Privacy & Individual Rights
Commerce, Security, & the Law
Net Culture, Art, & Literature
International Affairs & National Security
Ethics, Rhetoric, & Metaphysics
Science Fiction Other Resources
Other Book Review Sites
|I was excited to see a book on virtual private networks (VPNs) so early
in the game. Technologies to tunnel encrypted information over open networks
are relatively new (though tunneling TCP/IP over proprietary protocols is
not) and I eagerly anticipated a book on the subject from a publisher of
O'Reilly's caliber. Virtual Private Networks is a good first take on
the subject, though there are relatively few products and case histories for
the authors to draw upon in their discussions.
Virtual Private Networks opens by motivating the need for VPNs, with brief references to the familiar threats of packet sniffing, IP spoofing, and network intrusions. I was glad to see the authors didn't try to pad the book by going into too much detail in these and other areas familiar to their target audience of experienced network administrators. One area where a bit more detail up front would have been helpful, however, is the "A Brief History of Cryptography" section beginning on p. 31. The authors rush through an overview of secret key encryption, public key encryption, and hash functions in two confusing paragraphs that snapped the flow of the manuscript. They fixed the problem on p. 34 with detailed discussions on cryptosystems, but I was concerned about the quality of the section for the intervening pages. The introductory discussion on firewalls is much better than its crypto counterpart.
The book picks up as it goes along, though. Parts that stand out are the chapters on VPNs' interaction with remote access and wide area networks (WANs), implementing the point-to-point tunneling protocol, and configuring Cisco's PIX firewall. The WAN discussion is particularly solid. The authors also walk the reader through configuring other VPN technologies, including those for personal users, but the information could probably be obtained through the documentation accompanying the products. The chapters will help administrators compare products without purchasing them, however.
I don't mean to sound too harsh; Scott, Wolfe, and Erwin (and their editor, Andy Oram) took on a tough job when they agreed to this project. The team was faced with writing about a brand new subject that had several of its most important aspects partially covered in other O'Reilly books. I can sympathize with the authors' struggle to include only non-duplicative material and look forward to the second edition of Virtual Private Networks.
Curtis D. Frye (firstname.lastname@example.org) is the editor and chief reviewer of Technology and Society Book Reviews. He worked for four years as a defense industry analyst at The MITRE Corporation in McLean, VA, and is the author of Privacy-Enhanced Business, from Quorum Books.