( 4 reviews )
-
( 8 of 8 found this review helpful ) Posted: Jan 22 2003
"Windows XP Professional Security" (WXPPS) is a great way to learn about the newest technologies produced by the software engineers in Redmond. Although the "Windows XP" title suggests a focus on desktops, WXPPS is about enterprise strategies. It's surprising so much useful information can be packed into 400 pages. Good administration-oriented security books teach more than proper system configuration. They illuminate the inner workings of the operating system and explain why certain strategies work best. WXPPS doesn't just list OS settings; it explains what they mean and how they have consequences. No detail is too small, such as explanations of the various registry "Run" keys in ch 3 or the changes to "RestrictAnonymous" in ch 6. Those who consider Windows XP to be a cosmetic upgrade to Windows 2000 will be surprised by what WXPPS offers. The book explains several administrative and security enhancements, like Software Restriction Policies (SAFER) in ch 2 or IIS 5.1 in XP and 6.0 in Windows Server 2003 (formerly .NET Server). Active Directory is more closely tied to security than ever before, and WXPPS explains how Windows XP Group Policy Objects can be managed within a Windows 2000 domain. The Active Directory "crash course" in ch 11 does a good job bringing the reader up to speed on this crucial Windows component. I have few criticisms for this book. A walk-through for configuring IPSec would have been helpful, since the Windows implementation of IPSec tunnels via "wizards" seems clunky. Otherwise, I was happy with WXPPS' ability to introduce administrative or technical material as background, then proceed to explain security implications. The wireless section (ch 9) was particularly strong in this respect. I've added this book to my "Digital Security System Administration" Listmania list, and recommend those interested read a copy. Like Joel Scambray says about WXPPS -- "Don't boot up without it!" I look forward to the Windows 2003 Server edition, should one be published.
-
( 4 of 4 found this review helpful ) Posted: Dec 7 2002
Collaboratively written by security and networking consultant Chris Weber and Gary Bahadur (co-founder and CIO of Foundstone, Inc., a company that provides vulnerability management software, consulting, and training services to Fortune 500 clients), Windows XP Professional Security is an extensive and reliable guide to implementing and managing as secure a Windows XP environment as current technologies make possible. Individual chapters discuss a wide range of security-related topics including password management, firewalls, ways to prepare a computer system for the worst, and easy-to-understand instructions for taking advantage of all the new Windows XP security settings and features. A first-rate resource, Windows XP Professional Security should be required reading for anyone using Windows XP for personal, professional, or corporate purposes.
-
( 3 of 3 found this review helpful ) Posted: Nov 16 2002
The authors dont just provide how to info, but also why things work like they do, its heavy on internals and how to'sI'm a systems administrator and it really helped me with my group policy designs, and my wireless network setup. This book is definitive resource for all windows security, and gets into more than just xp, including 2000 and .NET.
