Network Security

How to plan and implement secure networks, detect attacks and test security policies

• 4 days • £1995 • world-wide


You will learn:

    • Determine the risk to your network
    • Develop and implement a security policy
    • Audit your network's security
    • Use modern network security techniques, such as X.509, IPSec, SSL, TLS etc
    • Use ethical hacking to identify security weaknesses.
    • Harden your network services and applications
    • Keep up to date with security issues

     


Course Benefits

The growth of the Internet and the wide-spread use of computer networks have brought great benefits to businesses. At the same time they have opened up business systems to remote hacking from employees through to anonymous crackers at the other side of the world.

The related growth in network applications has increased the complexity and consequently the vulnerability of networked systems.

Whilst techniques to secure network systems exist they are many and complex. This course gives the attendee a good understanding of network security risks and the appropriate techniques that can be used to reduce and control those risks.

 


Who should attend?

This course is ideal technical staff and managers involved in network management. It is helpful if attendees have a basic understanding of networking principles but background information is supplied throughout the course.

 


Course Contents

Networking Recap

  • Review of networking basics
  • OSI 7 Layer Model
  • TCP/IP - Internet Model
  • Network terminology
  • Common network protocols

What is Security?

  • Confidentiality
  • Integrity
  • Authentication
  • Non-repudiation
  • Availability
  • Access-Control
  • Business Issues

Risks and Vulnerabilities

  • Information disclosure
  • Information leakage
  • Integrity violation
  • Masquerading
  • Denial of service
  • Illegitimate use
  • Trojan Horses
  • Back Doors
  • Password Cracking
  • Buffer Overflows
  • Scanning and Sniffing
  • Spoofing
  • TCP/IP protocol attacks
  • Session Hijacking
  • Denial of Service
  • Others...
  • Social weaknesses
  • Physical weaknesses

Security Policies

  • Risk analysis
  • Security Policies
  • Who are you protecting?
  • What are you protecting?
  • Cost-benefit
  • Recovery
  • Ownership
  • Standards

Cryptography

  • Symmetric key cryptography
  • Public key cryptography
  • Hash functions and MAC

Digital Certificates and X.509

  • Digital certificates
  • X.509 certificates
  • Certificate authorities
  • PGP certificates

Physical Network Security

  • Cabling
  • IEEE802 networks
  • Wireless
  • Tempest

Datalink Security

  • ARP Poisoning
  • MAC addresses
  • VLANs
  • IEEE802.10 SILS

IP & Routing Security

  • IP Fragmentation
  • Spoofing & SYN Flooding
  • ICMP redirects
  • Source routing
  • Dynamic routing

Firewalls and NAT

  • Operation of TCP and UDP
  • Ports and Sockets
  • Firewall rules
  • Typical firewall settings
  • Stateful firewalls
  • Proxy Servers
  • Application layer firewalls
  • NAT

IPSec & VPNs

  • Cryptographic techniques
  • AH & ESP Headers
  • Transport and tunnel modes
  • Security associations
  • ISAKMP & IKE
  • Oakley
  • VPN Solutions

TLS and SSL

  • Secure Sockets Layer
  • Transport Layer Security

Name Service Security

  • The Domain Name System - DNS
  • TSIG & DNSSEC
  • WINS
  • LDAP

Securing Network Operating Systems

  • UNIX
  • Linux
  • Windows
  • Others

Network Application Security

  • Basic services
  • Berkley "r" commands
  • E-mail (SMTP)
  • POP/IMAP servers
  • Web-Servers
  • Other issues...

Keeping up to date

  • CERT

Network Management Security

  • SNMP & Security

Ethical Hacking

  • Auditing and testing
  • Password crackers
  • Scanners - nessus, nmap...
  • Sniffers - ethereal, supersniff...
  • War dialers - beep, ptools...
  • Wireless - Airsnort, Netstumbler...
  • Miscellaneous - brutus, nmap...

 


IPv6 Practical Work

During the course there will be a number of short demonstrations.

Demonstrations will be on the following operating systems (Windows and Linux)

The demonstrations include:

  • Basic TCP/IP Configuration
  • Subnetting
  • ARP
  • DHCP
  • Operation of TCP
  • DNS
  • Basic Networking Protocols, FTP, SMTP and HTTP
  • sic TCP/IP Configuration
  • Subnetting
  • ARP
  • DHCP
  • Operation of TCP
  • DNS
  • Basic Networking Protocols, FTP, SMTP and HTTP

 


Certifications

All Erion IPv6 courses are certified by the IPv6 Forum. Erion also has its own IPv6 certification programme.

Certified IPv6 Certification
Certified Course IPv6 Forum
Certified Security Course IPv6 Forum

 


The Lecturers

All our trainers are practising network consultants with extensive experience with network security.

 


Locations

Our courses are available world-wide as on-site courses and at our training venues as public courses.

Please contact us if you are looking for training in your area.

 

  • Aberdeen, Scotland, UK
  • Basingstoke, England, UK
  • Edinburgh, Scotland, UK
  • Glasgow, Scotland, UK
  • Inverness, Scotland, UK
  • Leeds, England, UK
  • London, England, UK
  • Manchester, England, UK
  • Sheffield, England, UK
  • Europe - various locations
  • Ljubljana, Slovenia
  • Malaysia - various locations
  • Boston, USA
  • San Francisco, USA
  • New York, USA
  • Washington DC, USA
  • USA - various locations