When I attended TechEd Europe in July 2002 one of the most interesting sessions was presented by Steve Riley. This was an overflow session presented during lunch, and I thought it would be interesting to check out something I hadn't planned to look at. The session covered use of IPSec, and the presentation style was very engaging. Rather than discuss technology in search of a solution, Steve solicited a number of scenarios from the audience and presented the hidden power of IPSec.
Many years pass, and I spot a blog entry from Jesper Johansson, where he book that is co-authored with Steve. I ordered it almost immediately from Amazon.com and I wasn't let down. This book is a gem for any developer who is trying to understand infrastructure security and the capabilities of the Windows platform. It's a fairly easy read and only delves into the necessary detail, avoiding coverage of mundane technical details that are presented on TechNet. To get the most out of this book you'll want your own test rig set up on virtualised hardware (think VMWare or Virtual Server) with a domain controller, certificate services, ISA Server and the like.
It's really hard to fault this book, maybe it should be available in hardback?