Professional Documents
Culture Documents
These materials are © 2021 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use is strictly prohibited.
SASE For Dummies®, Versa Networks Special Edition
Published by
John Wiley & Sons, Inc.
111 River St.
Hoboken, NJ 07030-5774
www.wiley.com
Copyright © 2021 by John Wiley & Sons, Inc., Hoboken, New Jersey
No part of this publication may be reproduced, stored in a retrieval system or transmitted in any
form or by any means, electronic, mechanical, photocopying, recording, scanning or otherwise,
except as permitted under Sections 107 or 108 of the 1976 United States Copyright Act, without
the prior written permission of the Publisher. Requests to the Publisher for permission should be
addressed to the Permissions Department, John Wiley & Sons, Inc., 111 River Street, Hoboken, NJ
07030, (201) 748-6011, fax (201) 748-6008, or online at http://www.wiley.com/go/permissions.
Trademarks: Wiley, For Dummies, the Dummies Man logo, The Dummies Way, Dummies.com,
Making Everything Easier, and related trade dress are trademarks or registered trademarks of John
Wiley & Sons, Inc. and/or its affiliates in the United States and other countries, and may not be
used without written permission. All other trademarks are the property of their respective owners.
John Wiley & Sons, Inc., is not associated with any product or vendor mentioned in this book.
Publisher’s Acknowledgments
Some of the people who helped bring this book to market include the following:
Project Editor: Elizabeth Kuball Production Editor:
Acquisitions Editor: Tamilmani Varadharaj
Ashley Coffey Special Help: Kelly Ahuja,
Editorial Manager: Rev Mengle Monnia Deng, Aviva Garrett,
Christina Hattingh, Sunil Ravi,
Business Development Rohan Ravindranath,
Representative: William Hull Faithe Wempen, Michael Wood,
Chitresh Yadav
These materials are © 2021 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use is strictly prohibited.
Table of Contents
INTRODUCTION................................................................................................ 1
About This Book.................................................................................... 1
Foolish Assumptions............................................................................. 2
Icons Used in This Book........................................................................ 2
Where to Go from Here........................................................................ 3
These materials are © 2021 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use is strictly prohibited.
CHAPTER 3: Starting with Networking.................................................... 25
Building on SD-WAN........................................................................... 25
Using on-ramps and off-ramps.................................................... 26
Ramping up with SD-WAN technology........................................ 26
Embedded security: The foundation of SD-WAN....................... 28
Understanding Genuine SD-WAN..................................................... 29
Advanced routing capabilities...................................................... 31
Quality of service........................................................................... 33
Traffic optimization........................................................................ 33
WAN optimization.......................................................................... 34
Global distribution......................................................................... 35
Multitenancy and segmentation.................................................. 36
5G architecture............................................................................... 36
Reducing Complexity.......................................................................... 37
These materials are © 2021 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use is strictly prohibited.
CHAPTER 5: Capitalizing on SASE................................................................. 55
Understanding How SASE Enables Digital Transformation........... 55
Multicloud implementation.......................................................... 56
Cloud-native and flexible.............................................................. 57
Managing with Confidence................................................................ 57
Faster administration and deployment time.............................. 57
Single-pane visibility...................................................................... 58
Complete control over users, applications, and devices.......... 59
Protecting Your Assets........................................................................ 59
Better security and compliance................................................... 60
Inline encryption............................................................................ 60
Isolation and segmentation.......................................................... 61
Driving Down Costs............................................................................. 61
Considering a Real-Life Enterprise Use Case................................... 62
Table of Contents v
These materials are © 2021 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use is strictly prohibited.
Introduction
I
t’s a scary world out there. Cybersecurity threats are more
sophisticated, pervasive, distributed, and multidimensional
than at any other time in history. At the same time, digital ini-
tiatives, technological modernization, and cloud innovations are
enabling applications, users, and devices to be more physically
distributed than ever before in history, making it harder for com-
panies to control what comes into and goes out of their networks.
This book covers everything you need to know about SASE. You
discover what it includes, how enterprises and organizations ben-
efit, how it supports security, how to best implement it, and how
to take advantage of its best features.
Introduction 1
These materials are © 2021 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use is strictly prohibited.
Foolish Assumptions
In writing this book, we’ve gone out on a limb and made some
assumptions about you. We assume that:
The Tip icon highlights information that can save you time and
effort.
These materials are © 2021 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use is strictly prohibited.
Where to Go from Here
The book is written as a reference guide, so you can read it from
cover to cover or jump straight to the parts you’re most interested
in. Whichever way you choose, you can’t go wrong. Both paths
lead to the same outcome — a better understanding of SASE and
the steps and technologies you need to move forward.
Introduction 3
These materials are © 2021 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use is strictly prohibited.
IN THIS CHAPTER
»» Explaining SASE features
»» Deploying SASE
Chapter 1
Defining SASE
E
nterprises today are transforming how they deliver business
and productivity services to internal and external employees,
partners, and customers. Organizations everywhere are
adopting new technologies such as cloud, software as a service
(SaaS), a work-from-anywhere (WFA) solutions, and the Internet
of Things (IoT).
These materials are © 2021 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use is strictly prohibited.
Introducing SASE
SASE is not just one technology but an entire package of technolo-
gies, including:
These materials are © 2021 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use is strictly prohibited.
Protecting web gateways and a
work-from-anywhere workforce
A SWG guards a WFA workforce against Internet-sourced threats
by protecting a web-surfing user device from being infected by
unwanted software or malware and by enforcing corporate and
regulatory policy compliance. A SWG includes
These materials are © 2021 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use is strictly prohibited.
»» Apply a variety of analytics when monitoring behavior of
users, third-party applications, and data
»» Identify and respond to malicious and/or unwanted sessions
using multiple methods
»» Distinguish between corporate and personal instances of
cloud services and provide the ability to limit or block the
exchange of data between them
Trusting nothing
ZTNA asserts that no user or device is trusted by default, as with
legacy local area network (LAN) segments and Internet Protocol
(IP) addresses inside the perimeter. Traditional trust boundaries
have dissolved in a world with ubiquitous Internet access.
These materials are © 2021 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use is strictly prohibited.
Providing threat protection
Next-generation firewalls (NGFWs) are deep packet inspection
engines that move beyond port/protocol inspection and block-
ing to add application-level inspection. Leading-edge NGFWs
integrate
Protecting sensitive
data from malware
Data leakage occurs when personal or other sensitive data such
as financial account numbers, healthcare data, or usernames/
passwords are inadvertently exposed. A data breach occurs when
an attacker actively penetrates a system to access, steal, or dam-
age information.
These materials are © 2021 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use is strictly prohibited.
Operating at line rate with
advanced routing
Advanced routing provides a unique set of integrated functions,
such as path optimization, rapid convergence, traffic remedia-
tion, per-application quality of experience (QoE), and encryption.
Hardware neutrality
Traditional branch and site-to-site hardware architectures
have served enterprises well, but they have resulted in stacks of
single-purpose appliances at each corporate office. This appliance
sprawl lacks agility, requires multiple touch points for changes,
needs staff skilled on various vendors’ products, and uses exces-
sive space and power. It also ties the enterprise to a proprietary
architecture and reduces the ability to easily change technologies.
»» Application awareness
»» Full-security stack
»» SWG
»» SD-WAN and application-based traffic steering
These materials are © 2021 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use is strictly prohibited.
»» Routing
»» Quality of service (QoS)
»» Compression
»» Encryption
»» WAN optimization
Single-pass execution
An environment with discrete single-service appliances hands off
packets from one product to the next. Each one copies the packet
into memory, unpacks the content, analyzes the data and context,
applies a decision or policy, repacks the packet, and transmits it
to the next device in the chain. Each device must decompress/
decrypt the packet if necessary and redo these actions before
transmission. This process is time-intensive and significantly
impairs performance.
These materials are © 2021 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use is strictly prohibited.
Elastic scale-out
A single-pass processing architecture dramatically lowers latency,
significantly improves performance, mitigates security exposure,
and saves space, power, and specially skilled IT staffing. It is effi-
cient and scales horizontally by leveraging multiple underlying
cores or memory.
Global distribution
Globally distributed SASE-capable points of presence (POPs)
offered through colocation facilities, service provider POPs, and
infrastructure as a service (IaaS) should be used to reduce latency
and improve performance for network security services. A SASE
solution must offer distributed POPs that align with the digital
enterprise’s access latency and data residency requirements. This
is also critical for maximizing localized end-user experiences.
These materials are © 2021 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use is strictly prohibited.
Inline encryption
Encryption is paramount to protect transactions and data in
transit. SASE providers must be able to terminate and inspect
encrypted sessions, where required, based on policy with a scal-
able (ideally, software-based) architecture. SASE offerings must
be able to deliver inline encrypted traffic inspection (decryption
and subsequent re-encryption) at scale, ideally delivered from the
cloud and without the use of proprietary hardware.
These materials are © 2021 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use is strictly prohibited.
A truly flexible SASE solution offers a global cloud-native archi-
tecture, deploying cloud instances with a simple point and click,
regardless of whether it’s a public, hybrid, or on-premises cloud,
or a combination thereof.
These materials are © 2021 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use is strictly prohibited.
IN THIS CHAPTER
»» Transforming the network perimeter
Chapter 2
Becoming a Modern
Enterprise
M
odern enterprises conduct business in the client-
to-cloud era. According to Gartner, “Network and net-
work security architectures were designed for an era that
is waning, and they are unable to effectively serve the dynamic
secure access requirements of digital business.” Gone is the time
when employees all worked in a physical building and all your
corporate resources were held in private data centers that were
both physically and digitally secured.
The enterprise data center is no longer the focal point for appli-
cations, and the fixed network perimeter no longer exists. Digital
transformation initiatives and the adoption of software as a ser-
vice (SaaS) applications and cloud-based services have completely
changed the enterprise network. In today’s IT world:
These materials are © 2021 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use is strictly prohibited.
»» More sensitive data is located outside the enterprise data
center than inside it.
»» More traffic is destined for public cloud services than the
enterprise data center.
»» More traffic from branch offices is heading to public clouds
than to the enterprise data center.
These materials are © 2021 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use is strictly prohibited.
capabilities to which they require secure access. This means
secure access services must be everywhere as well.
These materials are © 2021 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use is strictly prohibited.
Working with modern WANs
SD-WAN 1.0 solutions integrated the Internet as an alternative
transport option to MPLS while maintaining the old network
topology, as shown in Figure 2-2. This reduced MPLS costs but
addressed neither security nor poor QoE for cloud and SaaS appli-
cations. It did not connect the user directly to the cloud.
These materials are © 2021 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use is strictly prohibited.
A second-generation solution — secure SD-WAN — incorporates
full networking and integrated security in a single software stack.
This solution, shown in Figure 2-3, finally enables enterprises to
deploy secure, direct Internet breakout at every site and build an
express on-ramp to cloud and SaaS applications. This architec-
ture additionally provides
These materials are © 2021 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use is strictly prohibited.
»» Require tracking many software versions and security
patches
These materials are © 2021 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use is strictly prohibited.
ubiquitous Internet connectivity significantly magnify the attack
surface of a company’s workforce and assets — the types, vol-
ume, and sophistication of the threats your users and assets are
exposed to.
These materials are © 2021 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use is strictly prohibited.
Cloud and mobility adoption
A legacy WAN architecture — a single Internet entry point at a
central secure headquarters location with a beefy firewall —
might still be stretched to serve an enterprise that uses a single
cloud, albeit with deficits in QoE and application performance
because of suboptimal connectivity and traffic routing.
Widespread acceptance of
work-from-anywhere
The COVID-19 pandemic instantly made a majority-WFA work-
force a practical reality. Government stay-at-home orders caused
a dramatic surge in a previously slow-ramping trend. A large
percentage of enterprises today accepts that WFA is the “new
These materials are © 2021 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use is strictly prohibited.
normal” and expects real-estate assets to become significantly
more shared in the future, replacing the old norm of company-
owned buildings dedicated to a single use or activity.
These materials are © 2021 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use is strictly prohibited.
IN THIS CHAPTER
»» Leveraging an SD-WAN foundation
Chapter 3
Starting with
Networking
T
he goal of secure access service edge (SASE) is to provide
secure work-from-anywhere (WFA) user access to all appli-
cations and data, whether resident in a data center, cloud
platform, or at a software as a service (SaaS) provider. That’s
what today’s enterprises want and need.
Building on SD-WAN
Trends in cloud computing and services, distributed workloads, a
burgeoning WFA workforce, and Direct Internet Access (DIA) have
obsoleted traditional WAN architectures.
These materials are © 2021 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use is strictly prohibited.
(QoE). Figure 3-1 compares the networks of the past to the net-
works we’re seeing in today’s enterprises.
These materials are © 2021 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use is strictly prohibited.
Application classification is done with deep packet inspection
(DPI) based on application signatures and heuristic analysis that
are dynamically and regularly updated. Using application classifi-
cation, the application category is identified. Application catego-
ries can include application families and subfamilies, risk tags,
productivity tags, and a tag to mark the traffic as business-centric
or not.
If the DPI engine can dynamically query the fully qualified domain
names (FQDN) and Internet Protocol (IP) addresses of SaaS pro-
viders, SaaS application identification starts with the first packet
in the flow. This ensures that all flows are immediately associated
with the appropriate policies and treated accordingly.
These materials are © 2021 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use is strictly prohibited.
applications, services, and resources in addition to providing
cloud-delivered SASE. Enterprises may have their own gateways
(their own SASE service) or use provider gateways (a provider’s
SASE service).
These materials are © 2021 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use is strictly prohibited.
Secure SD-WAN is a single-software-stack architecture with
embedded security features, offering seamless contextual security
based on user, group, location, device, posture, application, and
content. Its embedded capabilities include
These materials are © 2021 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use is strictly prohibited.
via a distributed system of edge software and cloud gateways
to enforce consistent, unified, and global policies across cloud,
home, mobile, and on-premises locations. SD-WAN is the on-
ramp to SASE and is the technology of choice for enterprise WAN
and multicloud connectivity. SASE encompasses hosted SD-WAN,
security, and routing in the cloud. Because SD-WAN is the foun-
dation for SASE, organizations must consider the key attributes
required for a genuine SD-WAN solution.
In the next several sections you learn about some of the necessary
attributes of a genuine SD-WAN.
These materials are © 2021 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use is strictly prohibited.
Advanced routing capabilities
Several SD-WAN environments necessitate advanced routing
capabilities to maintain well-behaved traffic and QoE. These
environment attributes include
These materials are © 2021 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use is strictly prohibited.
Bidirectional forwarding (BFD) is used with routing proto-
cols to monitor control plane health and provide rapid failure
convergence.
• Signature/pattern-based identification
These materials are © 2021 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use is strictly prohibited.
• Heuristics
Quality of service
An SD-WAN edge device should support traffic prioritization (for
example, high, low, strict high), weighted round robin (WRR),
hierarchical queuing, random early detection (RED), weighted
RED, tail drops, traffic shapers, hierarchical shapers, traffic
policing, and traffic classification based on a comprehensive set
of parameters. Additionally, it should also be capable of traf-
fic marking, remarking, honoring type of service (ToS) and dif-
ferentiated services code point (DSCP), and 802.1p priority bits.
Remarking and shaping can be configured based on Layer 4 to
Layer 7 policies.
Traffic optimization
As enterprise applications are increasingly consumed from the
cloud, ensuring consistently high performance for these applica-
tions requires that various traffic optimization capabilities must
be employed for Internet-bound traffic, as well as traditional
private-network traffic.
These materials are © 2021 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use is strictly prohibited.
»» Active TCP and HTTP probes for each SaaS application to
create a near-term history of application performance per
path
»» Active and passive performance metrics to select the best
egress or path for each SaaS application
»» Combining local, direct egress with SaaS gateway egress
Guaranteeing QoE requires knowing when a particular path is
congested and then smart-rerouting traffic. An SD-WAN contin-
uously measures SLA characteristics for all paths to determine the
optimal path that meets application performance requirements.
WAN optimization
WAN optimization is needed to achieve high throughput for any
TCP application, as well as for traffic traversing high-latency
links such as transcontinental or satellite links.
These materials are © 2021 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use is strictly prohibited.
An SD-WAN employs the following WAN optimization techniques:
Global distribution
SASE offers distributed points of presence and a portfolio of
traffic-peering relationships that align with the enterprise’s
access latency and data residency requirements. This is also criti-
cal for end-user QoE.
These materials are © 2021 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use is strictly prohibited.
Multitenancy and segmentation
A multitenant architecture completely separates each tenant’s
operating environment, profiles, privileges, policies, and traffic
handling, thereby ensuring complete security for each tenant’s
partition of a shared resource.
5G architecture
Tight integration of SD-WAN, security, cloud, and 5G results in a
more seamless deployment experience. The SD-WAN is the bearer
(data) plane for the 5G/edge cloud and is the method by which
5G network slicing is implemented.
These materials are © 2021 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use is strictly prohibited.
Edge-to-edge integration of SD-WAN and edge compute
architecture accelerates 5G deployments and enables better
device-to-cloud experiences. SASE offloads security functions
for better 5G packet core utilization and reduces costs by sharing
mobile infrastructure using multitenancy. SD-WAN is an enabler
for 5G network slicing while SASE provides the security for 5G
DIA. SASE and SD-WAN enable thousands of 5G cell sites to be
easily deployed at scale.
Reducing Complexity
SD-WAN and SASE solutions are becoming the connectivity choice
for the enterprise. SASE simplicity starts with a single cloud-
native system — cloud-native SD-WAN networks are specifically
designed for cloud-based applications and services.
These materials are © 2021 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use is strictly prohibited.
IN THIS CHAPTER
»» Evolving network security
Chapter 4
Extending Security to
Client and Cloud
T
he fixed perimeter of enterprise networks was softened by
increasingly popular cloud applications and storage offer-
ings. It then dissolved almost completely with users and
devices from remote branch offices and a work-from-anywhere
(WFA) workforce accessing corporate resources over the Internet.
This trend creates individualized “virtual perimeters” that
encompass only the user, the device, and the application, thereby
removing the access distinctions that exist between being on or
off the corporate network.
These materials are © 2021 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use is strictly prohibited.
In this chapter, you see how security methods and services have
evolved to protect the amorphous, software-defined Internet
perimeter of the modern enterprise.
These materials are © 2021 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use is strictly prohibited.
WAN (SD-WAN) and the SDP control plane in a network, which
in turn enables enterprises to implement both SD-WAN and SD-
security in the same software control component. Being software-
only, it can be deployed on bare-metal appliances (white box or
branded appliances) and virtual machines, or VMs (in private or
public clouds). All network and security functions are deeply inte-
grated into a single software stack, resulting in operational sim-
plicity and flexibility at the network edge and in the cloud.
Next-generation firewalls
Next-generation firewalls (NGFWs) are essential for today’s
networks. They include traditional stateful inspection, but addi-
tionally go beyond those capabilities with identity-based and
These materials are © 2021 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use is strictly prohibited.
Another random document with
no related content on Scribd:
very little more effort than is required to paddle it. The use of the pole
necessitates a standing position, but this is neither risky nor difficult
for any canoeist who understands the knack of balancing a canoe,
and none but an experienced canoeist has any business in swift,
white water. The setting pole is gripped with the left hand near the
top, with the right hand held stationary about 2 ft. lower, and as the
canoe travels past the pole, firmly planted on the river bottom, the
poler leans forward and makes use of his weight and strength to give
a quick push. The pole is again shoved forward as quickly as
possible, that the craft may lose as little headway as possible, and a
new grip secured for the next push. After a little experience with the
pole, the canoeist will find it an easy matter to swing his craft across
the current and avoid rocks and other obstructions as easily as when
paddling. When contemplating a long trip up a stream where the
water is heavy and the current swift, the use of two poles will make
the work easier. Both persons should pole from the same side, the
man in the bow doing the steering while the stern man adds his
straight-ahead push to force the canoe upstream.
Shifting the Paddle from One Side of the Canoe to The Other
The Tool will Pick Up a Drop of Oil and Deposit It Where Wanted
The oiling tool is dipped in light oil and a drop applied to each
bearing. Replace the works in the case and the job is finished. A
reliable jeweler will charge very little for this work, but the more crafty
ones may ask a good price for this “mysterious” process. If the works
are not dirty, apply the oil with the tool. Anyone who has tried to oil a
clock with an ordinary spout oilcan knows the futility of the attempt.
The object of the tool is to pick up and carry a drop of oil and deposit
it where wanted. A can, a feather, or a match will do, but any one of
them is apt to carry dirt, flood the dry part, or smear up nonmoving
parts.
Easily Constructed Wall Shelves
Shelves for Books Supported with Picture-Frame Wire to the Wall
All that is necessary to make and support the simple set of wall
shelves, shown in the illustration, is lumber for the shelves, four
screw eyes, four screw hooks, sufficient picture-frame wire to form
the braces and supports, and wood screws for attaching the wire. On
the top side of the upper shelf are fastened the four screw eyes, two
near the wall edge and the others near the outer edge. To support
the upper shelf four screw hooks are used; two placed in the wall
and spaced to match the set of screw eyes nearest the wall, the
others being placed above the first and connected to the outer set of
screw eyes with the wire, thereby forming strong inclined supports.
The remaining shelves can be hung to suit by the supporting wires,
which are fastened with screws to the end of each shelf.
Showing the Strength of a Giant
This trick is not so well known as it might be, although for a while it
was quite a popular drawing attraction for circus side shows and
other amusement places. It is one of the favorite Hindu tricks. The
performer passes for examination two pieces of rope 10 ft. long. In
one end of each rope a large ring is fastened. Taking a ring in each
hand the performer commands three or four men at each end of the
rope to take hold of it and at a signal they pull as hard as possible.
They pull until they are exhausted as in a tug of war, but the
performer only appears a trifle exerted and finds no difficulty in
holding the men.
The Performer Seems to Hold the Ones Pulling on the Ropes without Any
Effort, Producing an Effect That cannot be Readily Understood, and Making
an Excellent Trick for the Lawn Party
Toouter
enjoy a vacation in the woods thoroughly, it is essential that the
be provided with the right kind of an outfit. The
inexperienced are likely to carry too much rather than too little to the
woods; to include many unnecessary luxuries and overlook the more
practical necessities. However, camp life does not mean that one
must be uncomfortable, but rather implies plain and simple living
close to nature. An adequate shelter from the sun and rain, a
comfortable bed, a good cooking kit, and plenty of wholesome food,
are the important things to consider. No man or woman requires
more, and if unwilling to share the plain fare of the woodsman, the
pampered ones should be left at home, for the grouchy, complaining
individual makes, of all persons, the very worst of camping
companions.
The Old Hand at the Camping Game Prefers
to Cut Poles on the Camping Site and Set
Them Up on the Outside for the Camp-Fire
Tent
There are tents and tents, but for average outings in what may be
considered a permanent camp, the regulation wall, or army, tent is
generally used to make a comfortable shelter. It is a splendid utility
tent, with generous floor space and plenty of headroom. For the
permanent camp, the wall tent is often provided with a fly, which may
be set up as an extra covering for the roof, or extended over the front
to make a kind of porch. An extension may also be purchased to
serve the same purpose. The 7 by 9-ft. wall tent will shelter two
persons comfortably, but when the camp is seldom moved, the 9 by
12-ft. size, with a 3¹⁄₂-ft. wall, will afford more room. The regulation 8-
oz. duck is heavy enough, or the same tent may be obtained in tan
or dark green khaki, if preferred. In any case the tent should have a
sod cloth, from 6 to 12 in. wide, extending around the bottom and
sewed to the tent. An extra piece of canvas or floor cloth is desirable,
but this as well as the fly are extras, and while convenient, are by no
means necessary. The wall tent may be erected with the regular
poles, or it may be ordered with tapes along the ridge and erected by
suspending between two trees. The old hand at the camping game
rarely uses the shop poles supplied with most tents, but prefers to
cut them at the camping site and rig them up on the outside, one
slender pole fastened with tapes along the ridge and supported at
either end in the crotch formed by setting up two poles, tripod or
shear-fashion.
The “Baker” style is a popular tent, giving a large sleeping
capacity, yet folding compactly. The 7 by 7-ft. size, with a 2-ft. wall,
makes a good comfortable home for two, and will shelter three, or
even four, if required. The entire front may be opened to the fire by
extending it to form an awning, or it may be thrown back over the
ridge to form an open-front lean-to shelter.
The “Dan Beard,” or camp-fire, tent is a modification of the Baker
style, having a slightly steeper pitch, with a smaller front opening.
The dimensions are practically the same as the Baker, and it may be
pitched by suspending between two trees, by outside poles, or the
regular poles may be used.
For traveling light by canoe or pack, a somewhat lighter and less
bulky form of tent than the above styles may be chosen, and the
woodsman is likely to select the forester’s or ranger types. The
ranger is a half tent with a 2-ft. wall and the entire front is open; in
fact, this is the same as the Baker tent without the flap. If desired,
two half ranger tents with tapes may be purchased and fastened
together to form an A, or wedge, tent. This makes a good tent for two
on a hike, as each man carries his own half, and is assured a good
shelter in case one becomes separated from his companion, and a
tight shelter when the two make camp together.
The forester’s tent is another good one, giving good floor space
and folding up very compactly, a 9 by 9-ft. tent weighing about 5¹⁄₂ lb.
when made of standard-weight fabric. It may be had either with or
without hood, and is quickly erected by using three small saplings,
one along the ridge, running from peak to ground, and one on each
side of the opening, to form a crotch to support the ridge pole, shear-
fashion. These tents are not provided with sod or floor cloths,
although these may be ordered as extras if wanted.
The canoe or “protean” tents are good styles for the camper who
travels light and is often on the move. The canoe tent has a circular
front, while the protean style is made with a square front, and the
wall is attached to the back and along the two sides. Both tents are
quickly set up, either with a single inside pole or with two poles set
shear-fashion on the outside. A 9 by 9-ft. canoe or protean tent with
a 3-ft. wall makes a comfortable home in the open.
Whatever style of tent is chosen, it is well to pay a fair price and
obtain a good quality of material and workmanship. The cheaper
tents are made of heavier material to render them waterproof, while
the better grades are fashioned from light-weight fabric of close
weave and treated with a waterproofing process. Many of the
cheaper tents will give fair service, but the workmanship is often
poor, the grommets are apt to pull out, and the seams rip after a little
hard use. All tents should be waterproofed, and each provided with a
bag in which to pack it. An ordinary tent may be waterproofed in the
following manner: Dissolve ¹⁄₂ lb. of ordinary powdered alum in 4 gal.
of hot rain water, and in a separate bucket dissolve ¹⁄₂ lb. of acetate
of lead—sugar of lead—in 4 gal. of hot rain water. The acetate of
lead is poisonous if taken internally. When thoroughly dissolved, let
the solution stand until clear, then pour the alum solution into a tub
and add the lead solution. Let the solution stand for an hour or two,
then pour off the clear water and thoroughly soak the fabric in the
waterproofing mixture by rubbing and working the material with the
hands. Hang the cloth up without wringing it out.
The Forester’s Tent is Quickly Erected by
Using Three Small Saplings, One along the
Ridge, and One on Each Side of the Opening
to Form a Crotch for the Ridge Pole
The Ranger’s or Hiker’s Tent Comes in The Canoe or Protean Tents
Halves. Each Half may be Used Are Good Styles for the
Independently as a Lean-To Shelter for One Camper Who Travels Light
Man, or Both Joined Together to Make Room and Is Often on the Move,
for Two Persons and They can be Quickly Set
Up with a Single Inside Pole
The camping kit, including the few handy articles needed in the
woods, as well as the bedding and cooking outfit, may be either
elaborate or simple, according to the personal experience and ideas
of the camper. In making up a list, it is a good plan to remember that
only comparatively few articles are really essential for a comfortable
vacation in the wilderness. A comfortable bed must be reckoned one
of the chief essentials, and one may choose the de-luxe couch—the
air mattress or sleeping pocket—use the ordinary sleeping bag, or
court slumber on one of the several other styles of camp beds. The
fold-over combination bed, the stretcher bed, or a common bag
made of ticking, 6¹⁄₂ ft. long by 2 ft. wide, which is stuffed with
browse or leaves, will suffice for the average person. Folding camp
cots, chairs, tables, and other so-called camp furniture, have their
places in the large, fixed camps, but the woodsman can manage to
live comfortably without them. A good pair of warm blankets should
be included for each person, providing the sleeping bag is not taken
along. The regulation army blankets are a good choice and
reasonable in price, or the blankets used at home may be pressed
into service.
A good ax is the woodsman’s everyday companion, and a good-
weight tool, weighing 3 or 4 lb., and a smaller one of 1¹⁄₂ lb. should
be carried. When going light, the belt ax will suffice.
The oil lantern is only suited for the fixed camp, since the fuel is
difficult to transport unless it is placed in screw-top cans. The
“Stonbridge” and other folding candle lanterns are the most
convenient for the woods and give sufficient light for camp life.
The aluminum cooking outfits are light in weight, nest compactly,
and will stand many years of hard usage, but like other good things,
they are somewhat expensive. A good substitute, at half the price,
may be obtained in tin and steel, having the good feature of nesting
within each other, but, of course, not being quite so light nor so
attractive in appearance as the higher-priced outfits. Both the
aluminum and steel outfits are put up in canvas carrying bags, and
an outfit for two includes a large and a small cooking pot coffee pot;
frying pan with folding or detachable handle; two plates; cups knives;
forks, and spoons. Outfits may be bought for any number of persons
and almost all sporting-goods stores carry them. The two-man outfit
in heavy aluminum will cost $9 or $10, while the same outfit
duplicated in steel is priced at $3.35.