From the book lists at Adware Report:

All information current as of 13:59:36 Pacific Time, Monday, 21 February 2005.

Virtual Private Networks: Technologies and Solutions

   by Ruixi Yuan / W. Timothy Strayer

    Addison-Wesley Professional
    20 April, 2001


   Usually ships in 24 hours

Click the button below to . . .

(which will add the book to your Amazon U.S.A. "Shopping Cart")

. . . or use your browser's Back button to return to the search-list page.

Editorial description(s):
Virtual Private Networks (VPNs) take advantage of the Internet's low-cost data communications capabilities by sending network traffic (internal network traffic, of the sort traditionally sent over private data links) through the public data cloud. The money savings, however, comes with the need to make sure that the potentially sensitive information is properly protected during its trip through open channels. Virtual Private Networks: Technologies and Solutions examines this engineering challenge in heavily researched and thickly referenced detail, providing network architects with tons of information about the problems that exist, the technologies that have been developed to solve those problems, and the products vendors offer to implement those technologies.

Authors Ruixi Yuan and Timothy Strayer take a scholarly approach: Each topic is introduced, and new terms described, as the functions of each piece in VPN systems are explained. Books and papers relevant to the topic are referenced frequently, along with standards documents, and the book uses pseudocode and mathematical expressions to explain encryption and authentication. If you study the book--along with the other publications-carefully, you'll be rewarded with a deep understanding of how to build a good VPN. --David Wall

Topics covered: The state of the art in virtual private networks (VPNs), with special coverage of tunneling (via PPTP, L2F, L2TP, IPsec, and MPLS), the IPsec protocol, authentication, public key infrastructure (PKI), gateways, and clients. VPNs for static links as well as for remote access solutions are covered.

From Book News, Inc.
This guide presents the various technology components, concrete solutions, and best practices you need to deploy and manage a highly successful virtual private network (VPN). Yuan (researcher focusing on high-speed networking and security) and Strayer (scientist and VPN researcher) present 12 chapters that overview fundamental VPN concepts and architectures and examine advanced features and functions such as tunneling, authentication, access control, and VPN gateways, clients, and network and service management. They conclude with a look at the future of VPNs that examines such issues as security and quality of service. VPN scenarios demonstrate how to put the described techniques and technologies to work in a real-world situation.Copyright © 2004 Book News, Inc., Portland, OR

Book Info
(Pearson Education) An overview of the fundamental concepts and architectures of virtual private networks, with an in-depth examination of advanced features and functions. Also contains a forward look at the future of virtual private networks that examines issues such as security and quality of service. DLC: Extranets (Computer networks).

From the Back Cover
Virtual private networks have become an essential part of today's business networks, as they provide a cost-effective means of assuring private internal and external communications over the shared Internet infrastructure. Virtual Private Networks: Technologies and Solutions is a comprehensive, practical guide to VPNs. This book presents the various technology components, concrete solutions, and best practices you need to deploy and manage a highly successful VPN.

Readers will find an overview of fundamental VPN concepts and architectures, followed by an in-depth examination of advanced features and functions such as tunneling, authentication, access control, VPN gateways, VPN clients, and VPN network and service management. Specific topics covered include:

The book concludes with a forward look at the future of VPNs that examines such issues as security and quality of service (QoS). VPN scenarios throughout the book demonstrate how to put the described techniques and technologies to work in a real-world Virtual Private Network.


About the Author
Ruixi Yuan is a network researcher focusing on high-speed networking and security. He was the architect of Genuity's VPN Advantage Service and served as its product manager. In addition, he has conducted research and development in computer and communication networks at NEC, GTE Laboratories, and BBN Technologies. W. Timothy Strayer is a senior scientist at BBN Technologies where he conducts research on network protocols, routing infrastructures, computer security, and network management and monitoring systems for VPNs. Prior to BBN, he was a senior network researcher at Sandia National Laboratories. He co-authored the book, XTP: The Xpress Transfer Protocol (Addison-Wesley, 1992).


Excerpt. © Reprinted by permission. All rights reserved.

The Internet has been around in one form or anotherfor more than three decades now, but it really has been since the middleof the 1990s that the use of the Internet became a daily part of people'slives. Connectivity to the Internet is now imperative for almost all companies,regardless of what their business really is. Individuals can find Internetaccess at school, work, and home, in cafés and kiosks, and in cellphones and PDAs. Staying connected has become an obsession.

The focus has shifted from being connected to being securelyconnected. It is one thing to have Internet access, but without security,the usefulness of the connectivity is rather limited. People want to havethe reach of the Internet, but they should not have to compromise theirprivacy or expose proprietary resources.

Fortunately, all of the ingredients are present for constructinga private network on top of a public one. The challenge comes in puttingthe technologies together so that the result is a viable and secure virtualprivate network.

This book provides a comprehensive guide to the technologiesused to enable VPNs, the VPN products built from these technologies, andthe combinations of various components to provide practical VPN solutions.

VPN technologies and solutions are still rapidly evolving.This book describes the current state of the art in this field. But thingschange quickly, so when appropriate, we have attempted to point out thecontinued effort in the industry to develop new technologies and solutions.


This book is intended for a broad range of readers interestedin virtual private networks.

For network engineers and managers, this book serves asa practical guide to the technologies and solutions. It discusses issuesto be considered in designing and implementing a VPN.

For VPN software and hardware developers, it provides the necessary background material to understand the functions to be developed and the rationale behind them.

For IT managers and executives, this book sets the overallcontext of VPNs and provides the means for assessing various implementationsfrom equipment vendors and service offerings from service providers.

For students and educators, this book can be used as areference text for a course in network security or electronic commerce.

Book Organization

This book is organized in three parts. Part I--VPN Fundamentals--consistsof three chapters: Introduction, Basic Concepts, and VPN Architectures.Chapter 1 introduces the concept of VPN and how it permits flexibilityin facilitating private communication in a public network. We also classifythe relevant technologies into four distinct categories. Chapter 2 setsVPNs in context by briefly reviewing the development of the Internet andhow security has been thrust to the forefront. It also reviews the basicIP networking and cryptography concepts that pertain to VPNs. Chapter 3presents VPN architectures in two ways. The first approach is based ondesigning VPN around practical networking solutions: site-to-site intranet,extranet, and remote access. The second approach focuses on the differenttraffic aggregation points where security services are applied.

Part II--VPN Technologies--consists of five chapters:Tunnels, IPsec, Authentication, Public Key Infrastructure, and Access Control.Chapter 4 is concerned with the most important technology category--tunneling.We investigate the many different tunneling technologies that are importantin VPN solutions. Chapter 5 concentrates on IPsec, the security protocolfor IP standardized by the IETF and, in our opinion, the VPN tunnelingtechnology that will be most prevalent going forward. Chapter 6 describesauthentication in a broad context first a nd then describes the varioustwo-party and three-party schemes that widely applied in networking. Themost important three-party scheme--PKI--is then presented in Chapter 7.In Chapter 8, we look at access control technologies, an often overlookedbut vital aspect of VPNs. We describe how access policies can be presented,managed, and enforced in a networked environment.

Part III--VPN Solutions--consists of four chapters: VPNGateways, VPN Clients, VPN Network and Service Management, and VPN Directions:Beyond Connectivity. This part describes how the various technology componentscan be assembled to create practical VPN solutions. Chapter 9 starts withthe roles played by a VPN gateway, then derives the requirements imposedon the gateway, and finally describes the various functions that shouldbe implemented. It also presents a concrete design example. Chapter 10details the many issues of VPN clients, some similar to VPN gateways andsome different. Chapter 11 presents the needs and approaches for performingcontinued management of VPNs from the viewpoints of both a network anda service. Finally, we discuss the future directions of VPNs in Chapter12 and how important it is to realize that networking is the means, notthe goal, and to look beyond simple connectivity in the networking arena.

How to Read the Book

There are two ways to read this book. For novices, werecommend completing Part I before proceeding to either Part II or PartIII. For readers already knowledgeable in networking and security, eachchapter is self-contained and can be read separately.

Readers are encouraged to read Chapters 4 and 5 togetherto obtain a fuller grasp on the concept of tunneling and IPsec as a layer-threetunneling technology. Similarly, Chapters 6 and 7 deal with authentication,with Chapter 7 exploring public key infrastructures in detail. It is alsoa good idea to review how a certain technology is introduced in Part IIbefore seeing how it is applied to a VPN solution in Part III.

Ruixi Yuan
Tim Strayer

Boston, Massachusetts
March 2001


Reader review(s):

Clearly written book on underlying technologies for VPNs, June 12, 2001
This book is a great starting point for understanding the business reasons for implementing VPNs and the underlying technology. Although the book gets moderately technical it is written in such a manner that it can be understood by business process owners who have exposure to technology, as well as IT professionals who need to understand the network and security aspects of virtual private networks.

The focus of the book is the underlying technologies more than VPN solutions, and the emphasis is on VPN security infrastructure and services. Part I covers what VPNs are, how they can be employed as solutions to business requirements, and a basic overview of the concepts and technologies. I like the clear way the authors present this material, and the fact that it is completely accessible to non-technical readers.

Part II delves deeper into each facet of the underlying technology, covering the major topics: tunneling, IPsec, authentication, PKI, and access control. This part of the book will quickly get a network specialist up-to-speed on security services provided by VPNs, and goes deep enough to give a clear understanding of the security infrastructure in language that a network specialist will be comfortable with. It is also an excellent resource for system architects who need to see the big picture and fully understand how this technology set fits into an coherent architecture. It is especially valuable to architects and IS/IT professionals from other technical domains who are working in the health care industry because the infrastructure and services discussed are directly applicable to HIPAA requirements.

VPN solutions discussed in Part III is a wide survey of the components needed to implement a VPN. The chapter on VPN clients is must reading for anyone who is designing or implementing a VPN solution, as is the chapter on network and service management. Both of these chapters address issues that I have not come across in other books. For example, some of the issues with MS Windows VPN clients are potential "gotchas" that you need to be aware of in order to implement a completely secure (and supportable) VPN.

Overall: this book provides a high-level view with enough technical detail to give you a good understanding of the capabilities and limitations of virtual private networks. The writing is clear and readable, and the book is amply illustrated. Moreover, both authors work for BBN, which has been a key force in the evolution of the Internet for over 30 years the book has an air of authority and credibility that is rare in other books of this genre. I give it five stars for explaining a complex technology and for never losing sight of the business reasons for a VPN.

Not "Virtual Private Networks Illustrated," but still useful, September 23, 2001
I am a senior engineer for network security operations who uses a VPN every day. I read "Virtual Private Networks: Technologies and Solutions" (VPN:TS) to gain a better understanding of this key component of modern networking. While VPN:TS is not the VPN equivalent of Rich Stevens' "TCP/IP Illustrated," it's the best general-purpose VPN book I've read.

Thanks to the book's logical arrangement, precise wording, and short length (281 pages of text), VPN:TS is a fast read. (I finished it in a little more than one day.) It offers clear diagrams of various architectures and protocol headers. VPN:TS is technology neutral, preferring to describe principles and protocols instead of products. Consequently, those looking for a how-to manual for configuring Cisco router or Checkpoint Firewall-based VPNs should look elsewhere. I welcomed this approach, since I have no need for information on popular VPN implementations!

VPN:TS struck me as more than a book about virtual private networks. Because little time was spent elaborating product configurations, the authors discussed related networking topics. These included chapters on cryptography, authentication, PKI, access control, and network management. VPN:TS also describes the relationship between Multiprotocol Label Switching (MPLS) and Quality of Service (QoS). Readers familiar with all of these topics might not appreciate this material, but I enjoyed it.

I was disappointed that VPN:TS did not offer any traces to demonstrate various protocols in action. I believe the authors should have demonstrated building a sample VPN solution, complete with example configuration files and installation steps. An open source project like Linux FreeS/WAN or BSD KAME would have been ideal. This demonstration would have allowed discussions of troubleshooting common client/server obstacles.

VPN:TS is not the sort of reference book to place next to your router, firewall, or laptop. It's best suited to learning general VPN design and deployment. Those seeking technical implementation details will have to look elsewhere. Those who want to learn the role of VPNs in the wider networking realm will appreciate VPN:TS.

(Disclaimer: I received a free review copy from the publisher.)

Excellent VPN reference..., August 24, 2001
This book gets my nod as one of the best VPN books currently available. Most of the early VPN books have been awful, written totally from the business perspective -- i.e., why I need a VPN, or why VPNs are good. These author have apparently actually built some VPNs and write for someone who actually needs to build a VPN. Here, a reader can acquire an understanding and appreciation of such issues as products; protocols; the relationship between VPN tunnels, IPsec, and NAT; the relationship between the VPN server and firewall; etc., etc. I give this book my highest recommendation -- namely, I would spend my own money on this book!

clearly written, August 10, 2001
The strength of this book is its clarity, which is achieved through topic selection, proper organization of topics, and different explanation of key concepts according to context. Coverage is wide. Meant for those who know networking and either want to learn about or implement VPNs. Btw the book is in English.

{end of page}

(Page code from the SEO Tools, Toys, and Packages site)