Three years ago, the lead network technician on my campus network spent 95% of his time installing, configuring and tweaking network-attached devices. Today, he spends 95% of his time securing them. . . .
Three years ago, the lead network technician on my campus network spent 95% of his time installing, configuring and tweaking network-attached devices. Today, he spends 95% of his time securing them. The field of network security is large, and security is a tough job. It also can be next to impossible to stay current with all the latest developments, let alone track all the vulnerabilities, patches, alerts, incidents and attacks. So, Allan Liska's book on current network security practice is welcome, indeed.

The central dogma of the book is the organization of a security policy on a series of fronts that when implemented in their totality provide "layers of protection" against attackers. This is excellent advice. Liska also drums home the message that network security has to be a priority for the entire organization, not only the IT department or network administrator. Without the involvement of the organization, the resulting security policy is sub-optimal at best and next to useless at worst.

The link for this article located at Paul Barry is no longer available.