Help appreciated: what’s wrong with my Zone-based Firewalls book?

A quick question for you: in two years since my Deploying Zone-based Firewalls digital short cut (marketese for downloadable PDF) was published, we’ve sold around 200 copies of it. Obviously we’re doing something wrong and I’d appreciate your opinion: is it the topic (are you using ZB firewall on Cisco IOS?), the format (would you prefer paper copy?), the platform (Cisco IOS as a firewall), pricing ($14.99 for 112 pages) or something else?


  1. I bet the fact that if you google the name of the book, the first link lets you buy it, but the 4th link appears to be a "free" illegal copy isn't helping sales. :(
  2. I didnt even know about it.. Maybe obscurity is the problem? Small books like this i prefer in digital format, so i can back it up. Having it on multiple laptops for easy access is also a big thing for me.

    I think a pricing of just below the $10 mark would be appropriate. Taking a book like the new R&S guide, in printed format is $76 on This book is 1200 pages. That makes out to about $0.06 per page in printed format. This book, by the same measure is then $6.72. Ofcourse amount of sales and other factors will influence this alot, its still the best guideline I can come up with. So $10 would be a good price for me.

    Hope that helps a bit.
  3. I've just purchased the book online rather than download a copy illegally because I value the time spent by someone to document the new features in the ZBFW. $15 is about 6 minutes of my time at the rate my services are sold for so pretty reasonable really.

    The only issue is that when I go to download it it just wants to download a 1.4kb ".acsm" file which seems to be some sort of XML, of which my machine has no idea how to handle. With both Firefox and IE8...

    I'm left bewildered and wondering if I purchased something I can't even open. Maybe the pirated copy would have been a better option as it looks to be a proper PDF..

    If my experience is anything to go by then I'm somewhat less than impressed with the online ordering system, but looking forward to reading the book if I can get it to work.
  4. The book is great - well worth having for the price. Content is relevant, well written and very professional. PDF download would be ideal though.

    The online ordering system leaves a lot to be desired however. It was not intuitive - and for online purchases this really is a must. For the first time in many years after buying the book I was left with a nasty feeling that I wouldn't be getting what I ordered as it wasn't obvious how to get the document in a format which could be read.
  5. Thanks Ivan for indicating that this book exists - I wasn't aware of it.

    Perhaps other people do what I just did - it's available on Safari. I went there, added it to my bookshelf and that's how I will read it. It's the digital age, I suppose... :-)
  6. I wouldn't know but interested. Routing is a niche enough subject as it is. Is perhaps Zone Based FWs just a tad over the niche threshold?....
  7. I had bought it when you released it, but the DRM foiled me. At the time, they didn't have Digital Editions on the Mac, and the windows side failed hard. But at least I got a refund when customer service couldn't make it work on my machine.
    Pirates are going to pirate it either way, DRM or not.

    But for wider audience, I'd think that its a matter of it being more widely known, but I'm at a loss as to how you could do advertising for such a book to your target audience.
  8. 1. I don't think the book is being widely shared. So that's probably not it.

    2. I have not heard of the book till today and I try to keep abreast of Cisco Press Books more than most people might or at least most normal folks outside of the 200 buyers. This is probably it. :)

    3. I'm not sure about everyone else, but I know I prefer paper to e-books. Just me. I do like having e-copies but until I get really into the kindle thing, paper is the way for me.

    4. The price seems very reasonable too me at under $15.00 a copy.

    5. I love your work and may just go buy a kindle so I can take advantage of this opportunity now that I know about it.
  9. I continue to use CBAC so I haven't touch zone-based yet. I'm not sure, but I think that some features of CBAC do not exist in ZBFW yet so I have postponed the pain of reading and testing zone-based firewall for a few months..
  10. When I was at Networkers 2006 (or 2007) Cisco was giving out the electronic copy of your Zone Based Firewall book on a CD free to Cisco Powered Network attendees. Not sure how many CPN attendees were there but I guess the number wasn't small. However, did Cisco subsidize the CDs?
  11. I didn't consider buying the e-book for two resons:
    1) I prefer to put some paper under my pillow.
    2) I don't buy anything for that I don't know if I can still use it when I change computers, don't have an internet-connection or the seller goes out of business (or somethng else like that). So I don't buy anything that has DRM.
    I had bougt it as a real book, as I ran in many problems when I started the migration of many CBACs to the zone-based model. (Another reason for buying it as a book would be that I buy nearly every security-book from CP ... ;-) )
  12. I have purchased a few digital shorts in the past and I have to agree that the delivery method leaves a lot to be desired. It is very frustrating that you are required to install an adobe application to view the book.
  13. Hi Ivan,

    thanks for pointing this one out. Like some of the others, I wasn't even aware of it. Which is a shame, because I am not aware of any other books on this important topic for ccie candidates.

    I like your writing style a lot and am looking forward to reading it. Most of my study material (universcd) is electronic anyway, so I don't mind the format.

  14. I didn't know it existed until this blog post.
    Have purchased it and am now struggling to open the legal copy with Adobe Digital Editions - we'll get there eventually but I do prefer the paper book experience to the digital variety.

  15. 1) I didn't know it existed.
    2) I don't have a need at the moment for zone-based firewalls.
    3) I wouldn't buy it unless it was available in a non-DRM non-proprietary format.
    4) I'm notoriously cheap (not that I condone pirating your book either).
  16. I bought the digital version but I realized that the rights to read the file were bound to one computer...that I no longer use. I cannot read the file from another computer now. So I basically wasted 14.99$
    It has to be much cheaper so that I can buy the rights multiple times as I change computers. Realistically, I will stick to paper versions in the future.
  17. Well, some of my thought have been echoed by others, but here goes... I wasn't aware of this book until I read your post, but i took a look at it on Safari and liked the content, so I purchased the PDF through Safari.

    The first and perhaps biggest issue is DRM, as some others have noted. You are marketing this book to technologists, who understand the risks posed to the consumer by DRM. The PDF I purchased through Safari does not have DRM (although each page is tagged with my Safari username.) As a rule I do not purchase electronic media that has DRM. On the few rare occasions that I have purchased a secured PDF, I immediately printed the file on a Windows computer and extracted the PS file from the print spool directory. Whether it is Amazon clawing back a Kindle ebook due to some licensing snafu, or some company going bankrupt and taking my DRM permissions with them, there are simply too many risks associated with DRM.

    The second reason for me is the publication date. Unfortunately, in our industry, a book published in 2006 has the word *stale* written all over it. I am not saying that your book is stale, I am saying it looks stale by virtue of the publication date. When I am searching on Safari and I see a publication date of 2006 I am unlikely to click, simply because it is too time consuming to look any further. While this is true for a book focused on some standard or protocol, it is doubly true for a book about a vendor implementation. If the topic has evolved or changed enough to warrant a new edition, then release a new edition.

    A third reason may be the pricepoint. $14.95 seems steep for a 100 page book that is this narrow in focus. On Safari, the nominal cost of a token is $2, so I paid $6 for my PDF of the book (ignoring the sunk cost of my subscription.) However I am curious, when you mention that 200 copies have been sold, what does that number include? Does that number reflect regular Safari users (reading online) and Safari PDF purchasers (like me)?
  18. I purchased this ebook about a year ago when we were doing our first implementation of zone-based firewalls on a couple 3845 ISR's we purchased. The book was invaluable to me to get these devices up and running properly. The Cisco documentation that was available at the time was basically non-existent or didn't make any sense to me. The ebook layed things out very clearly and gave good examples of how to configure. Well worth the $15 I spent on it!
  19. I'd put out a bit more 'sample content' e.g. not just the "Table of Contents", but some actual cool content that would appear in google when people search for zone-based firewall stuff.

    Also the description does not really tell at what kind of audience the 'digital short cut' is aimed.

    Maybe you can try to expose more of the book, in what style it's written, how it will directly benefit you as beginner/intermediate/advanced user, who you are, you're credibility as cisco expert, etc.
  20. People will only invest in this book if they understand what a zone based firewall is, what are the advantages over other firewall technologies, and what benefits they would personally see if they used them.

    The issue is ignorance here. Cisco introduced zone firewalls with little explanation, so the masses have stuck to what they know - eg CBAC.

    Moving forward, why not produce a brief general guide to IOS firewalling moving onto zone based firewalls in more depth so that people can understand what they can achieve in real life deployments.
    ie the BIG picture, rather than detailed config.

    Once the idea of using them is made & sold, the next natural question is, where can I learn how to configure them. Voila - buy the book :)
  21. Cisco IOS as a firewall does not interest me.
  22. I bought it when it came out, but not long afterward the disk in my MacBook Pro crashed. Upon replacing the drive, I went to reinstall the Adobe software but couldn't get the book to work again. Customer service never responded to my enquiries. My money was wasted. I'd love to be able to read it, but I'm not going to fork out a second time for something that only "might" work.
  23. I got it through Safari online, I am dissapointed that there isn't a section on configuring site-to-site vpn's. Otherwise, this has been a great distillation of a lot of information that was tumbling around in my noggin.
  24. As to the site-to-site question, here is a cisco doc on it....
Add comment