The Feghhis' approach is somewhat academic, with loads of endnotes and lots of diagrams depicting message contents and trust relationships. That's not to say that this approach isn't practical, because after all, any implementation of security services has to be based on an understanding of what they do and why. Besides, the book provides exact instructions for setting up IPsec and VPN services in typical Windows 2000 environments, plus an interesting section on publishing services in Active Directory. Have a look at this one if you've never studied Kerberos, tunneling protocols, or certificate infrastructures, and you want your introduction to include lots of references to Windows specifics. --David Wall
Topics covered:
- Windows 2000 security from administrator and architect perspectives
- Kerberos authentication
- Public key infrastructure (PKI)
- IPsec
- Virtual private networks (VPNs)
- The Security Support Provider Interface (SSPI)