Intranet Books

Probably the most comprehensive book on the complete product. Lots of bits and pieces out there but this one covers it all. I can tell it was started out early as a few things in the SDK have changed, but the concepts in here as well as the broad coverage of the way things fit together is outstanding. I was particularly impressed with the detailed explanations on some of the finer aspects like search. For day to day, this is a must have on the shelf!

If part of your job is installing SharePoint Server 2007 or SharePoint Serveices 3.0 this is the book that you should own. No other book that I have read is as detailed in describing the installation process. If you are only interested in development or administration you will find better books.

In my efforts to get back up to speed on SharePoint technologies I found this book th simply be the best resource. It can be used either as a reference or as a straight read to get up to speed. I read about 85% of the book on a 4 hour flight and it was a Godsend!

ASP.NET 2.0: Your visual blueprint for developing Web applications (Visual Blueprint)

As mentioned in the very harshly rated comments, there were a few typo's in Chapter 17 (14 pages of 782). These are as follows:

Publishing errors:

Page 604 - Xmlns=http://schemas.microsoft.com/sharepoint

Should be: xmlns=http://schemas.microsoft.com/sharepoint

Page 605 - Item 13. Should say ElementsManifest.xml (instead of ElementManifest.xml).

Page 609 - Should say BrandingElementManifest.xml


Two corrections to the batch files:

In FeatureInstaller.cmd, the line: %SPROOT%\bin\STSADM -o activatefeature -name MyFirstFeature -url "%2"

Should have this line after it: goto EndBatch

In FeatureInstaller.cmd, the line: %SPROOT%\bin\STSADM -o activatefeature -name My1stFeature

Should be: %SPROOT%\bin\STSADM -o installfeature -name My1stFeature
and add this line after it: goto EndBatch

The Solution.xml file referred to by the reviewer is not mentioned specifically because a) it is not needed and b) this is a file created by the Windows SharePoint Extensions for Visual Studio used for creating Web Parts and similar solutions using Visual Studio, it is NOT used by this process and is not required.

My appologies on these since all were due to publishing edits and were correct in the original write.

The correct code and this "errata" is located at http://www.mosstcm.com

David Sterling

Wow - finally a practical book that covers SharePoint pretty much end to end and in a way that is understandable! In addition to the what, this covers the why too! The examples are great - I had no problems using any of them. It was a great intro to web parts for me too as I'd not had much experience with them and it was never clear in 2003; not sure what one reviewer had problems with, I had no problems using any of the examples.

The ECM component was outstanding and much clearer to understand than any other's I've read. This is a must have for anyone seriously needing to understand and work with SharePoint!

I was looking for a book that provided both a concise and in depth view into routing. I was surprised to find that this book did not repeat the same thing that everyother book does. His Chapter 1 offers not only the basic facts about routing, but also incorporates his own perceptions which facilitates understanding the subject and the manner in which he explains the topics. The information discussed within the book provides a proper foundation for beginners, and a deeper look into the routing algorithms for advanced engineers.

This book is great! A very thorough explanation of the routing protocols, lots of hints on how to configure those properly, the caveats of certain "typical" configurations, comprehensive research on all kinds of routing loops, you name it! The bridging section is invaluable. While this book is definitely an expert level, yet it you don't need to be one as this book will take you to the expert level should you choose to read it and work through the configurations it offers.

This book is a tough read. The author uses 100 words to explain something that could be done in 25. It takes a simple subject and makes it too complicated to understand. The target audience is advanced users that want in depth information. Not what I would expect from the Little Black Book series. I would stick with Cisco Press on IP routing.

You can't go wrong buying this book! The clear & practical info you learn, if even just a few of it's many (comprehensive) topics will make it worth the [money]. This book is what I had hoped that the Giles ccie book would be. The NAT stuff looks especially good. And the appendices add a few good things. (The CD is useless to anyone who has internet access: just RFCs. They could have at least put a searchable copy of the book on CD, so we don't have to type in all those good IOS command examples!)

=== I wrote the above on 12/6/2000; today 1/8/2002 I just found the book on clearance ... at Microcenter. I'm not sure why; maybe a new edition is comming out. I bot 2 more for friends....

Having read the Doyle's book, "Routing TCP/IP", at least three times over, I was pleasantly surprised to find new insightful concepts and perspectives on the various IP routing protocols in Rudenko's work. Rudenko displays a mastery over the subject matter and offers unique scenarios and examples to illustrate the main points. This 'black book' is more comprehensive than most cisco press books on similar topics, and I would highly recommend this book as an excellent companion to Doyle's book or just by itself!

This was a great book if your implementation of IPSec were to be solely on IPV4, however, there is not one mention of the changes that affect Cisco networks with IPSec such as no support for IPSec in the transport mode etc. If IPv6 is not a concern, this book is the best available.

This book is one of the most comprehensive book that I can use to understand & teach IPSec & even design/deploy IPSec networks.

IPSec VPN Design (ISBN 1587051117) focuses on the design and implementation of IPSec VPNs. The authors consider this the "definitive design and deployment guide for secure virtual private networks." There are many theoretical publications covering the foundations of network security, but VPN security design is especially challenging. There are so many variables that even knowing the theoretical concepts, models, tradeoffs, and scalability, it can still be a daunting task. This book is for the advanced/expert in the network security field.

Because of the advanced topics presented in this guide, considerable network management and/or a network engineer level of experience is needed to use the wealth of information presented by authors Vijay Bollapragada (CCIE), Mohamed Khalid (CCIE), and Scott Wainner. It is expected that the reader will have a working knowledge of IP routing, architectures, WAN technologies, Cisco IOS, and network security. The introductory chapters briefly "review" knowledge that the authors expect users to have which results in getting everyone focused on the starting point of this technical guide.

The concept of network security is not the same in all environments as each VPN will have different connectivity and integration platforms. This guide to designing an IPSec type of VPN is Cisco based. The configuration examples and troubleshooting output are Cisco IOS. Many design principles -efficient, reliable, cost effective, fault-tolerant, and scalable -- have commonality in several environments, but again, all illustrations and examples use Cisco technology. This book does design IPSec VPNs from many perspectives.

The organization of IPSec VPN Design is organized into three units: introduction and concepts; design and deployment; service enhancements. This organizes technical material as it moves from a brief review of technologies that use VPNs, to an overview of IPSec architecture, protocols, components, and concludes by examining advanced issues such as voice, multicast, and network-based VPNs.

As an introduction to this topic, an IPSec VPN is configured and packet processing is explained step-by-step using Cisco IOS. The illustrations and diagrams of the topology, end-to-end packet processing, and configuration command output (from show and debug commands) is very helpful to the reader. IPSec protocols and the differences between tunnel mode and transport mode are described.

After an introduction to authentication and security, the authors move into considerable detail and enhanced features of IPSec, scalability, and fault tolerance with dead peer detection or control plane keepalives. There are always unique challenges to implementing VPNs, and this book gives examples from the authors' experience to handle situations for interaction with NAT (Network Address Translation) or PMTUD (Path Maximum Transmission Unit Detection). To end the introduction/concepts unit, authentication/authorization models for remote access users discusses XAUTH (Extended Authentication) and MODE-CFG (Mode-configuration). Cisco's EzVPN connection model and digital certification conclude this unit. The authors then move to applying these concepts to VPN design.

The design and deployment phase considers hub and spoke architecture, failover, fault tolerance, and alleviation of complexity in large-scale situations using TED (Tunnel End-Point Discovery) and DMVPN (Dynamic Multipoint VPN). Advanced enhancements include quality of service (QoS), interoperability with voice and video, and a new type of VPN service known as the network-based VPN.

Topics move from general introductory concepts (Chapters 1-4) to specific design and deployment (Chapters 5-7), and concludes with advanced/integrated service enhancements (Chapters 8-9). The authors have taken care to explain pros and cons of various designs and give alternatives. The "notes" sections illustrate advantages and disadvantages or add relevant comments from the author's experience. Illustrations are appropriate, easily read, and well-designed. There is an abundance of configuration examples, complete with resulting show and debug output, and all with highlighting to assist the learner. These types of real-world examples are easier to learn from than the traditional technical documentation. The index is complete; there is not a glossary which might have been helpful for some readers.

Throughout this guide, Bollapragada, Khalid, and Wainner have managed to write at a level that is appropriate for an advanced topic while using examples that are easily understood. Some network managers may not actually design an IPSec VPN, but still need to understand the principles of security, be able to communicate with technical support, and work with network engineers and service providers in maintaining/troubleshooting the VPN. Advanced understanding and good troubleshooting skills are contained in this guide.

IPSec VPN Design is a well-written, concise guide to designing VPNs in general and IPSec VPNs specifically. It would be helpful to individuals taking their networking skills to another level or those studying for CCIE or Security certifications. It targets network engineers and network designers working at the corporate level or working for the service provider. Bollapragada, Khalid, and Wainner each brought their expertise and considerable experience into the collaboration while authoring this book.

An excellent book published by Cisco Press, 2005, which deserves a rating of 5 on a 1-5 scale.

If you have fixed sites that you want to be secure, you can link the sites with leased lines and lots of simple security that will work well. But that's an expensive approach.

Further, people in your organization probably travel around and need to access confidential data. How can you lift the firewall for that access and still keep intruders out? It's a harder task.

The presence of moving users means that most secure networks will have some component that's going over the Internet. The Internet is not as secure as leased lines, but it's a lot cheaper. So while you're there, how much else can you do with the Internet?

With IPSec VPN Design, any good network engineer will be in a position to make good choices about architecture, hardware and software.

One of the basic limitations is that encryption ties up a lot of hub space while two sites are connected. The tougher the encryption you use, the more hub space is tied up. You can terminate idle connections faster and free up more space that way. You can also employ simpler means of encryption.

One of the book's great strengths is that it assumes that you know about networks, but not about secure networks. So a neophyte in the area can use this helpful guide. I know, because I'm such a neophyte and the book made great sense to me.

Like all the wonderful Cisco guides, this one is filled with figures to show hardware structures, examples with router and message configurations, and helpful tables that show formats.

Chapter 1 is a brief introduction to VPNs.

Chapter 2 is an overview of IPSec explaining algorithms, digital signatures, security protocols ((transport and tunnel modes, encapsulating security headers and authentication headers), key management and security associations (Diffie-Hellman, IKE and IPSec packet processing).

Chapter 3 looks at more detailed features of IPSec such as IKE keepalives, dead peer detection, idle timeouts, IPSec and fragmentation, and IPSec and GRE).

Chapter 4 is an excellent look at authentication and authorization models.

Chapter 5 examines the pros and cons of different IPSec VPN architectures. I liked this chapter best. The choices are more subtle than you think because you can mix and match bits and pieces of architectures to solve specific problems.

Since so many secure public networks involve applications that can't be down, chapter 6 looks in depth at fault tolerance methods.

Chapter 7 offers some time-saving tips on how to use auto-configuration architectures for site-to-site applications.

Chapter 8 examines application interoperability. I found the sections on mixing voice and data to be especially interesting.

In chapter 9, the book concludes with looking at network-based VPNs.

This book will save anyone examining the feasibility of putting secure data over the Internet a lot of mistakes, time and money.

Get this book today!

IPSec VPN Design is not a bad technical book. It's what I call a "Cool Whip" book. It looks good, but there is little that is useful or original. It claims to be "the definitive design and deployment guide". It is not. Most of the explanations are academic and dry. There are many examples. Some are useful. Some are not. Many are outdated.

My primary complaint is that it does not cover Pix 7.0. This is a huge oversight for a Cisco Press book published in April 2005. There are several important features in 7.0 such as "hairpinning" or the ability for one spoke (or remote access client) to access another spoke in the hub and spoke model. The book states that hairpinning is not possible and most of the designs are based on this premise.

I was also disappointed to find that the book failed to cover ACLs and VPNs. This is an critical topic in VPN design. Too many network administrators simply allow full access of one private network to another using "sysopt connection permit-ipsec" without thinking of the security implications. It many circumstances, it may be more appropriate to disable this command and create explicit access lists for resources accessible via VPN. I would have liked to see some examples using both methods and the trade-offs of each approach.

There were a couple of interesting topic areas covered by the book such as VoIP over VPN. Even though it's short on configuration details or examples, I enjoyed learning about the issues involved.

The book is simply not work the money. If you're new to IPSec or just setting up a basic site-to-site VPN, you'd be better off with a simpler guide. And if you're more sophisticated, you will do better digging up examples with Google, even from Cisco's own website.

I had to cancle the order, because I keeped getting notes that it was on back order when I order it I was told it would be ship in 2 to 4 days

Susan Snedaker has written an excellent text covering almost everything you'll need to know to get and keep your Windows Server 2003 Enterprise up and running. Its called the 'Best Damn Book Period' and after reading some of the others written on the subject, I agree it is the best--especially for the non-MCSE user.
Areas covered include the usual installation/upgrade/implementation information as well as the more complex areas like Active Directory, TCP/IP infrastructure, remote access, and IIS 6.0. Included are lots of step-by step instructions for configurations and applications. The text includes profuse figures of screenshots to help illustrate what the text is talking about and tables of information for the reader's use.
Ms.Snedaker also covers troubleshooting and potential problems in each area of the server system in greater detail than most of the other books I have read on the subject. I like the pick a chapter as you need to approach, and jargonless language descriptions she uses throughout the 974 page text. You can have an IT helper on your bookshelf available 24/7. I give this title a 'must have' rating if you are running WS2003 or are even thinking of running it.

If you are planning to implement a network system based on Windows Server 2003 you will find everything you need in the pages of this book. It covers every topic you need to know to successfully create a secure and efficient Windows server (or at least as secure and efficient as a Windows server can be). The author does assume some basic knowledge of networking and so leaves out a lot of the basics, which is entirely appropriate in a book of this nature. The focus is on the Windows Server 2003 operating system and not on things like using IP addresses to subnet a network.

One of the things that differentiates this book from similar ones is that it is not an attempt to provide the reader with the information to pass some Microsoft exam, but focuses on what an administrator really needs to know to do their job. It is a practical and useful book, not one that will be shelved and not used again after taking some exam.

For such a thorough and practical book that attempts to provide real world knowledge I was surprised that it only has two pages about migrating up to a Windows Server 2003 system. Basically the only thing it mentions about upgrading is to make sure your hardware is on the approved hardware list. Although it is possible that this is the only potential problem in an upgrade experience has taught me that it is highly unlikely. I have never had an operating system version upgrade without some type of surprise. The only other thing that I don't like is the skimpy index given a book of this size. For each chapter there are items that should be in the index but are not.

Other than that, the book is well organized with each chapter containing all the information relevant to s specific task. The advantage here is that you don't have to go searching through five or six different places in the book to gather all the related information to do something - it is all in the appropriate chapter. Again, the focus is on usability and information for real world network operations instead of an exam. Each chapter follows the same basic outline of planning, implementing, and maintaining the chosen topic.

With just short of a thousand pages, "Best Damn Windows Server 2003 Book Period" is a highly recommended book for the person already familiar with computer networking who wants to learn the intricacies of Windows Server 2003. Don't buy it if you want a book to pass an exam, buy it because it will make your job easier, make your system perform the way you want, and provide a useful real-world resource if you have a problem.

From the author: If you're involved in managing a Microsoft Windows Server 2003 network, you need this book. You don't have time to waste reading through arcane tidbits of interesting but useless information. You certainly don't have time to waste reading a book that's been morphed from other versions of Windows. You need something built from the ground up that addresses exactly what you need to know about Windows Server 2003. Period.

The Best Damn Windows Server 2003 Book Period is a comprehensive compilation of everything you need to know about Windows Server 2003. Each chapter stands on its own as a focused reference for specific server information and tasks. We included only the relevant, need-to-know information. Each chapter has screen shots and step-by-step instructions covering critical server tasks as well as pertinent background information. It won't teach you how to convert binary to decimal for IP addressing, but it will show you how to set up DHCP scopes and implement IPv6 on your network. It doesn't explain what a router does, it shows you how to configure routers for secure and efficient network traffic management. From disk and storage management to securing wireless access, this book gets right to the heart of the topics you need to effectively manage your Windows Server 2003 network.

Get this book, keep it handy and refer to it often. Sleep better at night knowing your network is in good hands - yours.

As a long-time user of Microsoft products, I have found the array and depth of the various products overwhelming and needed a comprehensive yet easy to understand presentation of the key parts of these products and how they can be used within a portal implementation. While the code fragments were far too technical for me, the rest of the book was very approachable and well worth the time investment to read. I strongly recommend this for all CIOs or people responsible for technical architecture and direction.

The title mentions portals, intranets and corporate web sites. But the emphasis in the text is clearly on portals. Where perhaps these might be regarded as special types of corporate web sites.

Townsend divides his book into two sections. The first deals mostly at the functional level. By defining what 'portal' means in this book. This functionality also includes the optional but probably preferred offering of a Web Service. He points out that many current portals lack this. Yet it seems the way to go. The promise is that a portal becomes more than just a collection of web pages for manual perusal by the visitor. If you furnish a Web Service, it permits the programmatic aggregation of services, by other entities on the Internet. Townsend devotes some space to showing how this is possible under .NET. Not in the least because Microsoft has standardised on using XML as the lingua franca for formatting data passed between .NET entities on a network.

The second section of the text delves into an implementation of this functionality. It describes the numerous Microsoft offerings, like the Content Management Server or the SQL Server 2000, and how these can be stitched together into a portal. Everything in this section is specific to Microsoft. While the first section can be read as a general description of portals.

While most technology books either pander to Luddite executives or deliver pages of code to professional developers, _Building Portals_ is that rare breed, a tech book with content for managers and architects and developers. Townsend has done a great job capturing the spirit of portals and answering the hardest two questions: "What is a portal" and "What does it do". I passed a dog-earned copy around to some tech-challenged coworkers and it was very well received.

This book explains the concept of portals and how Microsoft enterprise servers handle and implement the features that goes into a portal. The book is written by 3 authors and unfortunately the different writing styles and depth of the subject show.

For example in Chapter 8 Personalization, there is only one page on personalization with Content Management Server. Most of the content in it concentrates on how to do caching in a personalized setting without explaining how to do personalization with CMS in the first place.

In Chapter 5 Portal Framework, it details line by line codes on how to write a portal site in VB.Net. While the code is good, it is too technical compared with the rest of the book. I rather see code snippets on how to build some common components in a portal site instead of a portal application. It is a bit difficult to extract out the code you need as everything is tied together in the architecture. BTW, there is no CD in the book and no hyperlink is mentioned on where to download the source code.

The book has an entire chapter on Content Management Server. It also covers Commerce Server and SharePoint Portal Server quite well and gives a brief overview on BizTalk and InfoPath. I rather see more technical emphasis on how to integrate the different servers than having screenshots of numerous dialogs explaining what each of the fields does.

Finally the book retails at $50 which is far too expensive. It should be around $35 instead.

I received this book as a gift and I had a hard time lying when they asked me a few weeks later if I liked it. It was completely uninformative and written poorly. I was told it got good reviews but I'm not suprised a co-author gave it good reviews.

I used the first Syngress CP NG book a lot last year when I was first getting started, and I don't think I would have survived without it. Now that I've got CP up and running, I wanted to get into more advanced VPN, HA and clustering stuff. I liked the first book so much I figured this book would take me to the next level. I was right! This book goes way beyond anything that's covered in the other books. The chapter on clustering/HA with Check Point and Nokia is worth the price of the book all by itself. If you want to know everything there is to know about Check Point, read this book.

Even as a contributing author for this book I have found it to be an incredible reference for advanced configuration options. NG FP3 incorporated changes in both the naming conventions and operational nuances affecting your environment. Many of these areas are given limited or no coverage as part of Check Point Training for the CCSE or CCSE+ certifications.

I have to agree with a previous reviewer. This book is great, particularly the coverage of VPN installations (two chapters covering pretty much all you need). In addition, chapter 6 (high availability and clustering) was great. Excellent material on SecurePlatform, SmartCenter. If you are running Check Point, you need this book.

Good Bits but does not Hang Together Ablan is obviously a good 'techie' but has problems in communicating his ideas. I do not blame him but the sloppy Editing - Sams should hire a new Editor. Not for those starting off with Java & Inet projects. Typos, the CD has wrong chapters & after a few days gave up in trying to get the JIF examples working. There is no documentation / instructions on how to get it up & running (not in the book/CD). What a waste, as looked quite interesting.

No discussion on Servlets vers Applets et al, or the limitations of doing it his way. Advice to Jerry Ablan: get a new editor, cover Servelets & reissue the book Note to SAMS (you seem to be more interested in $$$$bucks~$$$ for profits, too much sloppy & poor editing,compare that with O'Reilly; if I see book released by you versus O'Reilly - GUESS which pedigree I'll buy !!)

I mean like, this book changed everything. Jerry Ablan is the KING of JAVA. He must have had a lot of it to put together a winner like this! Kudos!

Could provide fully developed ready to use applications complete with pass word, http inclusion and references to primer books on data base and jdbc as prepatory to Intranet Applicatons with Java.

This is one of the few Java books that goes beyond being documentation of the API's to actually showing how you would make some applications. His tools coincide with tools we have made for a real application. This is a Java 1.1 book, but the frameworks and utilities Jerry introduces are very useful.

Although this is a good book with valuable information, I think it is a bit vague and short. A good idea is to get 3 different books on their respective topics. Nessus and snort have nothing to do with eachother and snort is more powerful than Ethereal. Its work buying if you have the money and has some decent tips and tricks.

Are you a network security administrator who has Nessus, Snort and Ethereal up and running? If you are, then this book is for you! Authors Brian Caswell, Gilbert Ramirez, Jay Beale and Noam Rathaus, have done an outstanding job of writing a book that shows you how to customize, code and torque Nessus, Snort and Ethereal to their fullest potential.

Caswell, Ramirez, Beale and Rathaus, begin by covering the inner workings of NASL. Then, the authors shows you how to debug NASLs. They continue by showing you how to use extensions and custom tests. Next, the authors cover Nessus' include files implementation of the SMB protocol, followed by Nessus' include files implementation of Windows-related hotfix and service pack verification. Then, they underline the steps that must be taken so that Nessus can incorporate support for NTLM. They also present several tools to automate and simplify plugin creation. Then, they help readers understand Snort code. The authors continue by showing you how to write your own custom Snort rules. They also show you how to navigate the Snort source tree. Next, the authors show you how to modify the Snort source code to solve an otherwise difficult task. Then, they show you how to enable Ethereal to read from new data sources. They continue by showing you how to program your own protocol dissector, either linked into Ethereal or as a plugin. Finally, the authors show you how to take advantage of Ethereal's that open source programmers have created for collection of dissectors.

The authors of this most excellent book provide the inside scoop on coding the most effective and efficient Snort rules. More importantly, after reading this book, you will be a master at coding your own tools to detect malicious traffic.

I've read and reviewed the three previous books in Jay Beale's Open Source Security Series -- Snort 2.1, Nessus Network Auditing, and Ethereal Packet Sniffing. I liked all three of those books, and I'm glad to say that this fourth book -- Nessus, Snort, and Ethereal Power Tools (NSAEPT), is a worthy continuation of Jay's series. NSAEPT is a unique resource for anyone who wants to extend Nessus, Snort, and Ethereal. The book could save programmers hours of work, and it should be the first step for those looking to contribute to the development of all three projects.

It's unfortunate that an uninformed three star review has been the only commentary on NSAEPT until now. Of course the book is not for beginners! Why write another introductory book, when the three earlier titles serve that role (and more)? NSAEPT is strong precisely because it starts where the other three books end.

I learned quite a bit reading NSAEPT. For example, Part I shared advice on using Nessus to audit hosts directly, by examining Windows registry keys, package databases, or Windows PE files (.exe, .dll) directly. I appreciated the discussion of creating NASL checks that were more protocol-aware (for MySQL) or that could speak NTLM authentication to IIS Web servers. Ch 6 even gave tips on building NASL generators.

Part II, covering Snort, gave better advice on writing Snort rules than what was found in the earlier Snort 2.1 book. I thought this part was the weakest of the three, however. I would have liked to have seen many more examples of using advanced Snort rule options. Table 8.10 should have said that the + flag means "match on the specified flags, and allow any other flags." Also, I thought the author miscommunicated the purpose of the stream4 preprocessor when he mentioned dropping UDP and ICMP traffic. That's an issue when running inline, not passively as most people use Snort.

I really liked Part III, which examined Ethereal. Ch 11 offered great guidance on reverse engineering an unknown trace format, namely iptrace from AIX 3. Ch 12 mentioned an undocumented tethereal flag (-G) that was new to me. I enjoyed learning about tap modules in Ch 13, and I did not know that Ethereal uses the wiretap library to read traces -- not libpcap.

I subtracted one star from my review for a few reasons. First, NSAEPT features some really annoying formatting problems in many of the code listings. Every place the characters "FI" (any case) appear, they are changed into a single nonsensical character. I stopped counting the number of times this happened. For example, where one should read "Filename", we see instead "Xlename". The same seems to have happened with "FL"; e.g., "Flags" becomes "Xags". The reference to libpcap and "Chapter 1" on p 159 should instead point to Ch 11. I thought the inclusion of material from Brian Wotring's Host Integrity Monitoring book as Appendix A was unnecessary. Brian's book is great, but I don't think readers need 30 pages from another title. Is that just padding?

Format-wise, NSAEPT features smaller fonts than one sees in more recent Syngress books. I thought the font was a little small, but in some ways an improvement over the jumbo text seen elsewhere. I also thought the paper used to print NSAEPT was much better than other titles. Compare NSAEPT with another 440 page Syngress book, Securing IM and P2P Applications for the Enterprise, and you'll see the latter book is much thicker.

Overall I recommend NSAEPT to anyone who wishes to do more with Nessus, Snort, or Ethereal. NSAEPT is definitely a book for power users and developers. It's great to see a new book that starts with original material and avoids rehashing what's already been written.

Very in-depth, however, not for someone who is just starting out on Snort, Nessus, or Ethereal. New to Snort, Nessus, or Ethereal - Buy something else. Expert on Snort, Nessus, or Ethereal already? - good book.

If you are a Microsoft shop, this book is *not* for you. The book devotes only one thin chapter to Microsoft technologies, and that chapter is completely dated. I guess I should have figured as much, given that the book was published in 1997. Things have changed a lot with SQL Server 7.0, Office 2000, and Internet Explorer 5.0. A book just like this, except specific to the Microsoft platform and up-to-date, would be invaluable to me, but I'm sending this book back. For Microsoft shops, I recommend Kimball's books and "SQL Server 7 Data Warehousing" by Corey, Abbey, Abramson, Barnes, Taub and Venkitachalam. The latter is the only book I've found that tells you how to use today's Microsoft technologies to implement a data warehouse. It doesn't have quite as much as I'd like that is specific to intranet development, but it's the best book that I've found. Tony Rogers

Rick Tanler's "Intranet Data Warehouse" is well targeted for data warehousing professionals like me: stockpilers of expertise in the DW back-end issues that, up to now, have been critical success factors. We've been procrastinating dealing with the inevitable (and frightening) issues about making the these information services digestible to hundreds/thousands "real" people: casual computer users and other non-technical folks who have absolutely no interest in learning to use specialized OLAP or data mining tools. How can these services be packaged in a way that is gets managers to use them, and how can we as designers and architects engineer systems that address these requirements for extremes of ease of use and mass utilization?

Tanler suggests that its now time to address these issues head on. He introduces the concept of an Intranet Data Warehouse (a concept that has since been widely embraced by the BI community) and has written what many may consider to be the benchmark standard and high level blueprint for the Enterprise Information Portal (EIP).

I'd wholeheartedly recommend this book for data warehousing professionals seeking a view over the horizon to the age of mass utilization of BI tools , and those brave enough to begin to consider the technical implications of providing BI to Everyman.

"The Intranet Data Warehouse" might lead you to believe that this book focuses solely on data warehousing in relation to the web - don't be misled by that title - this book is packed with information covering the full spectrum of issues you want to read about.

Rich covers DW theory, implementation, and practice. The vision he articulates of a corporate "information factory" is perceptive of where DW'ing truly adds business value.

There is also an accessible but thorough discussion of architecture issues, platform pros and cons, and the leading DBMS choices in the market today. There is a particulary good section on the strengths and weaknesses of Red Brick Warehouse, and the special functions it brings to decision support databases.

Best of all, Rich carries forward his vision into a well-defined path to implementation, focused largely on the "big" issues you run into in real-world applications.

Last, he does a terrific job of explaining how to get all that information OUT and make intelligent business use of it.

If you are a Kimball, Inmon, or Hackney book owner, this is an excellent addition to that collection.

Steven Tracy October 1998

This book brought together and clarify many white papers from Microsoft into an working example for SharePoint as a extranet. It was great to see explanations from someone that has successfully created a extranet SharePoint install and documented the pit falls of this process.

What I like about this guide is its direct, how-to approach. It presents a best-practice architecture for an extranet environment using SharePoint 2003, then wastes no time providing the step-by-step instructions for doing so. It's not a huge reference tome - only 212 pages - so there's not a lot of wasted prose. Just presecriptions and good example code. If you're looking for quick answers to setting up a secure intranet with SharePoint 2003, this is a good book to check out.