*vBulletin FAQ* The website where you learn about vBulletin Forums
Home		Download vBulletin		vBulletin FAQ Forums	vBulletin Related Sites	Contact Us

Welcome to vBulletin FAQ

vBulletin FAQ Navigation

Getting Started

Customizing your vBulletin

Search Engines & SEO

Making Money with a Forum

Promoting your Community

Get your own vBulletin Today

Webmaster Help

Security Threat Mitigation and Response: Understanding Cisco Security MARS (Networking Technology)

vBulletin Book Store > vBulletin books beginning with S

	Security Threat Mitigation and Response: Understanding Cisco Security MARS (Networking Technology)
	Author: Dale Tesch Published: 2006-10-08
	List price: $55.00 Our price: $44.41	Usually ships in 24 hours As of: November 20th, 2008 03:06:38 PM

Customer comments on this selection. An irritating book if you already have an infosec background We got a MARS box at my work, so I grabbed this book to get up to snuff. It was a very annoying and frustrating book. The first 1/3 of the book seemed to be semi-marketing fluff, and actually prompted me to note "hahaha" in one of the margins. In about a decade of working through technical books, and a BA in political science (which led me to read some seriously pompous material), I've NEVER DONE THAT.* br / br /Overall I didn't find the book that helpful. If you are fairly new to infosec (I'm not condescending here, everyone was once new at everything) it might have enough new information hidden amongst the MBA-speak to keep your attention, but I found myself skimming a lot, and eventually just tossed the book aside. br / br /On the bright side you can occasionally find useful material in it as a reference book. Since it's light on technical information for it's weight, don't count on that too much, but it's not totally useless. For example I was able to find MARS' place in our infrastructure in regards to Netflow with this book, (MARS as a collector is security-focused, and not a proper primary collector for traffic engineering, which makes complete sense), but to set it up accordingly I had to google around and eventually found a really good MARS blog. br / br /So I'd say that if you have a MARS box, get your work to buy you this book because it will occasionally be handy, maybe shaving a few minutes off of a google session. If I was paying I would skip it. br / br /* The line that prompted me to actually burst into laughter actually claimed that a specific set of practices surrounding the MARS box made it impenetrable. If I had the book at home right now I would quote it, so readers could recall the Oracle "unbreakable" debacle and smile. Good for starters... This book is OK if your a starter with the MARS product. I found the book to be interesting, though they could have gone into more customization and devices that are not natively supported by the MARS appliance. br / br /On the good side, its somewhat better than the useless and incomplete pamphlet that comes with the MARS appliance. br / br /But I think the price is a bit high for what your getting. Understanding the Cisco MARS Appliance The Cisco MARS (Monitoring, Analysis, and Response System) is a network appliance that fits on your network to provide the best possible network security. br / br /The biggest failure with MARS is that many companies plug it in, use it's standard protocols and tests and then find that their network has been compromised. br / br /To get the most effective use out of MARS it must be actively managed. And that is the function of this book. It covers how to understand the problem, how to configure and deploy your MARS appliance as well as how the MARS works from a technical and procedural standpoint. The book is intended for professional security/network/management engineers/analysts/responders/administrators. It can be read at a level of using it to understand your system up to the actual hands-on set-up and use of the MARS appliance. br / br /This book is, of course, heavily oriented to the Cisco security approach, however as this is one of the most common systems used in large networks this is not bad. It is a fairly introductory level book intended for use at an operational level by the individuals in charge of your sizes. Too Much Filler Very Little Substance 2/3 of this book is filler material - the 1st 3 chapters gives general overviews about STM, the Appendix is like the last 25% of the book. Absolutely zero coverage on how to implement custom parser functionality (needed if you have a device that doesn't have built-in support under MARS). Useful only as a basic starting point reference, but not worth the price tag. Indicates that another book on MARS will be produced - maybe that is why the content has been watered down.
Our vBulletin book picks:
PM FASTrack: PMP Exam Simulation Software, Version 5 Implementing Google's Search Engine in Your ASP.NET Application Microsoft® SQL Server(TM) 2005 Reporting Services Step by Step (Step by Step (Microsoft)) jQuery in Action Car Safety Guide - A Guide to Preventing Car Theft and Vandalism

Find more vBulletin related products of interest.