20 internautes sur 21 ont trouvé ce commentaire utile
- Publié sur Amazon.com
Juniper NetScreen firewalls have become a market leader for performance and features, and it's no wonder: they really are that good. As such, more people need to learn how to use them and configure them to do a wide range of activities. With this in mind, "Configuring Juniper Networks NetScreen & SSG Firewalls" attempts to fill that gap.
This book is similar to the well known and respected books from Cisco Press, and is basically a large scale product manual. As such, it's important to compare it both to the Cisco Press books in terms of production quality and clarity, and also to the docs that Juniper provides for free on their website. When you make this comparison, you find that "Configuring Juniper Networks NetScreen & SSG Firewalls" comes up short in both areas. That's not to say it isn't trying, but there are enough problems to make it just an average book.
Chapter 1 is the common basic firewall and Internet threat overview. Nothing too groundbreaking, and probably included for completeness. Chapter 2 is a nice overview of the Juniper Netscreen product line, and some of the basic concepts and technologies within them. Again, useful and probably included for completeness.
Chapter 3 covers "Deploying Juniper firewalls", focusing on basic options and introducing you to the web-based UI. Most of the material here is available in the online help or the free Juniper docs. Most of the instructions in this chapter are clear. Chapter 4 focuses on policy configuration and uses both the UI and the CLI to do so. Again, stuff that you can pick up with the free docs (granted the CLI help isn't as rich as docs, but the help is there nonetheless, especially for the UI), and again the presentation and examples are pretty clear.
Chapter 5 covers advanced policy configuration ideas, but focuses on bandwidth management. Some decent material here, but some of the CLI stuff gets a bit long and you can start to drown in it if you're not careful. Chapter 6 covers user authentication, and by this point the book (which, admittedly, is a reference book at heart) gets to be mind numbing. I started noticing some production errors here, usually in the typeface and presentation of the material. Some of the "settings" stuff gets to be a bit unclear to me at times, perhaps I need to study it more closely.
Chapter 7 covers routing (ie RIP, OSPF, BGP) and virtual routers. The size of this chapter and its examples is huge (100 pages), and if you're not careful you'll go blind. Again, this doesn't have much over the free Juniper docs, which are a bit better organized. Chapter 8 is a bit more managable (50 pages or so) and covers address translation (NAT, PAT, etc). at times it just becomes a series of examples, but the presentation is similar to the previous chapters. Not much over the free Juniper docs. Chapter 9 is another similar chapter and covers transparent mode. Decent presentation and examples, a few nits here and there that I find in this set of chapters.
Chapter 10 covers attack detection and defense, and I think the material is better organized than the more traditional networking materials. The examples are fewer and more focused.
Chapter 11 covers VPNs and was surprisingly short. The configuration stuff is either surprisingly simple and foolproof to set up or this chapter was very hit and run. The screenshots in this chapter are probably the weakest in the whole book, but in general they suffice. I'd probably say hit the Juniper docs, instead. Chapter 12, covering high availability (failover, redundancy, etc) is better, and has more examples and material. I think this is one of the better chapters balancing presentation and examples.
Chapter 13 covers troubleshooting, but I would have expected a bit more material. Perhaps if you pair it with the previous chapters on specific matters and features it would help. Chapter 14 ends the book with a tidy, concise and pretty clear unit on virtual systems (ie sub-interfaces).
Before you buy this book, you should look at the free documentation for ScreenOS and many Juniper products. I suspect that you'll find that their quality meets what you want, and they're clear and concise. That said, review this book (see if you can look inside and flip through it), seeing if it's worth the price for you. "Configuring Juniper Networks NetScreen & SSG Firewalls" attempts to be the authoritative source of information on NetScreen devices and does OK, but there are enough nits in the presentation and production to warrant any potential buyers to really compare it to the existing docs.