Cengage Learning

Higher Education

Guide to Firewalls and VPNs, 3rd Edition

  • Michael E. Whitman - Ph. D., CISM, CISSP Michael J. Coles College of Business, Kennesaw State University
  • Herbert J. Mattord - MBA, CISM, CISSP Michael J. Coles College of Business, Kennesaw State University
  • Andrew Green, M.S.I.S Kennesaw State University
  • ISBN-10: 1111135398  |  ISBN-13: 9781111135393
  • 368 Pages
  • Previous Editions: 2009, 2004
  • © 2012 | Published
  • College Bookstore Wholesale Price = $144.75
  *Why an online review copy?
  • It's the greener, leaner way to review! An online copy cuts down on paper and on time. Reduce the wait (and the weight) of printed texts. Your online copy arrives instantly, and you can review it anytime from your computer or favorite mobile device.

If you prefer a print copy to review, please contact your representative.



Firewalls are among the best-known network security tools in use today, and their critical role in information security continues to grow. However, firewalls are most effective when backed by thoughtful security planning, well-designed security policies, and integrated support from anti-virus software, intrusion detection systems, and related tools. GUIDE TO FIREWALLS AND VPNs, THIRD EDITION explores firewalls in the context of these critical elements, providing an in-depth guide that focuses on both managerial and technical aspects of security. Coverage includes packet filtering, authentication, proxy servers, encryption, bastion hosts, virtual private networks (VPNs), log file maintenance, and intrusion detection systems. The text also features an abundant selection of realistic projects and cases incorporating cutting-edge technology and current trends, giving students the opportunity to hone and apply the knowledge and skills they will need as working professionals. GUIDE TO FIREWALLS AND VPNs includes new and updated cases and projects, enhanced coverage of network security and VPNs, and information on relevant National Institute of Standards and Technology guidelines used by businesses and information technology professionals.

Features and Benefits

  • "Chapter Scenario" features open each chapter with a short vignette featuring a fictional company and the information security issues it faces, providing a practical context for the concepts students will soon learn.
  • "Offline" and "Technical Details" features interspersed throughout the text present interesting topics and provide additional detail on key technical issues, allowing students to broaden and deepen their knowledge.
  • Engaging exercises related to each chapter encourage students to research, analyze, and write responses to questions designed to reinforce learning objectives and enhance comprehension.
  • Special "Tips" highlighted throughout the text offer practical, hands-on advice and techniques for handling real-world problems, giving students valuable preparation for situations they are likely to encounter in the workplace.

Table of Contents

1. Introduction to Information Security.
2. Network Security Policies and Standards.
3. Authenticating Users.
Case Projects.
4. Introduction to Firewalls.
5. Packet Filtering.
6. Firewall Configuration and Administration.
7. Working with Proxy Servers and Application-Level Firewalls.
8. Selecting and Implementing the Firewall.
Part III: VPNs.
9. Encryption and Firewalls.
10. Setting Up a Virtual Private Network.

What's New

  • The Third Edition features a broader scope of coverage that includes a strong emphasis on hands-on applications of key concepts, provides practical tips and recommendations where appropriate, and covers recent innovations in technology and current methodologies being used by IT professionals today.
  • The new edition incorporates the latest guidelines and best practices established by the National Institute of Standards and Technology, enabling students to build familiarity with industry standards used by businesses and professionals nationwide when installing and configuring firewalls.
  • Increased focus on firewalls allows for a more streamlined structure, logically adding useful new material on security planning and policy, intrusion detection, VPNs, and related topics.
  • The text now includes separate sections on firewalls and VPNs to allow students to explore each topic in depth, from fundamental theory to sophisticated real-world applications. To complement this focused approach, coverage of each topic clearly highlights connections to other relevant material in the text.
  • New Hands-On Lab Projects provide exercises on how to specify, configure, and maintain firewalls. Case Exercises reinforce concepts and tie back to the labs using practical, real-world scenarios so students can explore different facets of network security from initial configuration to ongoing maintenance.

Meet the Author

Author Bio

Michael E. Whitman - Ph. D., CISM, CISSP

Michael Whitman, Ph.D., CISM, CISSP, is a professor of information systems and security in the CSIS department at Kennesaw State University, where he also serves as director of the KSU Center for Information Security Education and coordinator for the Bachelor of Science in Information Security and Assurance program. Dr. Whitman is an active researcher in information security, fair and responsible use policies, ethical computing, and information systems research methods. He currently teaches graduate and undergraduate courses in information security and data communications and is an active member of the Computer Security Institute, the Information Systems Security Association, the Georgia Electronic Commerce Association’s Information Security Working Group, the Association for Computing Machinery, and the Association for Information Systems. Dr. Whitman has published articles in the industry’s top journals and co-authored a number of books in the field published by Course Technology.

Herbert J. Mattord - MBA, CISM, CISSP

Herbert Mattord, M.B.A., CISM, CISSP, gained 24 years of IT industry experience as an application developer, database administrator, project manager, and information security practitioner before joining the faculty at Kennesaw State University in 2002. During his career as an IT practitioner, Mattord served as manager of corporate information technology security at Georgia-Pacific Corporation, where he acquired much of the practical knowledge presented in this textbook. He currently teaches undergraduate courses in information security, data communications, local area networks, database technology, project management, and systems analysis and design. Mattord also serves as coordinator for the Bachelor of Business Administration and Certificate in Information Security and Assurance programs, as well as operations manager of the KSU Center for Information Security Education and Awareness. Mattord is the co-author of several books published by Course Technology and is an active researcher in information security management topics.

Andrew Green, M.S.I.S

Andrew Green has been involved in information security for nine years, offering consulting services that focus primarily on the needs of small and medium-sized businesses. Prior to becoming a full-time information security consultant, Mr. Green worked in the health care IT field, where he developed and supported transcription interfaces for medical facilities throughout the United States. In addition to his consulting work, Mr. Green is faculty member at Kennesaw State University, where he teaches classes in information security, database management, and Web development.