We've already included that in our proposal for the book

I can't tell if this is an endorsement for a book or not

Hey All,

I'm currently in talks with a publisher to co-author a book on OSSEC (http://www.ossec.net) with Daniel Cid, the founder and lead developer of the project.

What the publisher has asked me for is some quotes/endorsements on why a book on this product is needed and/or why I am the right person to write a book on this topic.

I'd appreciate help from the community on this and if you'd be willing to be quoted on why a book is needed on this program and/or provide an endorsement of yours truly then please post it here or if you'd rather let me know directly then please email me at andrewsmhay@gmail.com.

If you'd like more of a background on me then please check out http://www.andrewhay.ca/about/.

I really need this by the end of the week (Friday, August 17th) if possible.  Thanks everyone...I know you won't let me down!

I'm sorry but the price tag is too high for a simple Nokia 770 tablet with their custom version of debian on it.  You'd be better off buying the new Nokia n800 (http://www.nseries.com/products/n800/) and figuring out a way to put your own Linux version on it or port your tools over to the custom Nokia debian version using their published SDK.  There...I've just saved you about $2400

Good to see that development continues on such a fantastic application.

@oleDB

I would only recommend this route if you have:

1) The time to put into reading through all the docs (as the training material is condensed and tells you exactly what you need to know)
2) A problem paying $500 USD for the course book if you order directly from Check Point
3) You don't have the time or the means to attend a formal class

I'd like to think that i have the money kicking around to take the course but sometimes that isn't the case.

As I stated in my blog post on December 19th, 2006 (http://www.andrewhay.ca/archives/62):

This was the first time I had a chance to use the SANS OnDemand training method and I have some mixed feelings about it:

Pros
    * Very Portable - while out of the office, I was able to access the material when I needed it. This was very handy while waiting for my Red-eye flights back from California to the East Coast.
    * MP3’s For Download - SANS makes the MP3’s available for download which makes flights go by quickly and allows me to learn while in cramped quarters (In case you don’t know I’m 6″4 and don’t travel well on Airplanes designed for 1950’s sized passengers).
    * End of Section Tests - each section ends with a test to ensure that you know the content prior to moving on. This really prevents you from blowing through topics that you THINK you know.

Cons
    * No Dead Trees - I am the kind of person who like to be able to have the material printed out and in hand. I tend to absorb it better when reading old fashioned printed books. I wish that they’d include them in the cost of the On Demand course.
    * Presentation - I know for a fact that these On Demand sessions are SANS’ first crack at self-paced training. They are quite rough around the edges and do require some added bells and whistles to keep my interest. Perhaps they should invest in a different Web Based Training package that doesn’t look like it’s optimized for Netscape 4
    * Accuracy - not of the content but the way it is presented to the user. There was one section that was not covered and I would not have been able to pass the test at the end of the section had I not ordered the books (and used them as reference). I emailed in, as per their process, and it was fixed several days later. Had I not had the books I would not have been able to progress to the next section and 7 days would have felt like an eternity.

Anyone else have similar experiences with this method from SANS?

Having taken the NG FP1, NG FP2, NG FP3, NG AI, and NGX exams I can honestly say that the one thing that these exams all having in common is that the course materials are all taken from the docs which you can download from the CP site.

Specifically (for NGX):
FireWall and SmartDefense User Guide
VPN User Guide
Cluster XL User Guide
SmartCenter User Guide

Another good document to get your hands on is the Advanced Technical Reference Guide (which is always good to thumb through before going to the exams)

Having passed both the GCIA and the GCIH I can honestly say that I found the GCIA more challenging due to the complexity of the content.  That being said I self-studied for the GCIA and used the SANS OnDemand method for my GCIH.

Geez....another certification that people will get my Nokia Security Administrator (NSA) cert confused with. 

I'm not sure I would ever feel comfortable eliminating the DMZ altogether, especially if the network is already built this way.

If possible, I think I'd be more open to getting rid of the DMZ as a leg hanging off my firewall and place it between 2 individual firewalls (see below):

(internet)
     |
(external_fw)
     |-----------------(dmz_server_farm)
(internal_fw)
     |
(internal_net)

The question isn't really "CAN" you pass by absorbing as much information as possible.  The real question is "SHOULD" you be following this method.

I've found that actually understanding the subject matter leads to longer retention than a study-blitz just to pass an exam.