Windows 2000 Security Handbook is an excellent all-around reference for tightening security on Windows 2000 systems. The book breaks neatly into bite-sized areas of individual specialty, making it easier for you to find the specific areas of interest in which you might lack experience.
The experienced security professional with a solid background in Win2K security probably wont read the book all the way through. The first few chapters are about basic security principles, which is a bit redundant for the seasoned professional. However, the book is still quite a useful reference: You no longer need to search high and low on Microsofts Web site for information conveniently contained within the books pages.
For the average system administrator with little or no security background, this book is a must haveand you will find the books structured approach a huge plus. The book is relatively easy to follow, and it provides a broad base of content that you can easily apply to most environments.
The authors start with the basics of TCP/IP, security threats, and countermeasures and policy, and then progress to the specific applications of new security features in Win2K. The authors conclude by discussing, step-by-step, some ways to harden Win2K systems. As the authors state, use the recommendations as a baseline. Depending upon a systems use, configuration, and applicable security policies you might have in place, your mileage will vary.
The appendices are a bit light in content for the topics that are introduced, such as management, monitoring and auditing, and intrusion detection systems. A more in-depth explanation of how these types of systems can be implemented efficiently and cost effectively with Windows 2000 seems warranted. Microsofts Internet Security and Acceleration Server (ISA) had just been introduced at the time of the books writing, so you wont find much other than an introduction of features.
Overall, Windows 2000 Security Handbook is an extremely handy book to have on your bookshelf. The book is comprehensive in nature, and it provides a great starting point for system administrators. The authors, Phil Cox and Tom Sheldon, have put together something that is applicable to most skill levels and that wont collect dust on your shelf. The technical editing by Eric Schultze, Microsofts security program manager, ensures that the items specific to Win2K are accurate and current. One addition, however, would make the book even more useful: A CD-Rom that contains
* For comparison, NetMon Network captures of poorly configured and properly configured systems
* Third-party tools that assist in implementing, securing, and monitoring the concepts and strategies presented
* Win2K .inf templates for various secured configurations (these templates are available on the authors Web site (www.systemexperts.com/win2k).
But Im sure the authors are working on these ideas for the next release of the book.
Windows 2000 Security Handbook
Authors: Philip Cox and Tom Sheldon
Publisher: Osborne
Published: 2001
ISBN: 0-07-212433-4
738 pages, no CD-ROM
$44.99