For the privacy you need at a cost you can afford, Virtual Private Networks use a constellation of technologies to create secure "tunnels" over regular Internet lines. This comprehensive guide explains everything you need to plan, build, and configure a VPN for your organization.
Book Description
Editorial Reviews
Amazon.com Review
What makes Internet Protocol Security Architecture (IPSec) virtual private networks (VPNs) secure? A Guide to Virtual Private Networks does a great job of explaining the processes that--in theory, anyway--do. The book covers the data-handling and security aspects of these VPNs with an eye toward implementing one. You'll find a comprehensive portrait of the technologies that define VPNs governed by the IPSec specification.
This book clearly explains how the Internet Security Association and Key Management Protocol (ISAKMP) and the Oakley key-exchange protocol work. It also provides details on how Internet Key Exchange (IKE) works under ISAKMP/Oakley. The workings of all these protocols are explained by dissecting transactions into their individual phases, enabling you to follow what happens and design your VPN to be as efficient and secure as possible.
Three VPN implementation scenarios are presented, including individual users accessing a VPN via dial-up connections to the Internet, geographically separate organizational LANs linked to each other across the public network, and an extranet that includes semitrusted customers or suppliers. Each of these scenarios includes information on router and firewall configuration. --David Wall
Excerpt. © Reprinted by permission. All rights reserved.
PREFACE This book describes how to implement virtual private networks (VPNs) based on authentication, encryption, and the exchange of security keys, as defined in the IP Security Architecture (IPSec) standard and draft documents. This book will help readers to identify the benefits of VPNs and then to successfully deploy VPNs. The most commonly used encryption algorithms and handshaking protocols are explained as a general introduction to IP security. Scenarios describe how to set up IP tunnelling via existing IP networks and the Internet to effectively implement secure and private conversations over public networks. The scenarios illustrate point-to-point (client-to-server, server-to-server or client-to-client), branch office (LAN-LAN) and remote user (client-LAN) environments. An outlook is provided on further development in this area, including certificate and key management frameworks such as Internet Key Exchange (IKE), formerly referred to as ISAKMP/Oakley. This book essentially presents a subset of the information contained in the IBM Redbook: A Comprehensive Guide to Virtual Private Networks, Volume I: IBM Firewall, Server and Client Solutions, June 1998, IBM publication number SG24-5201, but also contains updated information according to the latest IPSec standards. THE AUTHORS This publication was produced by a team of specialists from around the world working at the International Technical Support Organization Raleigh Center. The leader of this project was Martin W. Murhammer. MARTIN W. MURHAMMER is a Senior I/T Availability Professional at the International Technical Support Organization Raleigh Center. Before joining the ITSO in 1996, he was a Systems Engineer in the Systems Service Center at IBM Austria. He has 13 years of experience in the personal computing environment including such areas as heterogeneous connectivity, server design, system recovery, and Internet solutions. He is a Certified OS/2 Engineer and a Certified LAN Server Engineer and has previously coauthored six redbooks during residencies at the ITSO Raleigh and Austin Centers. TIM A. BOURNE is an Advisory Software Engineer at the IBM PC Company. He has 10 years of experience in software design and development including implementation of Internet protocols, air traffic control and embedded communication systems. TAMAS GAIDOSCH is an I/T Architect in IBM Hungary. He specializes in networking software and e-business solutions in the banking industry. Tamas has five years of experience in networked computing environments and systems administration. He holds a Master's degree in Computer Science. His areas of expertise include operating systems (OS/2 LAN Server, Windows NT, AIX), networks (TCP/IP, X.25) and self-service banking software. CHARLES KUNZINGER is a Senior Engineer in Research Triangle Park, with responsibility for the technical integrity of IBM's Virtual Private Network line of products. He has worked for IBM since 1967 in various development, advanced technology, and architecture groups. For the last ten years, he has had extensive experience in the development of network layer open standards, and has represented IBM in various open standards bodies, covering such areas as interdomain routing, mobile-IP, and wireless communications, and has contributed to the development of open security standards in each of these fields. LAURA RADEMACHER is a member of the VPN Brand Management group located in Research Triangle Park, NC, and has spent much of her marketing career on the promotion of VPN technology and solutions. Prior to joining the marketing organization, she was in the TCP/IP technology area, focusing her time mainly on the education and advancement of Internet security. Laura has 15 years of experience with IBM. ANDREAS WEINFURTER is an Advisory I/T Availability Professional at the IBM System Services Center in Salzburg, Austria. After joining IBM in 1988 he worked as an instructor at the IBM education center in Vienna, where he was responsible for the PC curriculum and held mainly classes on OS/2 and networking. His primary areas of work for the past six years have been AIX and TCP/IP with a strong focus on firewalls during the last two years. Andreas holds a Master's degree in Computer Science from the Vienna University of Technology. Thanks to the following people for their invaluable contributions to this project: Tim Kearby, Karl Wozabal, Jorge Ferrari, Margaret Ticknor Shawn Walsh, Kathryn Casamento, Linda Robinson International Technical Support Organization Raleigh Center Bob Tunstall, Vach Kompella, Jaime Claypool, Steven Lingafelt Linwood Overby, Cindy Stone-Rutherford IBM Research Triangle Park Jackie Wilson, Chris Wenzel, Shay Hoffmaster IBM Austin Richard Planutis IBM Endicott
Product Details
Would you like to update product info or give feedback on images?
|
Customer Reviews
|
Share your thoughts with other customers:
|
||||||||||||||||||||||
|
Most Helpful Customer Reviews
3 of 3 people found the following review helpful:
2.0 out of 5 stars
Reads nice but leaves out many details,
By James Tiller (USA) - See all my reviews
This review is from: Guide to Virtual Private Networks (Paperback)
This book is very brief and provides little detailed information of IPSec. While the content is technically correct, much of the technology is not included, or breezed over. And what is explained is not as in-depth as I was expecting. An example is that Phase 1 Agressive Mode was not even mentioned! Remote access concepts consume three pages and remote user support is the fastest growing aspect of VPNs right now (that will change, of course). This book is pure academia in that the authors are obviously familiar with the IBM solutions and with the IPSec RFCs, but that's where it stops. This book contains little insight and reflects the RFCs verbatum. Examples of deployment concepts were limited and gave the impression that the authors had little experience implementing VPNs. This is not to say that the book contains incorrect information, but resemble a "perfect world" atmosphere. While the standards provide a means to build the designs in the book, many vendor implementations do not support them, as of yet. I am writing this poor review because it came highly recommended by a VPN developer. Ironically, compared to many books on IPSec, this one still provides ample detail in easy to read verbiage that should please any technical novice. Anyone who is experienced with VPNs and wants to advance themselves with the technology, this book is a good start, but there is much, much more than meets the eye when reading this book.
2 of 2 people found the following review helpful:
3.0 out of 5 stars
For technical audiences, a good, up-to-date VPN book.,
This review is from: Guide to Virtual Private Networks (Paperback)
This is a technically rich book for understanding VPN architectures. If you are interested in packet structures, tunnel options, negotiation processes, design considerations, and VPN algorithms, this is a good book for you. Although the non-technical audience might be put off by the technical depth, a systems engineer will be delighted. If you want to know how IKE is negotiated - and where to put your firewalls - buy this book. If you want to know more about the business advantages of VPNs, plus good technical information, look up Dave Kosiur's Building and Managing Virtual Private Networks.
1 of 1 people found the following review helpful:
3.0 out of 5 stars
Decent technical depth but choppy and very IBM-centric,
This review is from: Guide to Virtual Private Networks (Paperback)
The book gave decent technical detail but did not flow well - too choppy for me. Also, the book was very IBM centric. It should have been titled - Excerpts of Virtual Private Networking and IBM Sales Guide.
Share your thoughts with other customers: Create your own review
|
|
Tag this product(What's this?)Think of a tag as a keyword or label you consider is strongly related to this product.
Tags will help all customers organize and find favorite items. |
Sell a Digital Version of This Book in the Kindle Store
If you are a publisher or author and hold the digital rights to a book, you can sell a digital version of it in our Kindle Store.
Learn more
