Hands-on techniques for securing Windows(r) servers, browsers, and network communications

• Create effective security policies and establish rules for operating in and maintaining a security- conscious environment
• Learn how to harden Windows multi-user platforms, including NT, 2000, and XP
• Understand secure installation options for Windows web servers and how to enhance security on existing web and FTP server installations
• Improve security at the end user's workstation, including web browsers, desktops, and laptops
• Evaluate the pros and cons of installing a certificate server and becoming your own Certification Authority
• Learn the Cisco PIX Firewall and Cisco IOS Firewall architecture and how to apply Cisco standard and extended access lists
• Discover ways to test the current state of security and keep it up to date
• Learn to engage end users as part of the overall network security solution

While the Internet has transformed and improved the way we do business, this vast network and its associated technologies have opened the door to an increasing number of security threats. The challenge for successful, public web sites is to encourage access to the site while eliminating undesirable or malicious traffic and to provide sufficient levels of security without constraining performance or scalability. The more reliant organizations become on the Internet to perform daily jobs or conduct transactions, the greater the impact a breach of network security has. Just as Cisco Systems has been an innovator in using the Internet to conduct business, so too is it a market leader in the development and sale of products and technologies that protect data traveling across the Internet. Yet a network security solution is only as strong as its weakest link. Network attacks can occur at any point, including the network connection, the firewall, the web server, or the client. Hardening the defenses at all these points is key to creating an effective, all-encompassing network security solution.

Web Security Field Guide provides you with hands-on, proven solutions to help patch the most common vulnerabilities of Windows(r) web servers and browsers within the context of an end-to-end network security architecture. Avoiding conceptual discussions of underlying technologies, the book spends little time discussing how each application works. Using plain language and lots of step-by-step examples, the book instead focuses on helping you secure your web servers and prevent the majority of network attacks. Divided into five parts, the book opens with an overview of essential background information and helps you establish working network security rules and policies. Parts II through IV teach you the techniques for hardening the operating system, the web server, and the browser. Part V of the book addresses overall network security, focusing on preventing and controlling access. Topics such as becoming a Certification Authority, Cisco PIX(r) Firewall, Cisco IOS(r) Firewall, access lists, ongoing security maintenance, and testing are all examined in-depth, providing an overall network security plan that can drastically reduce the risk to your business systems and data.

Full of diagrams, screen captures, and step-by-step instructions for performing simple tasks that can radically improve the security of your Internet business solutions, Web Security Field Guide is a practical tool that can help ensure the integrity and security of your business-critical applications.

Kalman shows his understanding of these areas by starting off with a concise discussion of these valuable items. This form the basis for the later Chapters.

To achieve computer security, you need a security policy. Kalman moves to this indespensible area next, covering the basics of this easy to understand, but difficult to implement, concept.

Achieving Web Security means securing your WEB browsers, hardening your operating systems on your Web Servers, hardening your WEB servers, securing the dataflow between browser and server, and finally, taking care of the entire Web environment.

Most writers seem to think that Web security is only about items such as hardening a WEB server, using something like the Microsoft LockDown tool for IIS. This book goes much farther; it follows the tried and true perscription noted above to generated a more secure Web environment.

First off, for the Microsoft sites, a good discussion of the IEAK took for the Internet Explorer is found. Using this tool, you can completely customize your IE Web Browser. This will eliminate a number of hacks that many have faced in recent years. Very few books discuss IEAK.

Of course, the issues involved in securing or hardening a web server are presented in good detail. Following that is a good
presentation of the fundamentals of securing Microsoft servers, using the Microsoft Security Configuration toolkit follows. Many who use Microsoft do not use this valuable toolset. Kalman has done a good job explaining this valuable toolset so that a wider audience can benefit from using its many features.

It also handles the tricky matters with the Certificate Server scenarios as well.

I also like the coverage of Cisco ACL's and the PIX firewall. Most whom I have met have experienced great difficulty in setting up properly functioning ACLs for their Cisco border routers. And of course, properly setting up a PIX is as, if not more challenging than setting up router security. Kalman shows his breadth in the field by including these seldomly included topics in his Field Guide.

After all this, Kalman pursues the day to day management issues that must be dealt with by those responsible for securing their environments.

Every chapter has excellent material. It is not a book filled with fluff, but rather an excellent compendium of time proven techniques to provide better security.

Securing a web environment is a challenging, time-consuming task, that must be done day after day. Kalman has written the exact kind of "Field Guide" to help novices and even experienced security personnel in many ways.

If you are looking for a great guide that is both thorough and easy to read with many graphics, this book is for you.