Bragg is particularly knowledgeable about the security of Microsoft Windows products and this book tries to take a slightly different approach by providing practive marching orders and specific steps to take immediately rather than just teaching theory or conceptual security techniques.
The Book
Hardening Windows Systems, and the Hardening series of books from Osborne / McGraw-Hill, takes a somewhat fresh approach on the topic of security.The book is divided into four sections to allow the reader to concentrate on the information that matters most for the task at hand. The four sections are:
- Do This Now!: Provides immediate steps you should take to lock your system down and prevent attacks
- Take It From The Top: Leads the reader through a systematic approach to hardening Windows security with a focus on authentication, access controls, borders, logical security boundaries, communications, storage, and administrative authority.
- Once Is Never Enough! Details the ongoing monitoring and assessment necessary to maintain your network security, including patch management and auditing.
- How to Succeed At Hardening Your Windows Systems To some degree this is the most important section. Tips and hints for securing the network are great, but this section provides strategies for getting budget approval, management buy-in, and employee cooperation for your security program- three things without which security will most likely fail.
There are tons of books on network security, but this approach and structure are worth looking at.
My Review
A trip to the local book store will quickly show you that there is no shortage of books on the subject of network security. In fact, Roberta Bragg, the author of Hardening Windows Systems, has written some of the other contributions to this genre as well. So, why another one?Osborne / McGraw-Hill publishing, publishers of the Hacking Exposed series, introduced the Hardening Series of books, to add a fresh perspective and approach to network security books. Rather than simply regurgitating the same theoretical material and security best practice details, these books provide more nitty-gritty, action-oriented information.
In the first chapter, Bragg provides a list of ten things you should do immediately to secure your Windows systems. This helps get you very quickly from cracking the cover to getting actionable information you can implement now.
Working in I.T. though, I think that the last section is possibly more valuable than the information about securing the system. Getting budget approval, management support and user cooperation are all essential to securing the network and this information is invaluable.
I like the structure and approach of this book and recommend it for anyone supporting a Windows-based network.