Juniper(r) Networks Secure Access SSL VPN Configuration Guide

I've read the book a couple of times now, and find it very helpful. The book is filled with good advice. I would have found it more useful if it had more suggestions and best practices, instead of just explaining the various options. I found the Terminal Services and Citrix chapter very confusing. The most transparent way to run Citrix under windows is using the CTS service with a Resource Profile when running with a Citrix Web Interface server. For Mac, I find running Network Connect with an limited ACL to allow running directly with the Citrix Web Interface works best. It would be helpful to give some "best practices" of when to use each deployment method. One area that took a while for me to understand was executing Host Checker policies in the realm. Page 89 doesn't stress this, but you MUST "Evaluate Policy" in the realm to use that policy in a role. I found it much better to enforce a HC policy in the role, NOT in the realm. This is especially true if you have multiple realms on a signin page. Getting remediation to work the way you want it to is not trivial. The authentication section was very good. Missing was information on properly setting up LDAP group settings such as recommended setting of Reverse Group Search and Nested Group Level. JTAC suggested turning off Reverse Search and maxing nesting between 5 and 7 but no more than 7. The whole thing with the Server Catalog is confusing and could be explained. Finally, I would have liked a lot more emphasis on User Session Policy Tracing, and more real life suggestions on what to look for. Also, I have never successfully used Simulation in a meaningful way. If it is useful, examples of how to set it up would be helpful. Again, a very useful book with a lot of great info. I'd just like to see a little more "Cookbook" style examples of real world setup issues. -=Dan=-

This is an excellent book. It provides a lot of helpful information on how to set up a Juniper SA appliance. The information in this book has helped us organize the user and resource profiles in our installation, as well as set up remote access to Citrix applications. I recommend this book to anyone setting up or administering a Juniper Secure Access SSL VPN.

If you are looking for a book that will help you configure the Juniper SA appliance very quickly, this is the book. It very easy to follow with great examples.

So I realize my rating is a little biased, but I had some things to say and I couldn't find a place for an author to leave their remarks, so here they are. If you could pick a rating that didn't count I would have done that, but alas you can not, and I'm not going to ding myself or my co-authors for that. First, if you're looking at buying this book, or have already purchased this book, then I'd like to say thank you. So, Thank You. I hope you enjoy the book and I hope you find what you're looking for inside its pages. Let me start off by saying that as the title states, this is a configuration guide. It always bothers me when I see someone review a book complaining about how some of the information is too basic. This book is meant to be a guide for beginners to experts, it will obviously cover some things that are basic but hopefully has enough advanced material to keep seasoned users happy as well. To the beginners, you're going to love it. I would have loved to have had this book when I first started working with this device, which is why this book exists now; I couldn't find what I needed, so I got a few friends together and we did something about that. It covers everything you need to hit the ground running and walks you through how to do it. We've got enough screenshots in here that you should be able to find any menu you're looking for or just verify that you're on the right screen when you see it. To the experts, you should enjoy this too. Hey, we all love the Admin Guide that Juniper provides us with, but lets be honest, it's unbelievably huge and can sometimes be a little hard to understand. This book puts things in plain English and explains them so you only have to read them once, not ten times, before you get the "Aha!" you're looking for. It should also be a great quick reference guide for you when you can't recall how to configure something, though you've done it a thousand times. And last, but certainly not least, you can hand it to the new guy and tell him to read it rather than having to explain everything to him. Now of course a book wouldn't be a book without errors, and we have ours too. Does this bother me? Yes. Does this make me insane? You bet. Is this a reality of the publishing world? I'm quickly learning that it is. Chapter 1 is "Defining a Firewall". What the heck is a firewall chapter doing as Chapter 1 of a VPN book? I asked the same question, nay, I yelled it at the top of my lungs(Though my language was more colorful). This chapter was used by the publisher as a placeholder for the original Chapter 1 material, which is the current Introduction. Somewhere in the formation of the book, as the deadlines loomed and were surpassed(Sorry about that pre-orderers), things were getting rushed to the printer and the placeholder ended up more than just a placeholder. I assumed(Silly me) as the book went to print that this was not the case. So what does this mean? It means there's extra information in the book that doesn't exactly fit its theme. Is this bad information? Not at all, the chapter is sound information, it just doesn't quite belong, and in future revisions of the book it will not be there. I think the current Introduction of the book does a far better job of introducing it, and in future prints will take the place of Chapter 1. I want to stress that the rest of the book is SOLID! We work with these devices every day, many of us at Juniper Networks, or working directly for Juniper Networks. Will this book have everything you want? I hope so, I sincerely do. If it doesn't, I'm sorry, all I can say is drop me a line and we'll see what we can do in the Second Edition. So thanks again for reading our book, and thank you for taking the time to read my comments as well.

This is a great book if you wish to learn the design, configuration and troubleshooting of the SA Series. A good study guide also for the Juniper JNCIA courses / Present equivalent

I have only just received the book and already I'm disappointed. I bought the book as a reference work, not for any freebie "BOGOF" offers, and on that score it looks as close as an original reference work is likely to be. However, I take great exception to a big banner across the front of any product which says "Free xxx" and that's the only reference to it in the entire product. No further info, no indication of a code or key or website to enter it. Just a scam, a pointless disappointing scam. Hence one star. Book might be OK, but the cover has really upset me, please someone tell these guys to stop doing it!

Reviewed in the United States on December 24, 2007