Virtual Private Networks

by Mike Erwin, Charlie Scott, Paul Wolfe

Historically, only large companies could afford secure networks, which they created from expensive leased lines. Smaller folks had to make do with the relatively untrusted Internet. Nowadays, even large companies have to go outside their private nets, because so many people telecommute or log in while they're on the road. How do you provide a low-cost, secure electronic network for your organization? The solution is a virtual private a collection of technologies that creates secure connections or "tunnels" over regular Internet lines--connections that can be easily used by anybody logging in from anywhere. A number of products now exist to help you develop that solution. This book tells you how to plan and build a VPN. It starts with general concerns like costs, configuration, and how a VPN fits in with other networking technologies like firewalls. It continues with detailed descriptions of how to install and use VPN technologies that are available for Windows NT and Unix, such as PPTP and L2TP, Altavista Tunnel, Cisco PIX, and the secure shell (SSH). New features in the second edition include SSH, which is a popular VPN solution for Unix systems, and an expanded description of the IPSec standard, for which several vendors have announced support. Topics

Genres: Computers, Reference

228 pages, Paperback

First published March 1, 1998

Reviews

[Stephen · Rating 2 out of 5]

Yes, yes, I know that many people will say I'm reviewing an O'Reilly book copyright 1999, probably purchased from Barnes and Noble in 2003, but there are a lot of good things O'Reilly published back in the day, however Virtual Private Networks is not one of them. Before I get too much into the specifics of what I didn't not like: I greatly appreciated Mike Erwin's describing VPNs in their infancy and general concepts, and I thought the first four chapters were really good in this regard. Where the book went off the rails was with the AltaVista Tunnel, and then chapter 8 was awful, and I speak as one who implemented PPTP with Windows NT back in the day, looking for solutions to support VPN using Linux with NT Servers. The choices made here were awful, and within two years of the second edition of this book the options were already ruled out, and I almost want to say it showed too much of the optimism back in the day for Open Source software because of certain packages and products that ceased to be maintained. I will not fault Mike Erwin for covering Cisco PIX as a commerical product on the other hand. As the saying goes, "Nobody was ever fired for buying a Cisco solution." After we did away with our homegrown solution of a now-defunct firewall IPS/IDS solution and PPTP, we moved to a Cisco solution which allowed for connections from Windows, Linux, and Mac hosts, and life got a bit easier around the time that I bought this book. What was really suprising to me was chapter 11, talking about VPN scenarios and pretty much everyone was connecting using PPTP. That's what we did back then, before we moved to a commerical product (yes, a Cisco product, and yes, Cisco is still around - yes, I'm poking fun at you, Mike).

Much later, especially given my experiences during the pandmic in 2020, Stay-at-Home orders with people working from home, it was all trial by fire for implementations that had not truly been stress tested, so I wanted to revisit this book. Though I won't speak to all my specific pain points almost 30 years later, IPSec hasn't lived up to be the silver bullet that they were talking up in the late 1990s, and that's all due to ISPs, cable modems, routers, and what they allow through, so points in this book all this time later are still relevant. That said, I'm only giving this one two stars, if that, and it's not because of when it was written. I feel O'Reilly felt that they needed a book written to deal with the emergence of VPNs, but this book doesn't cut it.