Book Reviews

Keeping Windows 2000 Safe

Refer to this volume for the hardcore details on Windows 2000 security and how to manage it effectively.

• By Travis Garriss
• 02/01/2001

This book provides clear technical explanations surrounding Windows 2000 security, getting to the meat of the issue and leaving product overviews and marketing hype behind. Instead of being a general survey geared toward the aspiring MCSE or casual reader, it's a serious technical work intended for the network administrator who needs information on Win2K security. As such, it excels.

When you open the book, the first thing you notice is a removable, cardboard quick-reference guide. Besides a catalogue of commands and switches, the author provides a list of relevant organizations and URLs. These will prove helpful should you need clarification or additional information on a topic covered within the text.

The book is organized into chapters that each cover a particular Win2K security feature. The chapter titles carry the names of these features and cover the following: Active Directory and ACLs, Group Policy, Security Protocols, Encrypting File System, Public Keys, Certificate Services, Mapping Certificates to User Accounts, Smart Cards, IP Security, VPNs, and Security Configuration and Analysis Tools. Subheadings are straightforward. Within the VPN chapter, for example, you'll find information on "Specifying A VPN Strategy" and "Configuring A VPN Server." The author clearly states what's covered and gives ample direction to find what you need.

In the book's first chapter, you're presented with an overview of Win2K security features. Each feature is thoroughly defined without delving into how to implement it. View this chapter as the foundation upon which the rest of the chapters stand.

The volume's remaining 360-plus pages provide the technical details missing in the introduction. The author goes into the specifics of the given security topic and then leads you through the mouse clicks required to utilize what's been covered in the previous pages. The step-by-step guides are helpful, and the exhaustive lists of switches and options are perfect for the tech in the trenches. The book also is cross-referenced, making it even more useful.

This volume serves as an excellent reference, and I strongly recommend it to any administrator who deals with Win2K security or AD. The technical information is detailed and thorough, and the references are relevant and useful. It's certainly a welcome addition to my library and has already provided solutions to real-world problems on more than one occasion.