The security of networked computer systems is too often regarded as one of the black arts - a marginal landscape that may attract unwelcome interest from those wishing to subvert rather than secure. This makes teaching the subject particularly sensitive, so this excellent book by Joseph Migga Kizza is very welcome.
The author steers a middle path between dry-as-dust technical instruction and lurid cyberpunk to give a thorough, complete and very readable guide to the subject. Grounded carefully in theory, and with enough practicality to maintain the interest of the undergraduate code junkie, the book is well structured and presented - offering the basis of a strong balanced course. Although the book's introduction is dated October 2008 and there have obviously been developments since then, not least in wireless technology, the text doesn't lack currency or relevance apart from a very few points of detail.
After a concise, but useful, review of the basic technologies and topologies common to current network technologies, Kizza introduces us to the ecology of the network security environment. We are led, via a discussion of its origins in the "phone phreaking" of the early 1970s, to an analysis of current threats and vulnerabilities.
A number of the most memorable and publicly acknowledged security incidents are described in detail, which is useful as undergraduates are now often too young to have been aware of some of the "classic" virus attacks. The descriptions of these are lively, and occasionally Kizza gets a little too excited, such as when he talks of the Anna Kournikova virus "circumventing the globe", but this comes across as oddly endearing.
Risk management and the importance of building a holistic security policy hold an appropriately prominent place in the core of the book, firmly making the important point that network security is not solely an IT issue, but a key part of corporate management.
Unusually, the author includes a discussion of the particular security issues relating to wireless sensor networks. This is a good example of how this book delivers in terms of completeness, as sensor networks, although increasingly important, are still far from mainstream.
A careful study of this book will give the reader a solid grounding in the basic technologies, operational requirements, design considerations, standards and ethical conundrums that the network professional needs to understand. It provides an excellent base from which to specialise further, but stands by itself as a valuable guide.
Who is it for? A very good core text for an undergraduate course in network security, and valuable for any IT professional needing to refresh his or her understanding in this area in a more than anecdotal manner.
Presentation: Orderly, organised and very easy to navigate. It is well, but not excessively, referenced and the diagrams actually aid understanding rather than just filling up the page.
Would you recommend it? Yes, unreservedly.
A Guide to Computer Network Security
Author: Joseph Migga Kizza