Cyber Shelf

// Comparison

Linux Firewalls vs Tableaux de bord de la sécurité réseau: Which Should You Read?

Two cybersecurity books on Networking, compared honestly: who each is for, what each does best, and which to read first.

Intermediate
4/52007
Linux Firewalls

Attack Detection and Response with iptables, psad, and fwsnort

Michael Rash

Michael Rash, author of psad and fwsnort, on building and operating Linux-native packet filtering and intrusion-response tooling. Pre-nftables in detail but conceptually durable.

Advanced
3/52010
Tableaux de bord de la sécurité réseau

Cédric Llorens, Laurent Levier, Denis Valois

A practitioner's manual for measuring and steering network security — metrics, dashboards, monitoring and risk indicators — for the people who run security operations.

Read this if

Linux administrators and defensive practitioners who need to actually configure a firewall, not just understand the concept. Rash's iptables coverage remains the cleanest practical introduction; psad and fwsnort for the active-response side.
Network and security engineers, and security managers who need to instrument and report on security: what to measure, how to build dashboards, how to track risk over time.

Skip this if

Readers fully on nftables / firewalld / cloud-native security groups, or anyone wanting an architecture-level treatise. The book is hands-on iptables rules and analysis, not a strategic frame.
Readers wanting attacks or the latest cloud-native tooling; it's an operations-and-metrics book whose editions predate much of the modern stack.

Key takeaways

  • iptables remains the foundational mental model; even in nftables-or-eBPF environments, understanding match-and-target chains is required to read the rule sets the field still ships.
  • Active response is a real defensive option that's easy to overstate; the book's chapter on the trade-offs is appropriately cautious.
  • Port scanning detection (psad) and signature-based blocking (fwsnort) are still useful primitives that punch above their weight in budget-constrained environments.
  • A rare French book focused on measuring security — metrics, indicators and dashboards, not exploits.
  • Written for security operations and management: how to make security legible to the organisation.
  • The principles of security measurement endure; check the specific tooling against current practice.

How they compare

We rate Linux Firewalls higher (4/5 against 3/5 for Tableaux de bord de la sécurité réseau). For most readers, that means Linux Firewalls is the primary pick and Tableaux de bord de la sécurité réseau is a useful follow-up.

Linux Firewalls is pitched at intermediate level. Tableaux de bord de la sécurité réseau is pitched at advanced level. Read the easier one first if you're not yet comfortable with the topic.

Linux Firewalls and Tableaux de bord de la sécurité réseau both cover Networking, Defensive, so reading them in sequence reinforces the same material from different angles.

Keep reading

Linux Firewalls

Alternatives to Linux FirewallsWhat to read after Linux Firewalls

Tableaux de bord de la sécurité réseau

Alternatives to Tableaux de bord de la sécurité réseauWhat to read after Tableaux de bord de la sécurité réseau

Related topics

NetworkingDefensive