, including protocols, firewalls, encryption and authentication.
In chapter 3, Wide Area Networks, Remote Access and VPNs are discussed together, and the authors offer a comparison between each technology and VPN technologies.
Chapters 4 and 5 cover the layer 2 (of the OSI Model) implementations of VPN connections, PPTP, L2F and L2TP. Chapter 5, in particular, looks at setting up VPN solutions, using layer 2 connections, for a variety of situations.
Chapters 6 and 7 discuss the AltaVista Tunnel 98 software, including installation, configuration and troubleshooting.
In chapter 8, the book turns to the ever-flexible SSH (Secure Shell) protocol as a means for creating a VPN. Again, installation, configuration and troubleshooting are covered.
Chapter 9 looks at the ever-impressive Cisco PIX Firewall. To say that entire books have been written about the PIX, the authors do an incredibly good job of covering the VPN related aspects in such a small amount of space within this book.
Chapter 10 looks at maintaining a VPN and discusses Quality of Service. It also contains some suggestions for security where VPNs are concerned.
The book closes with an example scenario involving VPNs. It looks at the technology from several perspectives, including the central office, branches and remote users.
The two appendices cover emerging internet technologies such as IPv6 and IPSec, and outline further resources for administrators wishing to further their VPN knowledge.
As is expected from an O'Reilly book, the style and layout are consistent throughout and the book flows smoothly between topics.
In particular, I found that the extent to which the authors explained every detail of their chosen VPN solutions made for a very clear and coherent read. My main criticism of this aspect of the book is that there was little comparison between the solutions. For instance, a discussion of the relative merits of each VPN solution would have served the book well.
Despite the age of this book, it is still relevant and informative, and provides an overview of VPN technologies, though there are many more available now that are not discussed in this book. I would say this book is overdue a third edition.
The books consistent feel and informative approach to the subject give it a fairly high score on the SFDC rating system, but I would have liked to see more comparison between VPN products and technologies. I feel this is a big enough omission that the book can receive no more than a 6 out of 10. Had there been more comparison, the book would be around the 8 or 9 boundary.
This book receives an honoured SFDC rating of 6/10
Keywords: VPN, virtual private network, SSH, cisco, PIX, PPTP, L2F, L2TP, AltaVista, tunnel, remote access
This review is copyright 2005 by the author, Andrew J. Bennieston, and Security-Forums Dot Com, and may not be reproduced in any form in any media without the express permission of the author, or Security-Forums Dot Com.