Higher Education

Guide to Firewalls and VPNs, 3rd Edition

  • Michael E. Whitman Michael J. Coles College of Business, Kennesaw State University
  • Herbert J. Mattord Michael J. Coles College of Business, Kennesaw State University
  • Andrew Green, M.S.I.S Kennesaw State University
  • ISBN-10: 1111135398  |  ISBN-13: 9781111135393
  • 368 Pages
  • © 2012 | Published
  • College Bookstore Wholesale Price = $163.00
  *Why an online review copy?
  • It's the greener, leaner way to review! An online copy cuts down on paper and on time. Reduce the wait (and the weight) of printed texts. Your online copy arrives instantly, and you can review it anytime from your computer or favorite mobile device.

If you prefer a print copy to review, please contact your representative.



Firewalls are among the best-known network security tools in use today, and their critical role in information security continues to grow. However, firewalls are most effective when backed by thoughtful security planning, well-designed security policies, and integrated support from anti-virus software, intrusion detection systems, and related tools. GUIDE TO FIREWALLS AND VPNs, THIRD EDITION explores firewalls in the context of these critical elements, providing an in-depth guide that focuses on both managerial and technical aspects of security. Coverage includes packet filtering, authentication, proxy servers, encryption, bastion hosts, virtual private networks (VPNs), log file maintenance, and intrusion detection systems. The text also features an abundant selection of realistic projects and cases incorporating cutting-edge technology and current trends, giving students the opportunity to hone and apply the knowledge and skills they will need as working professionals. GUIDE TO FIREWALLS AND VPNs includes new and updated cases and projects, enhanced coverage of network security and VPNs, and information on relevant National Institute of Standards and Technology guidelines used by businesses and information technology professionals.

Features and Benefits

  • "Chapter Scenario" features open each chapter with a short vignette featuring a fictional company and the information security issues it faces, providing a practical context for the concepts students will soon learn.
  • "Offline" and "Technical Details" features interspersed throughout the text present interesting topics and provide additional detail on key technical issues, allowing students to broaden and deepen their knowledge.
  • Engaging exercises related to each chapter encourage students to research, analyze, and write responses to questions designed to reinforce learning objectives and enhance comprehension.
  • Special "Tips" highlighted throughout the text offer practical, hands-on advice and techniques for handling real-world problems, giving students valuable preparation for situations they are likely to encounter in the workplace.

Table of Contents

1. Introduction to Information Security.
2. Network Security Policies and Standards.
3. Authenticating Users.
Case Projects.
4. Introduction to Firewalls.
5. Packet Filtering.
6. Firewall Configuration and Administration.
7. Working with Proxy Servers and Application-Level Firewalls.
8. Selecting and Implementing the Firewall.
Part III: VPNs.
9. Encryption and Firewalls.
10. Setting Up a Virtual Private Network.

What's New

  • The Third Edition features a broader scope of coverage that includes a strong emphasis on hands-on applications of key concepts, provides practical tips and recommendations where appropriate, and covers recent innovations in technology and current methodologies being used by IT professionals today.
  • The new edition incorporates the latest guidelines and best practices established by the National Institute of Standards and Technology, enabling students to build familiarity with industry standards used by businesses and professionals nationwide when installing and configuring firewalls.
  • Increased focus on firewalls allows for a more streamlined structure, logically adding useful new material on security planning and policy, intrusion detection, VPNs, and related topics.
  • The text now includes separate sections on firewalls and VPNs to allow students to explore each topic in depth, from fundamental theory to sophisticated real-world applications. To complement this focused approach, coverage of each topic clearly highlights connections to other relevant material in the text.
  • New Hands-On Lab Projects provide exercises on how to specify, configure, and maintain firewalls. Case Exercises reinforce concepts and tie back to the labs using practical, real-world scenarios so students can explore different facets of network security from initial configuration to ongoing maintenance.

Meet the Author

Author Bio

Michael E. Whitman

Michael Whitman, Ph.D., CISM, CISSP, is Professor of Information Security at Kennesaw State University, Kennesaw, Georgia. He also serves as the Executive Director of the Center for Information Security Education, Coles College of Business. In 2004, 2007, 2012 and 2015, under his direction the Center for Information Security Education spearheaded KSU’s successful bid for the prestigious National Center of Academic Excellence recognitions (CAE/IAE and CAE IA/CDE), awarded jointly by the Department of Homeland Security and the National Security Agency. Dr. Whitman is also the Editor-in-Chief of the Journal of Cybersecurity Education, Research and Practice, and is Director of the Southeast Collegiate Cyber Defense Competition. Dr. Whitman is an active researcher and author in Information Security Policy, Threats, Curriculum Development, and Ethical Computing. He currently teaches graduate and undergraduate courses in Information Security. Dr. Whitman has several information security textbooks currently in print, including PRINCIPLES OF INFORMATION SECURITY; MANAGEMENT OF INFORMATION SECURITY; READINGS AND CASES IN THE MANAGEMENT OF INFORMATION SECURITY, VOLUMES I AND II; THE HANDS-ON INFORMATION SECURITY LAB MANUAL; PRINCIPLES OF INCIDENT RESPONSE AND DISASTER RECOVERY; and THE GUIDE TO NETWORK SECURITY AND THE GUIDE TO FIREWALLS AND NETWORK SECURITY. He has published articles in Information Systems Research, the Communications of the ACM, the Journal of International Business Studies, Information and Management, and the Journal of Computer Information Systems. Dr. Whitman is a member of the Association for Computing Machinery, the Information Systems Security Association, ISACA and the Association for Information Systems. Previously, Dr. Whitman served the U.S. Army as an Automated Data Processing System Security Officer (ADPSSO).

Herbert J. Mattord

Herbert Mattord, Ph.D., CISM, CISSP, completed 24 years of IT industry experience as an application developer, database administrator, project manager, and information security practitioner before joining the faculty at Kennesaw State University, where he is Assistant Chair of the Department of Information Systems and Associate Professor of Information Security and Assurance program. Dr. Mattord currently teaches graduate and undergraduate courses in Information Security and Assurance as well as Information Systems. He and Michael Whitman have authored PRINCIPLES OF INFORMATION SECURITY, MANAGEMENT OF INFORMATION SECURITY, READINGS AND CASES IN THE MANAGEMENT OF INFORMATION SECURITY, PRINCIPLES OF INCIDENT RESPONSE AND DISASTER RECOVERY, THE GUIDE TO NETWORK SECURITY, and THE HANDS-ON INFORMATION SECURITY LAB MANUAL, Dr. Mattord is an active researcher, author, and consultant in Information Security Management and related topics. He has published articles in the Information Resources Management Journal, Journal of Information Security Education, the Journal of Executive Education, and the International Journal of Interdisciplinary Telecommunications and Networking. Dr. Mattord is a member of the Information Systems Security Association, ISACA, and the Association for Information Systems. During his career as an IT practitioner, Dr. Mattord was an adjunct professor at Kennesaw State University, Southern Polytechnic State University in Marietta, Georgia, Austin Community College in Austin, Texas, and Texas State University: San Marcos. He was formerly the Manager of Corporate Information Technology Security at Georgia-Pacific Corporation, where he acquired much of the practical knowledge found in this and his other textbooks.

Andrew Green, M.S.I.S

Andrew Green has been involved in information security for nine years, offering consulting services that focus primarily on the needs of small and medium-sized businesses. Prior to becoming a full-time information security consultant, Mr. Green worked in the health care IT field, where he developed and supported transcription interfaces for medical facilities throughout the United States. In addition to his consulting work, Mr. Green is faculty member at Kennesaw State University, where he teaches classes in information security, database management, and Web development.