BKVRPRNT.RVW 980524 "Virtual Private Networks", Charlie Scott/Paul Wolfe/Mike Erwin, 1998, 1-56592-319-7, U$29.95/C$42.95 %A Charlie Scott %A Paul Wolfe %A Mike Erwin %C 103 Morris Street, Suite A, Sebastopol, CA 95472 %D 1998 %G 1-56592-319-7 %I O'Reilly & Associates, Inc. %O U$29.95/C$42.95 800-998-9938 fax: 707-829-0104 nuts@ora.com %P 200 p. %T "Virtual Private Networks" Large corporations can afford to set up high bandwidth communications links between local, national, and even international offices, as well as hiring the staff necessary to manage major networks. This keeps internal information (relatively) secure. Small to mid-sized companies can't afford this infrastructure, and so must use the links of the public networks, such as the Internet. However, there are ways of using public networks while still keeping communications private. Chapter one looks at the needs (both economic and security related) for a virtual private network (VPN), and the basic technologies used to provide for those needs. Some of these technologies are expanded upon in chapter two. The discussion of cryptography is fairly minimal (not really covering, for example, key management issues) but the descriptions of different types of firewalls is excellent. The VPN is compared against Wide Area Network (WAN) and remote access options for a variety of company sizes and scenarios in chapter three. Chapter four outlines a case study for a medium sized business designing a VPN. The specifics of VPN technologies start in chapter five with an examination of the Point to Point Tunneling Protocol (PPTP). Various details of PPTP are given, but the explanation of connections over the Internet are not well presented. Chapter six walks the reader through PPTP configuration for a Windows NT RAS server as well as NT and Windows 95 clients, and the Ascend MAX 4004 switch. The AltaVista Tunnel is described, with advantages, disadvantages, and an enormous variety of configuration options, in chapter seven. Actual configuration is covered in chapter eight, along with troubleshooting and management information. Conceptually the same, operation of the Cisco PIX Firewall is different because of its hardware basis, examined in chapter nine. The maintenance and management of a VPN can have the complexity and problems of remote access, a WAN, and an ISP (Internet Service Provider). Chapter ten is brief, but does point out a number of the more serious issues to consider. Appendix A looks at some emerging technologies that may bear on VPNs. While the material is not exhaustive, this book does provide a clear overview of the issues to be dealt with in setting up a virtual private network. copyright Robert M. Slade, 1998 BKVRPRNT.RVW 980524