Designing Security Architecture Solutions Description:

Designing Security Architecture Solutions review:
1 stars (not a good reference manual..or book on computer security) - In a course, this book was used as teaching material in a class for computer security. The read, reminded me of speaking software to a hardware engineer. Since the hardware engineer is coming from another level, the experience was like talking DOWN to the reader. The author seemed to want to "impress" us with his "knowledge". Luckily, we were fortunate to have an instructor that could translate for the class. Had to use other manuals to replace what the author, may have tried to relay.
1 stars (La la la la) - Unless you are already an expert at security and are looking for a strictly abstract approach, save your money!! Ramachandran's ramblings go on forever, with little imparted to the reader. The best comparison I can come up with for the experience of reading this book is that it's the same as trying to learn a foreign language from a mime. If Ramachandran spent less time trying to impress us with a bibliography that goes on for pages [I don't really CARE if he has read every security book in the world, if he can't distill this information down and pass it on the text is worthless] and more time on organizing his book [for heaven's sake, is a decent index at the back too much to ask?] then it may be usable, as it is, the only thing to do with it is level a table.
5 stars (Layered approach to multi-level security) - This is one of the most pragmatic, thorough books on security architectures I've read. The approach the author takes represents best practices in a number of disciplines, including architecture, software engineering, and infrastructure management. This holistic view of security architecture is not provided in total in any of the hundreds of security books I've read.Among the reasons I like and recommend this book are: the approach starts with architectural principles and a survey of approaches based on well known models, as well as development life cycles in the real world. The chapter on security assessments shows how to determine a security posture, establish a baseline and deal with gaps. In addition, the chapters on Security Architecture Basics and Architecture Patterns will provide the foundation of a viable approach to designing a strong security architecture.I also like the way each architectural building block is systematically covered in subsequent chapters, beginning in Part II with low-level architecture components and technical details that span code review techniques, cryptography fundamentals and related topics. Part III covers the mid-level components in detail, including middleware, web, database, application and OS security. Part IV tackles high-level security, culminating in an enterprise security architecture based on low- and mid-level components, and the process-oriented approach provided in the previous parts of the book. This book goes deep into technical details of every facet of the components, showing how they work, interrelationships, standards, and advice for how to deal with challenges and vulnerabilities.Making the business case for security, the topic of Part V, is as thorough and detailed as the preceding technical chapters. Case studies, issues and factors, costs and underlying financial formulae are tied together to help you to craft a viable and realistic business case for proceeding with the design and implementation of a security architecture.This book is focused, covers the entire landscape of security architecture, design and implementation, and leaves no gaps. I strongly recommend it as the workgroup reference in the standards & architecture, software engineering, project, and infrastructure domains.