1.3 Who Should Read This Book?

I hope that the primary value of the book will be to those who are entrusted by others to provide network security to their organization, company, or club. Network security is commonly complicated but it does not need to be. By following some commonly known best practices, you can safely secure your network under budget yet still allow yourself a good night's sleep. This book will show you how.

This text is not intended to serve as a study guide for any security certification. That said, most security certifications have a "common body of knowledge" on which they test. This common body of knowledge may be quite extensive yet not very deep, as in the case of the ICS² CISSP — or very deep yet not broad, as in the case of the SANS GIAC certification. If you are already a CISSP, you will likely not find much new in terms of information in this text. However, if you are already a CISSP, then you did not purchase this book to use as a study aid. The primary value of this book to those who already hold security certifications is to assist them in the process of working with and educating others who may not have the same level of expertise. If you are in the process of obtaining either of the above security certifications, this book will either instruct or reinforce the most common and critical elements of network security.

This book also does not extensively cover any particular technology or provide detailed configuration steps for each product. In the process of obtaining my own networking certifications, I have a stack of books for each discipline, each of which is taller than my own 6'5" frame. The number of Linux books alone fills a number of bookshelves in my home office. Each of these texts taught me valuable information; however, I find the ones most likely to collect dust are those that provide specific command references for a particular application. Not only does the technology move too fast to keep those books valuable for more than a month, but through the process of reading, consulting, working closely with clients implementing their own security policies and complex network needs, I have come to realize that although the checkboxes may change and the command-line interface or GUI may look different from box to box, what really matters when working with various networking products is knowing how the technology works and why I would be checking an option box in the first place. Sometimes, I even feel that some books use the screen shots to bump up their page count, with little long-term benefit to the reader. There is simply no substitute for learning the technology through trial and error and research. In this book I minimize the learning curve for you if you are new or otherwise thrust into the role of providing network security. To do this, I explain how things work and give you the information you need to compare one product against another. From there it is up to you to research the vendor's documentation to learn how to configure a given product.