322 Courses about Network & Security in Cardiff delivered Live Online

BGP training course description A study of BGP for non engineers working in the Internet. The course starts with a review of the basics of routers and routing tables and then moves on to a simple overview of how BPG works with a focus on BGP metrics influencing the route traffic takes through the Internet. Hands on with routers follow the major sessions to reinforce the theory. Note these hands on sessions are more demonstrations by the trainer but some can be followed along and done by delegates (e.g. looking at Internet routing tables.) What will you learn Explain how routing tables influence Internet traffic. Describe how BGP works. Explain the methods BGP can use to influence Internet traffic. Use traceroute, peeringdb, route collectors and looking glasses to analyse traffic flows. Explain the difference between bi lateral and multilateral peering using a route server. BGP training course details Who will benefit: Non technical staff wishing to know more about BGP. Prerequisites: None. Duration 1 day BGP training course contents Networks, routers and routing tables What is a network, what is a router, routing tables, static routes, routing protocols. When an ISP uses static routes and when they use BGP. IP addresses, subnet masks, groups of IP addresses. IPv6. Hands on: Showing a full routing table. Seeing traceroute being used. Basic BGP What's BGP? BGP versus other routing protocols, ASs, AS numbers. RIPE database, peeringdb. Hands on: Finding AS numbers. Showing simple BGP configuration and routing tables in an EVENG example. How BGP works Simple walk through of BGP incremental updates and how routes change when links go down. Hands on: Showing packets and route changes when a link goes down/comes up. BGP path selection Transit, peering, routing policy and route filtering. Longest matching rule in routing tables, route selection order, Local preference, AS prepend, MEDs. Hands on: Seeing BGP influencing traffic. Looking at peering policies in RIPE and peeringdb. Route servers What are route servers? LINX route servers, route server policy control and communities, What are route collectors, Looking glasses. Hands on: Seeing the LINX route server details in peeringdb, using a looking glass.

Peering demystified training course description A concise overview course covering The Internet and peering. Particular emphasis is placed on the structure of the Internet, how IXs benefit the Internet, IX architectures, peering and the technical buzzwords behind the IX services. What will you learn Describe the structure of the Internet Explain the role of RIPE, ARIN and IXs in the Internet Explain how IXs connect ISPs and the benefits of using IXs. Describe peering from a technical perspective including the role of BGP and AS's. Peering demystified training course details Who will benefit: Non technical staff working for Internet companies. Prerequisites: None. Duration 1 day Peering demystified training course contents IP and routers IP as glue. What is a router? How routers join networks, benefits and disadvantages of routers, default gateways, routing tables, routing protocols. Addressing IP address format, rules of IP addressing, where to get IP addresses. Subnetting and groups of IP addresses. The Internet What is the Internet? The big picture, IP basics, registering IP addresses, DNS and registering domain names, whois, The IAB, IANA, ICANN, RIPE and other Internet organisations. ISPs Top ISPs, Tier 1, Tier 2 and Tier 3 ISPs, backbone providers, circuit providers, content providers, virtual ISPs, the internal network of ISPs. Customer connections to ISPs (DSL, Leased lines, MPLS…) ISP to ISP connections: Peering points Public peering versus private peering, NAPs, Internet Exchanges, Metropolitan Area Exchanges, LINX, other major peering points, the geography of the Internet. BGP and ASNs. How to peer. IRRs. IX architecture Ethernet switching.

IP demystified training course description A concise overview course covering TCP/IP with particular emphasis on the addressing and security issues of TCP/IP networks. What will you learn Describe TCP/IP. List the rules of IP addressing. Recognise the impact of the addressing rules on adds/moves and changes. Recognise the use of subnet masks. Explain how firewalls work. Recognise the role of DNS. IP demystified training course details Who will benefit: Anyone, although the course is particularly aimed at non-technical personnel needing some knowledge of TCP/IP. Prerequisites: Network fundamentals Duration 1 day IP demystified training course contents What is TCP/IP? What is IP? What is TCP? What is TCP/IP? Internetworking, protocols, services. The Internet, RFCs, comparison with OSI 7 layer model. Basic configuration IP addresses, subnet masks, default gateways, DHCP, ping. Addressing IP address format, rules of IP addressing, where to get IP addresses, private addresses, subnet masks, How subnet masks are used to determine network numbers. Ranges of addresses. NAT Private versus public IP addresses, NAT, NAPT. IPv6 What is IPv6, IPv6 usage, Why IPv6, 128bit IPv6 addresses, IPv6 migration, dual stack, tunnelling. Routing What is a router? how routers join networks, benefits and disadvantages of routers, default gateways, routing tables, routing protocols. Traceroute. Firewalls What is a firewall, firewall architectures, filtering, DMZ, Proxy servers, stateful packet inspection. DNS How hostnames are converted to IP addresses.

WANs training course description A concise overview course covering Wide Area Networks with particular emphasis on the WAN options available including the use of the Internet. What will you learn Choose and evaluate WAN technologies. Recognise the role of service providers. Describe the benefits of VPNs. Describe how the Internet can be used as a WAN. Describe the equipment needed to connect LANS to WANS. List the speeds of various WAN technologies. WANs training course details Who will benefit: Anyone, although the course is particularly aimed at non-technical personnel needing some knowledge of WANS. Prerequisites: Network fundamentals Duration 1 day WANs training course contents WANS WAN architecture, Common WAN terms, Core vs access, service providers, relationship with 7 layer model, WAN equipment, how to choose a WAN. Layer 1 Copper, phone lines, fibre, coaxial, satellite, wireless. Cabling to the building, CPE cabling, interfaces. Layer 2 Dial up vs. Dedicated vs. packet switched networks and when to use them. Packet switching vs. circuit switching. Point to point and point to multipoint. Dialup access technologies Modems, ISDN, BRI, PRI. Access with dedicated lines XDSL, leased lines. WAN services X.25, SMDS, Frame Relay, CIR, ATM, Internet, MANS, dark fibre and other services. Case study: Selecting WAN technologies. Service provider technologies MPLS, SDH, WDM, DWDM. Routers Network addressing, default gateways, routing tables, routing protocols. Internet architecture Service providers, ISPs, private peering, public peering, core WANs in the Internet. VPNs Private networks, public networks, What are VPNs?, benefits of VPNs, tunnelling, encryption, IPSec. Case study: Specifying WAN connectivity.

LAN training course description A concise overview course covering Local Area Networks with particular emphasis on the use of Ethernet and Wireless LANS. As well as explaining buzzwords we cover how the technology works at a simple level. After defining LANs the course moves onto Ethernet and switching also covering VLANs. WiFi is then covered, with coverage of 802.11 standards and frequencies along with integrating WiFi with Ethernet. The course then covers routers and their role in connecting networks and the course finishes with a comparison of Ethernet vs WiFi and when to use them. What will you learn Describe how Ethernet works (in simple terms) and when to use Ethernet. Explain the difference between a switch and a router. Describe how WiFi works (in simple terms). Describe the role of Access points. Evaluate wireless technologies and when to use them. List the speeds of various LAN technologies. LAN training course details Who will benefit: Sales staff, managers and other non technical staff. Prerequisites: None. Duration 1 day LAN training course contents LANS What is a LAN? LAN standards, LAN choices, choosing the media, copper, UTP, cat5e, fibre, RF, bandwidth speeds, link aggregation, Full/half duplex. Ethernet What is Ethernet? 802.3, parts of Ethernet, Ethernet evolution, MAC addresses, frames, broadcasts. Ethernet switches What are switches, switches versus hubs, how switches work, ways to configure switches, Loops, STP. VLANs What are VLANs? Why have VLANs, impact of VLANs, Tagging (aka trunking), 802.1Q Wireless LANS Type of wireless LAN, RF frequencies, 2.4GHz, 5GHz, others, interference, standards, 802.11 and variants, CSMA/CA. Wireless LANS NICs, Access points, integration with Ethernet, multiple access points, mesh networks, WiFi security. Interconnecting LANs Routers, connecting networks, interconnecting VLANs, IP addressing, Layer 3 switches. Summary WiFi vs Ethernet.

VoIP and IP Telephony training course description A concise overview course for management covering voice communications using IP networks. The course focuses on how VoIP works at a simplified level enabling delegates to recognise the key decisions to be made when implementing VoIP. What will you learn Describe the key buzzwords used in the VoIP arena. Explain how VoIP and IPT work (at a simplified level). Describe the issues of providing a converged architecture. Recognise the key decisions to be made when implementing VoIP VoIP and IP Telephony training course details Who will benefit: Anyone, although the course is particularly aimed at non-technical personnel needing some knowledge of VoIP. Prerequisites: Network fundamentals Duration 1 day VoIP and IP Telephony training course contents Introduction What is VoIP, brief review of IP, brief review of telephones, voice and signalling. VoIP issues Bandwidth, Delay, Jitter. Voice coding and compression, packetising voice, comparison of techniques, MOS.IP performance and QoS. The need for QoS, prioritising voice. Architectures Hard phones, soft phones, video phones, desktop, backbone, gateway, integrating analog phones and PCs, carriers, Softswitches. VoIP protocol stack RTP, RTCP. H.323 vs SIP, other signalling protocols. H.323 Architecture, Call setup, Gatekeepers. SIP Comparison with H.323, SIP proxy, proxy servers, redirect servers, location servers. MGCP and MegaCo Carrier networks, PSTN breakout, SS7 gateways, MGCP, Megaco. IP PBXs Integrating IP into 'normal' PBXs, IP PBXs, Asterisk. UM, other telephony applications.

Network automation training course description This course concentrates on the technical side of tools and languages for network DevOps rather than the soft skills. These tools include Python, Ansible, Git and NAPALM By the end of the course delegates should be able to recognise the tools that they can use to automate their networks and be able to use the knowledge gained to feel confident approaching network automation. What will you learn Describe network DevOps. Choose network automation tools. Explain the role of various network automation technologies including: Python Ansible Git NAPALM Network automation training course details Who will benefit: Those wishing to learn about the tools of network automation. Prerequisites: Introduction to data communications. Duration 1 day Network automation training course contents What is DevOps and network automation Programming and automating networks, networks and clouds, AWS, OpenStack, SDN, DevOps for network operations. Unit testing. Hype vs reality. Benefits and features. Network monitoring and troubleshooting Traditional methods, SNMP. Netflow and xflow. Traditional automation. Streaming telemetry. Event driven automation. gRPC, Protocol buffers. Configuration management Catch 22 and initial configuration. ZTP, POAP. Traditional automation. TFTP. Ansible vs the rest (chef, salt, puppet). Jinja2 and templating. How ansible works. Network programmability Programming languages. Linux, shell scripting. Python vs the rest. Off box vs on box automation. Python network libraries Sockets pysnmp, ncclient, paramiko, netmiko, pyez, NAPALM. APIs Proprietary APIs, CLI, NETCONF, RETCONF. YANG, XML, YAML, JSON. Other tools Git, GitHub, Jenkins, JIRA and others.

Networks demystified training course description A concise overview course covering all aspects of networking with particular emphasis of use of the 7 layer model as a framework for discussing and learning new network terms enabling delegates to recognise the main buzzwords used in the industry. What will you learn Use the 7 layer model to classify networking terms. Differentiate between LANS and WANS. Recognise bandwidth measurements. List LAN and WAN technologies. Recognise cabling issues in a network. Networks demystified training course details Who will benefit: Sales staff, managers and other non-technical personnel. Technical personnel may benefit more from our Intro to data communications and networking course. Prerequisites: None. Duration 1 day Networks demystified training course contents What are networks? What is a network? Types of network, Local Area Networks (LANs), Wide Area Networks (WANs), connecting networks together with routers. The 7 layer model What is the 7 layer model? The importance of standards, using the 7 layer model to classify networking terms. Cables Copper, Fibre, Air, standards, connectors, LAN cables, WAN cables, distance limitations, hubs and repeaters, other issues. The radio spectrum. Bandwidth Bits and bytes. Bandwidth measurements, common technologies and their bandwidth, the impact of applications on bandwidth. Full and half duplex. Joining cables together to increase bandwidth (Link aggregation). LANs and WANs What is Ethernet? What is WiFi? What are Leased lines? What is MPLS? Ethernet switches Ethernet 'packets', MAC addresses, what is a switch, what is the difference between a hub and a switch. TCP/IP What is TCP/IP? What is a protocol? What is IP? What is TCP? The role of routers in joining LANS and WANS, What is the Internet? Applications Ways to use the network, clients, servers, web browsing and HTTP, Email, instant messaging, multimedia applications.

Duration 3 Days 18 CPD hours This course is intended for Experienced system administrators and network administrators Overview By the end of the course, you should be able to meet the following objectives: Describe the NSX Advanced Load Balancer architecture, components, and main functions Explain the key features and benefits of NSX Advanced Load Balancer Explain and configure local load-balancing constructs such as virtual services, pools, health monitors, and related components Recognize web application breaches and threats Recognize multiple attack vectors such as web scraping, Layer 7 Denial of Service, brute force, and code injections Explain the components of NSX Advanced Load Balancer WAF that build a security pipeline to protect a web application from being attacked Describe how to configure the NSX Advanced Load Balancer WAF components Describe an NSX Advanced Load Balancer WAF operational task such as setting up an application with WAF, tuning the WAF Policy, and working with logs and analytics Explain the NSX Advanced Load Balancer WAF best practices for on-boarding a web application; configuring WAF settings for effective application security Explain how to size the NSX Advanced Load Balancer WAF data plane Explain the WAF Application learning feature, configuration of Application learning, Virtual Patching concepts, common caveats, and troubleshooting while deploying in any environment Recognize NSX Advanced Load Balancer Cloud Services that include threat Intelligence services Describe the Threat Intelligence service provided by NSX Advanced Load Balancer WAF and how the NSX Advanced Load Balancer WAF Threat Intelligence service receives live security threat feed for multiple attack vectors from Cloud Services (formerly Avi Pulse) Describe the NSX Advanced Load Balancer DataScript capabilities for detecting and defending against advance and zero-day attacks. Discuss the relevant NSX Advanced Load Balancer WAF logs and perform basic troubleshooting of applications that are protected by NSX Advanced Load Balancer WAF Explain the NSX Advanced Load Balancer WAF capability to protect Personally Identifiable Information (PII) This three-day course provides comprehensive training to install, configure, and manage a VMware NSX Advanced Load Balancer Web Application Firewall (WAF) solution. This course covers key NSX Advanced Load Balancer WAF features and functionality offered in the NSX Advanced Load Balancer 22.1.3 release for web security and application attack protection. Features include security pipeline, application learning, policy tuning, false positive mitigation, virtual patching, threat intelligence, troubleshooting, logs, analytics, and solution monitoring. Hands-on labs provide access to an NSX Advanced Load Balancer environment to reinforce the skills and concepts presented in the course. Course Introduction Introduction and course logistics Course objectives Introduction to NSX Advanced Load Balancer Illustrate NSX Advanced Load Balancer Explain NSX Advanced Load Balancer architecture and components Describe control plane clustering and high availability Describe data plane high availability mode Understand the common terminologies used with NSX Advanced Load Balancer Explain the NSX Advanced Load Balancer service elements Explain virtual service components and how to configure a virtual service Explain application profiles and network profiles Explain the pool configuration options and how to configure a pool Explain the available load-balancing algorithms Explain and configure SSL profiles and certificates Explain cloud connectors and cloud connector integration modes Explain multiple health monitor types Understand client logs Introduction to Application Security Understand web application security breaches and the implication of breaches Explain common terminologies related to Web Application Security Understand the different teams involved to secure applications Attacking Web Applications Understand the various web application security testing methodologies Understand the OWASP Top 10 vulnerabilities Understand the tools to generate a web application attack Describe a few types of web application attacks Types of Transport Understand different web traffic transport modes Describe web traffic and API traffic NSX Advanced Load Balancer WAF Components Understand the core design principles of NSX Advanced Load Balancer WAF Describe the NSX Advanced Load Balancer WAF components that build the WAF security pipeline Understand the NSX Advanced Load Balancer WAF configuration objects NSX Advanced Load Balancer WAF Operations Examine how to set up an application with WAF Describe considerations for the WAF policy Work with WAF logs and analytics Describe WAF policy tuning Describe the options available to remediate false positive mitigation NSX Advanced Load Balancer WAF Best Practices Describe technical and application considerations for onboarding an application front ended by WAF Describe best practices to remediate false positive mitigation. Describe how to manage a response from a back-end application server and client upload to the application server Describe the consideration for setting the rigidity of a WAF signature rule set Describe the options available to identify client traffic NSX Advanced Load Balancer WAF Sizing Understand how to do WAF data plane sizing in Greenfield and Brownfield deployments NSX Advanced Load Balancer WAF Custom Rules Understand WAF custom rules Describe the need and recommendation for custom rules Describe ModSecurity rules Understand the ModSecurity rule structure and explain how to construct the rule Analyze a sample custom rule for the use-case scenario for in-depth understanding of a custom rule NSX Advanced Load Balancer WAF Application Learning Understand the significance of Application Learning Explain the Positive Security Model architecture Describe the WAF multifaceted Application Learning technique to build an application model for creating positive security rules Describe how to view the data that is learned by the Application learning module Describe the WAF Virtual Patching technique to construct a WAF policy from Dynamic Application Security Testing (DAST) scanner results Understand the conditions for sharing WAF Learning Data and PSM Group in WAF Policy. Malware Protection Through ICAP in NSX Advanced Load Balancer Understand Malicious File Upload Protection and ICAP workflow Describe ICAP configuration and log analytics NSX Advanced Load Balancer IP Reputation Understand IP Reputation concepts and their integration with NSX Advanced Load Balancer Describe IP Reputation configuration, log analytics, and troubleshooting DataScript for Application Security Describe DataScript events and reference Describe application security using DataScript Explain how to troubleshoot DataScript issues Rate Limiting and DOS Describe and configure the NSX Advanced Load Balancer rate limiter technique Describe protection from denial of service (DoS) attacks and distributed DoS (DDoS) attacks in NSX Advanced Load Balancer Explain the Service Engine general advice and guidance for DDOS Bot Management Understand Bots Describe the Bot Management mechanism in NSX Advanced Load Balancer Describe how to configure NSX Advanced Load Balancer Bot Management Managing Personally Identifiable Information in NSX Advanced Load Balancer Understand Personally Identifiable Information (PII) Understand the scope of managing PII in NSX Advanced Load Balancer Describe how to configure the hidden PII in NSX Advanced Load Balancer logs using profiles and WAF rules. Threat Intelligence Introduce the Threat Intelligence service Describe the Threat Intelligence live security threat feed for multiple attack vectors Describe how to configure Threat Intelligence in NSX Advanced Load Balancer Application Programming Interface Security Define Application Programming Interface (API) Security Understand API authentication and authorization using virtual service authentication mechanisms used for a virtual service such as LDAP, SAML, JSON Web Token, and OAUTH Understand API Rate Limiting in NSX Advanced Load Balancer Understand the NSX Advanced Load Balancer WAF Protection for API Additional course details:Notes Delivery by TDSynex, Exit Certified and New Horizons an VMware Authorised Training Centre (VATC) Nexus Humans VMware NSX Advanced Load Balancer: Web Application Firewall Security [V22.x] training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the VMware NSX Advanced Load Balancer: Web Application Firewall Security [V22.x] course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 2 Days 12 CPD hours This course is intended for This course is intended for network operators, network administrators, network engineers, network architects, security administrators, and security architects responsible for installation, setup, configuration, and administration of the BIG-IP AFM system. This course uses lectures and hands-on exercises to give participants real-time experience in setting up and configuring the BIG-IP Advanced Firewall Manager (AFM) system. Students are introduced to the AFM user interface, stepping through various options that demonstrate how AFM is configured to build a network firewall and to detect and protect against DoS (Denial of Service) attacks. Reporting and log facilities are also explained and used in the course labs. Further Firewall functionality and additional DoS facilities for DNS and SIP traffic are discussed. Module 1: Setting Up the BIG-IP System Introducing the BIG-IP System Initially Setting Up the BIG-IP System Archiving the BIG-IP System Configuration Leveraging F5 Support Resources and Tools Module 2: AFM Overview AFM Overview AFM Availability AFM and the BIG-IP Security Menu Packet Processing Rules and Direction Rules Contexts and Processing Inline Rule Editor Module 3: Network Firewall AFM Firewalls Contexts Modes Packet Processing Rules and Direction Rules Contexts and Processing Inline Rule Editor Configuring Network Firewall Network Firewall Rules and Policies Network Firewall Rule Creation Identifying Traffic by Region with Geolocation Identifying Redundant and Conflicting Rules Identifying Stale Rules Prebuilding Firewall Rules with Lists and Schedules Rule Lists Address Lists Port Lists Schedules Network Firewall Policies Policy Status and Management Other Rule Actions Redirecting Traffic with Send to Virtual Checking Rule Processing with Packet Tester Examining Connections with Flow Inspector Module 4: Logs Event Logs Logging Profiles Limiting Log Messages with Log Throttling Enabling Logging in Firewall Rules BIG-IP Logging Mechanisms Log Publisher Log Destination Filtering Logs with the Custom Search Facility Logging Global Rule Events Log Configuration Changes QKView and Log Files SNMP MIB SNMP Traps Module 5: IP Intelligence Overview Feature 1 Dynamic White and Black Lists Black List Categories Feed Lists IP Intelligence Policies IP Intelligence Log Profile IP Intelligence Reporting Troubleshooting IP Intelligence Lists Feature 2 IP Intelligence Database Licensing Installation Configuration Troubleshooting IP Intelligence iRule Module 6: DoS Protection Denial of Service and DoS Protection Overview Device DoS Protection Configuring Device DoS Protection Variant 1 DoS Vectors Variant 2 DoS Vectors Automatic Threshold Configuration Variant 3 DoS Vectors Device DoS Profiles DoS Protection Profile Dynamic Signatures Dynamic Signatures Configuration DoS iRules Module 7: Reports AFM Reporting Facilities Overview Examining the Status of Particular AFM Features Exporting the Data Managing the Reporting Settings Scheduling Reports Examining AFM Status at High Level Mini Reporting Windows (Widgets) Building Custom Widgets Deleting and Restoring Widgets Dashboards Module 8: DoS White Lists Bypassing DoS Checks with White Lists Configuring DoS White Lists tmsh options Per Profile Whitelist Address List Module 9: DoS Sweep Flood Protection Isolating Bad Clients with Sweep Flood Configuring Sweep Flood Module 10: IP Intelligence Shun Overview Manual Configuration Dynamic Configuration IP Intelligence Policy tmsh options Extending the Shun Feature Route this Traffic to Nowhere - Remotely Triggered Black Hole Route this Traffic for Further Processing - Scrubber Module 11: DNS Firewall Filtering DNS Traffic with DNS Firewall Configuring DNS Firewall DNS Query Types DNS Opcode Types Logging DNS Firewall Events Troubleshooting Module 12: DNS DoS Overview DNS DoS Configuring DNS DoS DoS Protection Profile Device DoS and DNS Module 13: SIP DoS Session Initiation Protocol (SIP) Transactions and Dialogs SIP DoS Configuration DoS Protection Profile Device DoS and SIP Module 14: Port Misuse Overview Port Misuse and Service Policies Building a Port Misuse Policy Attaching a Service Policy Creating a Log Profile Module 15: Network Firewall iRules Overview iRule Events Configuration When to use iRules More Information Module 16: Recap BIG-IP Architecture and Traffic Flow AFM Packet Processing Overview