Secure Networking With Windows 2000 and Trust Services [Paperback]

Jalal Feghhi (Author)

Book Description

Publication Date: February 9, 2001

Windows 2000 offers IT organizations a completely new security model and many new security technologies. In this book, two leading information security experts present hands-on projects and techniques for leveraging Windows 2000 security in any network environment -- intranet, extranet, Internet, VPN, or e-Commerce. The book offers detailed, practical coverage of securing sensitive resources using Kerberos, Public Key Infrastructure (PKI) technology, IPSec, Active Directory, and other Windows 2000 security technologies. Leading security professionals Jalal and Jalil Fegghi present each key Windows 2000 security protocol, review the tradeoffs associated with each approach, and guide network administrators to make the most appropriate choices for their environments. The book also includes detailed techniques for building secure Virtual Private Networks and e-Commerce sites and applications. For all Windows 2000 network/system administrators, IT executives and professionals, and power users concerned with security. The CD-ROM contains useful programs and code.

Editorial Reviews

Amazon.com Review

Another version of Windows, another way of thinking about security. Secure Networking with Windows 2000 and Trust Services explains how Windows 2000 interconnects users and resources, locally and across distances. With emphasis on extranets and virtual private networks (VPNs), this book is in large part an explanation of how to implement a public key infrastructure (PKI) with the services built into Windows 2000. In addition to providing a technically sound overview of Kerberos authentication and certificate management, the authors--two brothers who both specialize in PKI professionally--explain cryptography and IPsec, and show how to incorporate everything into various kinds of Windows 2000 networks.

The Feghhis' approach is somewhat academic, with loads of endnotes and lots of diagrams depicting message contents and trust relationships. That's not to say that this approach isn't practical, because after all, any implementation of security services has to be based on an understanding of what they do and why. Besides, the book provides exact instructions for setting up IPsec and VPN services in typical Windows 2000 environments, plus an interesting section on publishing services in Active Directory. Have a look at this one if you've never studied Kerberos, tunneling protocols, or certificate infrastructures, and you want your introduction to include lots of references to Windows specifics. --David Wall

Topics covered:

• Windows 2000 security from administrator and architect perspectives
• Kerberos authentication
• Public key infrastructure (PKI)
• IPsec
• Virtual private networks (VPNs)
• The Security Support Provider Interface (SSPI)

From the Back Cover

The pervasiveness and efficiency of the Internet infrastructure have greatly-affected the business needs of many organizations in recent years. Organizations have been migrating more toward the Internet business model for interacting with partners, suppliers, contractors, and customers. The same infrastructure provides organizations with a cost-effective and easy-to-administer medium to extend their internal resources to their mobile work force. However, effective use of the Internet as a platform for conducting transactions hinges on ensuring the integrity and privacy of communications exchanged over the Internet.

Secure Networking with Windows 2000 and Trust Services is an authoritative resource that addresses the security issues involved in using the Internet as a platform for conducting commerce. It explains public-key technology and describes techniques for ensuring secure transactions with business partners and consumers. For organizations looking into scalable, remote-access solutions, this book provides basic material on virtual private networks (VPNs) and includes practical guidelines for using the built-in security features of the Windows 2000 operating system. Basic material and sample programming projects explain how to use the Kerberos authentication service to secure internal networks while sharing resources with the external world via the Internet, intranets, and extranets. In addition, the authors explain the role of trust services in ensuring the integrity of secure electronic commerce systems.

Throughout the book, the authors provide thorough explanations of such key topics as:

• The Kerberos network authentication service and how Kerberos secures internal access to network resources
• The Kerberos authentication system in Windows 2000
• Virtual private networks (VPNs) and the Internet Protocol security (IPsec) architecture
• Cryptography, public-key technology, public-key infrastructures (PKIs), certification authorities, digital certificates, and the X.509 standard
• The Windows 2000 public-key infrastructure and practical guidelines for using its built-in public-key features
• The built-in capabilities of Windows 2000 for supporting virtual private networks and the IP security (IPsec) protocol
• External trust infrastructures and trust issues in B2B marketplaces
• Local trust networks created by the Windows 2000 Certificate Services (or other certificate servers) and effective methods for plugging such internal trust networks into the VeriSign external trust infrastructure
• Windows 2000 as a programming platform to create secure, distributed applications

The accompanying CD-ROM contains sample-programming projects written in Visual C++ for the Windows 2000 server operating system. These projects demonstrate how to "Kerberize" client-server based applications and publish secure services in the Windows 2000 Active Directory.

0201657783B04062001

See all Editorial Reviews

Product Details

• Paperback: 384 pages
• Publisher: Addison-Wesley Professional (February 9, 2001)
• Language: English
• ISBN-10: 0201657783
• ISBN-13: 978-0201657784
• Product Dimensions: 9.3 x 7.4 x 0.8 inches
• Shipping Weight: 1.4 pounds
• Average Customer Review: 3.0 out of 5 stars  See all reviews (2 customer reviews)
• Amazon Best Sellers Rank: #1,650,259 in Books (See Top 100 in Books)

More About the Author

Discover books, learn about writers, read author blogs, and more.

Customer Reviews

Most Helpful Customer Reviews

2 of 2 people found the following review helpful:

3.0 out of 5 stars not thorough enough, September 27, 2001

By 

Moshe Wanounou (Ashqelon, Israel) - See all my reviews

This review is from: Secure Networking With Windows 2000 and Trust Services (Paperback)

A friend of mine show me this book lately. I decided to read the book, even though i'm well trained windows 2000 security expert. I managed to read it twice from cover to cover in one week.
Well, the book is well suited for beginners and intermediate users, students (MCSE candidates), administrators, technical engineers and windows 2000 instructors.
The Book started well covering the Kerberos Protocol and then moving on to PKI,IPSec and VPN. Each technology deserves a book for itself. The Authors intended the book only for technologies overview therefore it's not a step-by-step guide. You'll not find real world tips and tricks while implementing those technologies in windows 2000. Even the registry is not mentioned once. I find the book informaive but the part of Windows 2000 lacks important information. The authors will better do if they will split the book to two parts - the first will cover all the security technologies presented in Windows 2000 and the other half dealing with implementation - step by step guide to successful implementation. Doesn't sound a bad idea, is it?

3.0 out of 5 stars not thorough enough, September 27, 2001

By 

Moshe Wanounou (Ashqelon, Israel) - See all my reviews

This review is from: Secure Networking With Windows 2000 and Trust Services (Paperback)

A friend of mine show me this book lately. I decided to read the book, even though i'm well trained windows 2000 security expert. I managed to read it twice from cover to cover in one week.
Well, the book is well suited for beginners and intermediate users, students (MCSE candidates), administrators, technical engineers and windows 2000 instructors.
The Book started well covering the Kerberos Protocol and then moving on to PKI,IPSec and VPN. Each technology deserves a book for itself. The Authors intended the book only for technologies overview therefore it's not a step-by-step guide. You'll not find real world tips and tricks while implementing those technologies in windows 2000. Even the registry is not mentioned once. I find the book informaive but the part of Windows 2000 lacks important information. The authors will better do if they will split the book to two parts - the first will cover all the security technologies presented in Windows 2000 and the other half dealing with implementation - step by step guide to successful implementation. Doesn't sound a bad idea, is it?