1 of 1 people found the following review helpful
Delpoying Defense-in-depth and breadth for IP/MPLS Networks - Great Title!,
This review is from: Router Security Strategies: Securing IP Network Traffic Planes (Paperback)
That's just yet another great title from Cisco Press!. This book does a great job of logically dividing the overall router security into each logical context by way of describing the router's planes. I also found very elaborate and diverse "Further Reading" towards the end of each chapter very useful. I particularly liked the idea of overall structure and quality of contents in the book which relate to both a casual and an advanced reader!
Book is structured into four Parts;
Part I focuses on laying the foundation for the rest of the book. It achieves this purpose by talking about the Enterprise and SP network fundamentals. This also includes day-in-the-life-of-a-packet through various router switching mechanisms. Chapter 2 re-hashes the network security/threat models but does a nice job of dividing it into various aspects of architectures including various IP VPNs scenarios.
For an advanced reader, this should serve as a nice refresher!
Part II introduces you to real meat of router security, i.e., securing the router planes in both IP and MPLS networks. Authors do a good job of describing the details of each component. Chapters in this section contain working details and IOS configuration snippets to enhance the understanding of various concepts discussed. An advanced user will find all the details given here very useful, and prefer read them cover to cover.
Part III walks you through various case studies to further the concepts explained in the prior chapters. I particularly like the idea of covering both Enterprise and SP case studies. It provides use cases, application examples, and best practices guidelines for the key concepts discussed in the whole book
In Part IV, I very much like the idea of not just copying pasting the headers as-is, rather adding the security implications of each and putting them into its context. Cisco IOS to IOS-XR Security transition is also useful although to mostly SP audience.
This book discusses security as in Router planes for both IP and MPLS VPNs Security. A few times you can notice that authors are repeating themselves.
Overall, I strongly recommend this book to all network security engineers as MPLS (due to its inherent advantages and applications) is gaining momentum not only in the service provider space but also in the enterprise market segment.