***** Protect Your Windows Network: From Perimeter to Data. By Jesper Johansson and Steve Riley; published by Addison-Wesley Professional, www.awprofessional.com (Web); 550 pages; $49.99.
The problem with some computer security books is that they are nothing more than pages of checklists with myriad dos and don’ts. But after all the checklists have been dutifully completed, readers still don’t understand the underlying concept of how to secure a computer. Within a short time, their computers and networks are insecure, and they are back where they began, as fodder for hackers.
The distinctive nature of Protect Your Windows Network : From Perimeter to Data is that it suggest ways to secure your Windows workstation and network, but it also takes a much broader approach to security and shows you how to address the issue of securing systems as a whole. This panoptic approach to securing systems is quite refreshing, and it makes the book a fascinating read.
The theme of the book is that there are three elements of a successful security program: people, processes, and technology. In 17 chapters covering the gamut of security from server hardening to password protection, the book details how to use these people, processes, and technology to ensure that Windows networks stay secure.
Early chapters deal with the basics of how attacks work and show the reader how they progress from low-level social engineering to the code manipulation that leads to the exploitation of software and vulnerabilities.
The book is filled with easy-to-understand practical and tactical solutions that can be implemented by everyone from nontechnical end users to system administrators, helping them to ensure that their Windows-based network is as secure as possible. Even at 550 densely packed pages, the book is quite readable.
Reviewer: Ben Rothke, CISSP (Certified Information Systems Security Professional), is a New York City-based information security director with a multinational financial services firm. He is a member of ASIS International.