If you are going to buy one book on Windows security this year, look no further. Protect Your Windows Network: From Perimeter To Data is full of valuable information written by two experts with years of real-world experience. It is the book for Windows administrators looking to protect their networks!

This book is not your typical "hardening" guide full of step-by-step tutorials and registry tweaks for you to follow. In reality, these tweaks usually break things and because every network is different, they don't always apply. This book takes a different approach and is written in a relaxed tone and often feels like you are having a discussion with the authors rather than reading a book. The book begins with a basic introduction network attacks, and disects an attack based on common SQL Injection type attacks.

From there the book begins discussing the how's and why's of network security before moving into a great chapter on patch management. It goes on to cover everything from creating security policies, educating users, before jumping into the first line of defense, aka perimeter security. From there the book works its way "inside" through the inside of the perimeter, to hosts, applications and finally data. Appendix A is a funny look at how to get your network hacked, unfortunately some of the ways listed are all to common! The book contains 17 chapters split into 7 sections and each chapter ends with a discussion on what you can do now in order to reduce the chances of attack. Notice I did not say prevent attacks? The authors make it very clear that it is impossible to completely, 100% secure a network, any network. They dos give pratical solutions that are easy to understand with plenty of examples. There are plenty of times where you will come across a paragraph or a statement which will make you say "That ain't right!" but when you read the explanations, and sit back to soak it all in, it makes perfect sense.

I can't tell you how many security myths this book debunks including some on commonly used password policies. The book is written by Jesper M. Johansson, the Senior Program Manager for Security Policy at Microsoft, and Steve Riley who is Microsoft's Senior Program Manager for the Security Business and Technology unit. What is interesting is even though both authors work for Microsoft, they decided not to have the book published with MS Press. This allows them to say what they really want to say without worrying about towing the corporate line. The only downside, and this is really a personal preference thing, is the book is mostly text and I find some things could have been better explained with a few images. But hey, if you read this site, you know what I think of screenshots!!!

The book is a must read for everyone administering a Windows network, but don't let that scare off the Linux admin in you. Most of the information is directed at Windows but the concepts apply to all operating systems. The book also contains a CD with some useful tools for removing public permissions from SQL and a wicked password generator. Finally the book is followed up with a website, ProtectYourWindowsNetwork.com, with updates, errata and a download section with some of the tools from the CD.