Building Internet Firewalls (2nd Edition)

Elizabeth D. Zwicky, Simon Cooper, D. Brent Chapman (2000)
Review date: August, 2008 (Read in December 2007)
Summary

This book covers a variety of topics related to firewalls. In the first section firewalls and security strategies are placed on the map, along with fundamental concepts of various services provided by the Internet. The second section, dedicated to actual firewall construction starts with two chapters that contain some more general internetworking knowledge.

Firewalls start emerging around chapter six, where different firewall architectures are described, soon to be followed by things to think about when implementing one. Packet filtering is covered in depth, with some emphasis on open source implementations. Next follows a shorter chapter on proxying, to be followed by three chapters on bastion hosts (hosts that take the pain). After a general introduction, best described as a rough checklist, concrete examples are given of how to turn a Unix/Linux and an NT-based system into a bastion host. Coverage of the former is more extensive (with some basic examples), while the NT section is more verbose.

After this preliminary theory come eleven chapters on configuring firewalls for various services. This corresponds to 300+ pages dedicated to explaining, I'd dare to say, all protocols widely used on the Internet; their functionality, vulnerabilities, and how to configure your firewall to support or suppress them.

The end of the book is dedicated to firewall maintenance and administrative issues, such as security policies and responses to attacks. The appendix section contains enough tools used for firewall creation and security auditing to get the reader started.

Opinion

Whatever you do, don't read the protocol catalog, the 300 pages in the middle of the book that cover more Internet protocols that you would ever care about. The pain and boredom coming from reading about protocol after protocol and their implications on firewall rules are my sharpest memories of this book. Seriously, I'd call this book: "A catalog of too many Internet protocols, and some firewall security". If you use this section for reference browsing only, you should be fine.

My limited knowledge of books in the field of computer security is this: there are the good ones, like "Hacking something exposed", which contain outdated information the day they are published, but are fun to read, and there are the everlasting ones, that cover general principles, that are not quite applicable. The latter category is populated by books written in a dry semi-academic language, covering the topic broadly but not in sufficient depth. This book certainly qualifies in the second category. Being a good example of this phenomenon, the book covers a lot of ground, even being too verbose at times. If you would drill down into every topic touched, you'd know everything there's to know about firewalls. Even though the authors consider this book a practical one, I'd say it's not. You need to know the hands on stuff first before this book can provide any value.

Boring protocol catalog, too fuzzy and too verbose, so what's good then? I liked chapter six, on firewall architectures, probably because I haven't seen a similar chapter before, but this doesn't really tell anything, since I'm not really a security person. The last section of the book, the one covering security policies, although boring, was good reading. It does provide pointers about how to set up processes for managing firewalls and security in general, and that's a good thing. There are also some advantages of providing a big catalog of protocols: the reader doesn't have to look further. Finally, the book contains plenty of references to other book and sites, and even if though they are the ones that are easy to find, they provide a good start.

So, if you know a thing of two about security and firewalls, this book will provide you with an extensive checklist and help you structure your knowledge.

Who should read this book

This is a great reference book on Internet protocols. It's also a big checklist of things not to forget when implementing a firewall. If that's what you need, this book is for you.




News

  • 2015-09-29

    It's been almost one and a half year since I reviwed a book! I've been too absorbed by Writing my own. Anyway, I'm back with Jeff Patton's relatively...
  • 2014-01-04

    New category! Performance! Reviewed The Every Computer Performance Book. Check it out!
  • 2013-09-10

    Reviewed a book that' slightly less technical, but much more fun to read. It's I.T. Confidential.
  • 2013-08-13

    Reviewed yet another book on Visual Studio 2012 and TFS. I also created a "Microsoft" category and moved the other TFS book there from the "Tools"...
  • 2013-08-05

    Updated the FAQ. Included information about getting a book reviewed.