From the Cover: "Your Complete Guide to Cisco's PIX Firewalls
Includes Coverage of the Cisco Secure PIX Firewall Advanced Exam (9EO-111)
Full Coverage of the Latest PIX Firewall Operating System Version 6.2
Complete Coverage of Configuring TurboACLs
Introduction
I expected that this book would give me what I was looking for out of a product-specific book, excellent coverage of the product and its features. It was all that and then some. I was thoroughly impressed with the coverage in this text. This book is perfect for anyone looking to gain familiarity with the Cisco PIX. It's also great for those looking to find solutions for existing PIX implementations. The main focus of this book is to prepare individuals for the corresponding exam as mentioned above. Without further delay, let's take a look at what's inside.
Book Outline
Chapter 1 - Introduction to Security and Firewalls
The Importance of Security
Creating a Security Policy
Cisco's Security Wheel
Firewall Concepts
Cisco Security Certifications
Chapter 2 - Introduction to PIX Firewalls
PIX Firewall Features
PIX Hardware
PIX Licensing and Upgrades
The Command-Line Interface
Chapter 3 - Passing Traffic
Allowing Outbound Traffic
Allowing Inbound Traffic
TurboACLs
Object Grouping
Case Study
Chapter 4 - Advanced PIX Configurations
Handling Advanced Protocols
Filtering Web Traffic
Configuring Intrusion Detection
DHCP Functionality
Other Advanced Features
Chapter 5 - Configuring Authentication, Authorization, and Accounting
AAA Concepts
Cisco Secure ACS for Windows
Configuring Console Authentication
Configuring Command Authentication
Configuring Authentication for Traffic Through the Firewall
Configuring Accounting for Traffic Through the Firewall
Configuring Site-to-Site IPsec without using IKE (Manual IPsec)
Configuring Point-to-Point Tunneling Protocol
Configuring Layer 2 Tunneling Protocol with IPsec
Configuring Support for the Cisco Software VPN Client
Chapter 8 - Configuring Failover
Failover Concepts
Standard Failover Using a Failover Cable
LAN-based Failover
Chapter 9 - PIX Device Manager
Features, Limitations, and Requirements
Installing, Configuring, and Launching PDM
Configuring the PIX Firewall Using PDM
Monitoring the PIX Firewall Using PDM
Monitoring and Disconnecting Sessions
Chapter 10 - Troubleshooting and Performance Monitoring
Troubleshooting Hardware and Cabling
Troubleshooting Connectivity
Troubleshooting IPsec
Capturing Traffic
Monitoring and Troubleshooting Performance
Presentation and Content Quality
This book was 9 chapters (minus 1 for Chapter 1's Introduction) of hardcore PIX material. It was presented in a fashion in which I found easy to follow. Each chapter seemed to flow into the next in a somewhat subliminal manner. The organization had a very logical rythm that complimented the rich content by allowing me to use my troubleshooting background to get a better grasp on the material. For example, Chapter 2 starts with an Introduction to the PIX, including some basic commands - many of which will be familiar to those who have worked with Cisco routers - and beginning configuration. Following this, in Chapter 3, we have "Passing Traffic" as the main header, which is further broken down into allowing both inbound and outbound traffic, among other things. This is really where the troubleshooting logic kicked in for me as the authors made sure you knew how to pass all traffic before progressing to additional configurations. Those that have experience troubleshooting know how invaluable this concept is to the profession. In my opinion, the authors made an excellent move in organizing the book in this manner. Next, in Chapter 4, you have more advanced topics including how to filter web traffic and setting up DHCP. So, to sum up my point, you're first taught how to pass traffic through the PIX before you learn how to manipulate the different types of traffic which traverse the device. In other words, get it working first, then start adding things into the mix to see how much "trouble" you can cause.
Between each of the chapters, I found that there was a summary, a Solutions Fast Track - giving high points of the chapter's subject matter - , and a FAQ, which gave a few common questions relating to the particular chapter. What disappointed me a bit about the content was that a more comprehensive list of review questions was not presented at the end of each chapter. While the content was still excellent, I expected that a bit more emphasis would be placed on review of the material covered since this book would be considered preparation for a certification exam. It probably wouldn't have hurt if there were a CD included with an electronic copy of the book and some sample questions to help fine-tune weak areas of study.
Conclusion
All-in-all, this is a great book - very eloquently written. I highly recommend it to anyone looking to begin or enhance his/her knowledge on the PIX. It can be used as a learning tool, study tool, and a reference material - something many authors have trouble accomplishing. However, this book is proof that it can be done. The only thing that prevents me from giving this book a perfect rating is the lack of comprehensive review questions and/or a supplementary CD. That said, I am giving this book the following rating:
9/10
This review is copyright 2003 by the author and Security-Forums Dot Com, and may not be reproduced in any form in any media without the express permission of the author, or Security-Forums Dot Com.