Customer Rating: 
Summary: Excellent book, a must for any Juniper SA installation.
Comment: This is an excellent book. It provides a lot of helpful information on how to set up a Juniper SA appliance. The information in this book has helped us organize the user and resource profiles in our installation, as well as set up remote access to Citrix applications. I recommend this book to anyone setting up or administering a Juniper Secure Access SSL VPN.
Customer Rating: 
Summary: Very useful book.
Comment: I've read the book a couple of times now, and find it very helpful. The book is filled with good advice. I would have found it more useful if it had more suggestions and best practices, instead of just explaining the various options. I found the Terminal Services and Citrix chapter very confusing. The most transparent way to run Citrix under windows is using the CTS service with a Resource Profile when running with a Citrix Web Interface server. For Mac, I find running Network Connect with an limited ACL to allow running directly with the Citrix Web Interface works best. It would be helpful to give some "best practices" of when to use each deployment method.
One area that took a while for me to understand was executing Host Checker policies in the realm. Page 89 doesn't stress this, but you MUST "Evaluate Policy" in the realm to use that policy in a role. I found it much better to enforce a HC policy in the role, NOT in the realm. This is especially true if you have multiple realms on a signin page. Getting remediation to work the way you want it to is not trivial.
The authentication section was very good. Missing was information on properly setting up LDAP group settings such as recommended setting of Reverse Group Search and Nested Group Level. JTAC suggested turning off Reverse Search and maxing nesting between 5 and 7 but no more than 7. The whole thing with the Server Catalog is confusing and could be explained.
Finally, I would have liked a lot more emphasis on User Session Policy Tracing, and more real life suggestions on what to look for. Also, I have never successfully used Simulation in a meaningful way. If it is useful, examples of how to set it up would be helpful.
Again, a very useful book with a lot of great info. I'd just like to see a little more "Cookbook" style examples of real world setup issues.
-=Dan=-
Customer Rating:
Summary: Comments from the Author
Comment: So I realize my rating is a little biased, but I had some things to say and I couldn't find a place for an author to leave their remarks, so here they are. If you could pick a rating that didn't count I would have done that, but alas you can not, and I'm not going to ding myself or my co-authors for that.
First, if you're looking at buying this book, or have already purchased this book, then I'd like to say thank you. So, Thank You. I hope you enjoy the book and I hope you find what you're looking for inside its pages.
Let me start off by saying that as the title states, this is a configuration guide. It always bothers me when I see someone review a book complaining about how some of the information is too basic. This book is meant to be a guide for beginners to experts, it will obviously cover some things that are basic but hopefully has enough advanced material to keep seasoned users happy as well.
To the beginners, you're going to love it. I would have loved to have had this book when I first started working with this device, which is why this book exists now; I couldn't find what I needed, so I got a few friends together and we did something about that. It covers everything you need to hit the ground running and walks you through how to do it. We've got enough screenshots in here that you should be able to find any menu you're looking for or just verify that you're on the right screen when you see it.
To the experts, you should enjoy this too. Hey, we all love the Admin Guide that Juniper provides us with, but lets be honest, it's unbelievably huge and can sometimes be a little hard to understand. This book puts things in plain English and explains them so you only have to read them once, not ten times, before you get the "Aha!" you're looking for. It should also be a great quick reference guide for you when you can't recall how to configure something, though you've done it a thousand times. And last, but certainly not least, you can hand it to the new guy and tell him to read it rather than having to explain everything to him.
Now of course a book wouldn't be a book without errors, and we have ours too. Does this bother me? Yes. Does this make me insane? You bet. Is this a reality of the publishing world? I'm quickly learning that it is.
Chapter 1 is "Defining a Firewall". What the heck is a firewall chapter doing as Chapter 1 of a VPN book? I asked the same question, nay, I yelled it at the top of my lungs(Though my language was more colorful). This chapter was used by the publisher as a placeholder for the original Chapter 1 material, which is the current Introduction. Somewhere in the formation of the book, as the deadlines loomed and were surpassed(Sorry about that pre-orderers), things were getting rushed to the printer and the placeholder ended up more than just a placeholder. I assumed(Silly me) as the book went to print that this was not the case. So what does this mean?
It means there's extra information in the book that doesn't exactly fit its theme. Is this bad information? Not at all, the chapter is sound information, it just doesn't quite belong, and in future revisions of the book it will not be there. I think the current Introduction of the book does a far better job of introducing it, and in future prints will take the place of Chapter 1.
I want to stress that the rest of the book is SOLID! We work with these devices every day, many of us at Juniper Networks, or working directly for Juniper Networks. Will this book have everything you want? I hope so, I sincerely do. If it doesn't, I'm sorry, all I can say is drop me a line and we'll see what we can do in the Second Edition. So thanks again for reading our book, and thank you for taking the time to read my comments as well.
Customer Rating:
Summary: Great Book!!
Comment: Very comprehensive, has lots of tips which are not in the manual. It also talks about some of the next-generation technologies, and other offerings traditional VPNs just cannot do. Highly recommended!
|
|
