Not too long ago my company was seeking an industry specific security certification. Some of it covered physical security but a lot of it covered infosec. Information Security is not a goal, it’s a process. During the process of certification, I ran across the book Inside Network Perimeter Security (Second Edition) by Stephen Northcutt (and other authors).

This book rocks. I wish I had this book before we started this process, I think it would have made it a lot easier. If you work with information security in any way you owe it to yourself to get this book and read it. Packet filtering, stateful firewalls, proxies, VPN, policies, IDS/IPS, it’s all in here.