Customer Reviews

IPSec (2nd Edition)

5 star:		(4)
4 star:		(9)
3 star:		(3)
2 star:		(1)
1 star:		(1)

 

 

This book was short but had very detailed information on the new emerging IPSec protocol. I am an IP Security Engineer for Nortel Networks and have found that this book as some very useful information when it comes to troubleshooting IPSec in a VPN solution.

I would recommend this book to anyone who needs to have an understanding of the IPSec architecture or even if you are just getting into security.

I looked at this book when I was just starting out working on IPsec. I had read the RFCs once but felt I needed a good book since the IPsec protocol is pretty complex and the RFCs are not very well written. I did not buy this book but scanned it thoroughly in a bookstore. The book seems to repeat what the IPsec RFCs say without adding more to it. There are very few figures in the book to explain the concepts. I ended up buying "Demystifying the IPsec Puzzle" by Sheila Frankel which is a much better book.

This is not a thick book, just about two hundred not including the index. It's targeted at IPSec including architecture, Authentication Header (AH), Encapsulating Security Payload (ESP), Internet Key Exchange (IKE). I read the book page by page but got stuck in IKE. Maybe more explanation & examples can help readers to fully understand the mechanism of IKE.

After I finished the book, I got the feeling that I need another IPSec book to clear up my confusion..... BTW, this is my first book on IPSec!!

I found this book hard to read, especially right after having read a very well-written network security book ("Network Security": Kaufman, Perlman and Speciner). The grammar and sentence structure aren't *bad*, just hard to follow - the text doesn't flow well. Another problem is that some of the examples and details are just plain wrong. If you don't know anything about networking beforehand, the introductory section will leave you confused.

On the plus side, if you wade through it, it's got a lot of very good information on the IPSec suite of protocols.

Before reading this book I think it is good if you have a basic understanding of IPSec topics and terms. In any case, the book explains quite well the basic principles of IPSec and the associated things such as hashing and encryption algorithms (doesn't go too much into details on these ones though...)
The chapter where I lost the thread was ISAKMP and IKE.
Maybe it's me, but I think this was pretty confusing way of explaining it.
Although most likely not the only book I would read about IPSec - it is certainly a good book as introduction into IPSec and many things are explained very well which I didn't find in some other books.

This book is a good recap on IPSec if you have not been working with IPSec for some time. I recommend this book for begineers to IPSec implementators and it is a good reference book to have handy. The first few sections explain the basics of IPSec and are very well detailed without getting into the specifics. However, the sections on IKE are not well explained and it lacks real detail of IKE implementations and no good diagrams.

I found this book an excellent recap of IPSec as i have not worked with IPSec for almost 3 years, and instead the book gives good and concise information but is mostly in a synopsis format and lacks the real meat.

As a network security professional working with IPSec based VPN solutions for the past year, I was looking for a reference that would fill in the gaps of my understanding of IPSec. This book did an excellent job. It presents the concepts and mechanics of IPSec components in a logical fashion. Some gramatical errors, but not bad enough to interfere with the message.

Gives a good overall general-only understanding of IPSec. I do not think anyone can really use this as a sole reference for implementing IPSec. It does not have enough illustrations, its much too long for its actual content, written in a confusing manner.

After reading about IKE, I still have only a general idea of how it works.

Ideally, you should understand basic crypto and have played around with VPNs before reading this book. Have you configured local, gateway, and Road Warrior VPNs before? If so, this book is ideally suited for review and for filling in any gaps in your knowledge. There are some grammatical errors, but nothing serious. Some illustrations, particularly those in the Deployment Scenarios section, don't mesh with the text and require correction to make sense. There is enough information in the text to resolve these errors and pencil in corrections, but isn't this supposed to be a second edition? Speaking of mesh, I was surprised to see no mention of the highly useful mesh equation n(n-1)/2 anywhere. Instead, a more junior-level illustration is used. A combination of both would have been more appropriate for this book. Overall, this is a useful book that will take your basic knowledge of IPSEC to the next level.
4 stars, as the book nevertheless is a productive discussion with two knowledgeable practitioners of IPSEC.

Even though the book is not a 1000-page thick, you will be suprised that it provides very good and detailed introduction on IPSec, the emerging security standard for internet.

The author gives a brief review on cryptography, TCP/IP and IP Security, and then provoides very detailed information on the three primary parts of IPSec architecture, which are AH, ESP and Key management.

Some examples may be missing the point. i.e., as to L2TP, if the payload is IP data, then IPSec can completely handles it. It is used and make sense only when the payload data is some other protocol like IPX etc. In author's example he still uses IP payload and that might confuse the readers. And explanation part of ISAKMP/OAKLEY is particularly hard to read, if the author had given an example, that process would be greatly clarified.

Overall, this is a good book to start with whether you are going to implement IPSec or just want to know the architecture of IPSec.