David W. Chapman Jr. is President and Principal consultant for SecureNet Consulting, LLC, an independent information security consulting firm in Beaverton, OR. SecureNet specializes in the design, implementation and monitoring of secure network infrastructures.

David teaches Cisco's PIX, Intrusion Detection and VPN courses to students across the country. David holds a number of industry certifications including, CISSP, CCSI, CSS-1, CCNP, CCDP. He is the co-editor of "Cisco Secure PIX Firewalls."

How long have you been working with Cisco PIX Firewalls, and how did you get interested in them?

I have been working with PIX firewalls since 1999. In early 2000, I was a Senior Network Engineer with a local Cisco Gold Partner. I was selected to lead several Cisco "Smart Start" programs that were aimed at providing secure infrastructure components for the still burgeoning dot-com market. Customers had their Cisco routers, PIX firewall's, Catalyst switches, and LocalDirector load balancers shipped to my lab. I assisted customers with successful prototyping of their remote co-location networks including design assistance, configuration and product training. I began teaching the Cisco Secure PIX Firewalls course in October of 2000.

What are your favourite security tools and why?

I have MANY favorite security tools, but if I had to pick two, they would be my Network Associates Sniffer and a Syslog server.


Not very sexy, I'll admit, but with these two tools, I can quickly troubleshoot most network problems that arise.

For baseline vulnerability scanning, I am partial to the open source program Nessus. Number one, it's free and easily compiles on most Linux flavors. Secondly, the open source community does a fantastic job of keeping it up to date with new vulnerabilities.

How long did it take you to co-write "Cisco Secure PIX Firewalls"? Any major difficulties?

First, Andy and I "Edited" CSPF. We were given the complete text of the "Cisco Secure PIX Firewall Advanced 1.01" course student guide and were assigned the task of re-working the content to organize ideas and topics so that they flowed logically from point A to point B. We did add a great deal of value in the way of author's notes and tips. I wrote all of the Appendices from scratch to include material that was not in the CSPFA course at the time but I felt was needed.

Our greatest challenge on the project was learning how to properly format the content for submission to the reviewers and the Cisco Press Production Team. Fortunately, Cisco Press provided four exceptional Technical Editors and a top notch Development Editor. Andy and I would have turned out a much less complete book without their guidance and input.