Rating: 
Summary: Deserves to become a classic
Review: Wadlow's new book is full of sage and useful guidance for medium to large organizations that are completely dependent upon the Internet. Intended mainly for the chief security officer, or the administrator responsible for information protection, this book is not so much about technology as it is about how to apply technology. It clearly describes how to effectively configure and administer your information systems and your staff in order to prevent security incidents and, when the inevitable does happen, to recover as quickly and completely as possible.With 20 years of relevant experience, the author has done some deep thinking on this subject. As an example, he lists 27 different job functions performed by the security team. Will any organization actually have 27 different security specialists? No, but any security manager would be well-advised to review that list to ensure that all necessary functions are covered by somebody. Wadlow provides helpful ideas on creating an effective security policy-even when management hasn't bought into the idea yet, and has sound advice on both hiring and firing staff. Read the chapters "Preparing for an Attack" and "Handling an Attack" before its too late. Chapters on auditing, log file analysis, and forensics all provide concrete guidance on these difficult processes. The book is filled with helpful analogies that are useful in developing an understanding of the nature of network security. One of the biggest difficulties in training people to become effective in the security arena is in developing the mindset-an innate understanding of information security dynamics. You need a grasp of the big picture to have that intuitive realization that without a constant proactive security effort, you are actually moving backwards. It is a process and Wadlow presents it in a clear and compelling fashion. If you want to think securely-if information security is part of your current or future responsibilities and you'd like a more mature concept of what that entails, then you will find this book invaluable.
Rating:
Summary: A clear vision of quality network security
Review: Wadlow's _The Process of Network Security: Designing and Managing a Safe Network_ may set a new standard for presenting information about the policies, procedures and designs required to build and operate secure networks. This book contains a plethora top-notch information about secure computer network design and it thoroughly details the policies, standard operating procedures and day-to-day operations and maintenance of a secure network. But also it comes as a pleasant surprise that this book's content does not operate in a void: it includes well thought out information about how to be a network security manager and how his/her staff can peacefully exist within a business organization. Lastly, and perhaps most importantly, this book presents boiler plate information and illustrations which allow the reader to begin securing his/her computer network quickly.
| 
