Make a little room on your bookshelf. The book Secrets and Lies by Bruce Schneier needs a spot if it doesn't already occupy one. Without a doubt this is the best book on network security that I've ever read, mainly because it focuses on looking at security as a system, rather than looking at specific technologies and their perceived benefits. Think about understanding how people as well as various encryption, authentication, intrusion detection, and firewall systems interoperate and interact, and then think about how complex the idea of security really is.
After getting through the first two chapters you'll understand what I mean. Schneier immediately eliminates many security myths, including what constitutes a secure network environment. He rightly points out that too many people rely on supposedly secure network technologies, when they in fact offer no guarantees of their actual worthiness in preventing intruders, attacks, or even with respect to the sanctity of the code they are based on. The key to the book is that it doesn't tell you what to do or how you should do it. Instead, it focuses on taking an objective look at network security (and that includes not only technologies, but also people, and their impact on building an effective system), while providing multiple examples that parallel not-necessarily-technical real-life scenarios.
Think that open source software is more secure than proprietary code? Guess again. Think that using smart cards or biometrics is going to save your network? Not if your users don't understand a thing about security. Relying on any vendor's box to help you sleep at night? You won't anymore. Schneier pounds most security myths to dust, and there are many things that he has to say that you won't like, especially if you think you've got security on your network taken care of.
Having said that, Schneier's book is more about the overt awareness required to achieve a high degree of security on a network rather than living under the illusion that anything close to complete security is truly possible. The concept of security as a constantly changing system is paramount to the education of any serious system administrator. Having said that, I would sincerely recommend this book to not only system administrators, but also IT managers, and anyone thinking about branching into any part of network security for a living. This isn't about building a firewall -- it's about truly understanding the issues and what they mean to you and your business. The best part is, after reading this book you'll be able to scare the heck out of just about everyone.
Check out other reviews for this book by clicking the cover picture above