In its third edition, Guide to computer network security succeeds in providing a very general overview of what security means in a networked environment. This new edition includes a chapter focused on the Internet of Things.
The book starts by providing, in Part 1, some general technical information about how networks operate and general definitions of security in the digital age.
Part 2 scrutinizes traditional networks in light of threats and cyber crime. It describes the motives and approaches to compromise computer networks, deals with some historical events that have led to current developments, and offers first insights into strategies to counteract and deter possible attacks.
Security strategies are further presented and explained in Part 3. This part is an extensive account of different mechanisms used to prevent, deal with, and mitigate security threats. The author covers a wide range of topics, starting from disaster management definitions, where he also offers quick recommendations on drafting a disaster management plan, to user access management, where descriptions of authorization and authentication mechanisms are depicted. This part contains an introductory description of cryptography and its two mainstream flavors: symmetric key encryption and public-key encryption. Firewall definition, configuration, and implementation are also covered. It goes further to discuss intrusion detection and prevention systems, where it quickly explains how different strategies are in use and the advantages and disadvantages of each; it brings the forensic perspective into play, while explaining what forensic means in the general concept, and how it applies to computer and network criminal investigation. Security standards and protocols are also mentioned in this section, as well as the meaning of security in wireless and sensor networks.
Part 4 discusses the proliferation of cloud and mobile services and gives proper definitions of cloud computing, mobile systems, and the respective security issues that arise. In the following section, threats and issues related to the household network are scrutinized.
Finally, Part 6 provides readers with some hands-on exercises and some proposals for future projects.
Overall, the book offers relevant definitions in the field of security and computer networks; however, those already familiar with the field will not really get much out of it. Most of the references are dated 2004 and earlier, which raises the question of how up-to-date and relevant some of the presented material still is. The book is definitively addressed to the general nonspecialist public; practitioners may be able to consult it for some definitions. Aside from some typographical errors and misleading table and chapter references, the book is an easy read. It is, in my view, important to emphasize that all of the topics are covered in a merely definitional, descriptive way.