The security provided by firewalls and VPNs is only as strong as the protocol rules and policies that you create. The concepts of "defense-in-depth" and "least privilege" are merely holes in your perimeter waiting to be exploited, unless you can define and maintain protocol rules that allow only the minimum protocols required to provide your requisite services. This book provides fundamental information necessary to configure firewalls and build VPNs and DMZs to survive the dangers of today's internet. The book includes a bonus chapter from the companion Web site on using Ethereal to monitor and analyze network traffic. While you may now feel overwhelmed by the countless firewalls with a dizzying array of features, you will feel empowered by the knowledge gained from this book. This book covers the leading firewall products. It describes in plain English what features can be controlled by a policy, and walks the reader through the steps for writing the policy to fit the objective. Because of their vulnerability and their complexity, VPN policies are covered in more depth with numerous tips for troubleshooting remote connections. Products covered include Cisco PIX Firewall, ISA Server 2004, Check Point NGX, Juniper'?s NetScreen Firewalls, SonicWall, and Nokia.