36 Courses about Network & Security delivered Live Online

Peering demystified training course description A concise overview course covering The Internet and peering. Particular emphasis is placed on the structure of the Internet, how IXs benefit the Internet, IX architectures, peering and the technical buzzwords behind the IX services. What will you learn Describe the structure of the Internet Explain the role of RIPE, ARIN and IXs in the Internet Explain how IXs connect ISPs and the benefits of using IXs. Describe peering from a technical perspective including the role of BGP and AS's. Peering demystified training course details Who will benefit: Non technical staff working for Internet companies. Prerequisites: None. Duration 1 day Peering demystified training course contents IP and routers IP as glue. What is a router? How routers join networks, benefits and disadvantages of routers, default gateways, routing tables, routing protocols. Addressing IP address format, rules of IP addressing, where to get IP addresses. Subnetting and groups of IP addresses. The Internet What is the Internet? The big picture, IP basics, registering IP addresses, DNS and registering domain names, whois, The IAB, IANA, ICANN, RIPE and other Internet organisations. ISPs Top ISPs, Tier 1, Tier 2 and Tier 3 ISPs, backbone providers, circuit providers, content providers, virtual ISPs, the internal network of ISPs. Customer connections to ISPs (DSL, Leased lines, MPLS…) ISP to ISP connections: Peering points Public peering versus private peering, NAPs, Internet Exchanges, Metropolitan Area Exchanges, LINX, other major peering points, the geography of the Internet. BGP and ASNs. How to peer. IRRs. IX architecture Ethernet switching.

Duration 2 Days 12 CPD hours This course is intended for This course is intended for network operators, network administrators, network engineers, network architects, security administrators, and security architects responsible for installation, setup, configuration, and administration of the BIG-IP AFM system. This course uses lectures and hands-on exercises to give participants real-time experience in setting up and configuring the BIG-IP Advanced Firewall Manager (AFM) system. Students are introduced to the AFM user interface, stepping through various options that demonstrate how AFM is configured to build a network firewall and to detect and protect against DoS (Denial of Service) attacks. Reporting and log facilities are also explained and used in the course labs. Further Firewall functionality and additional DoS facilities for DNS and SIP traffic are discussed. Module 1: Setting Up the BIG-IP System Introducing the BIG-IP System Initially Setting Up the BIG-IP System Archiving the BIG-IP System Configuration Leveraging F5 Support Resources and Tools Module 2: AFM Overview AFM Overview AFM Availability AFM and the BIG-IP Security Menu Packet Processing Rules and Direction Rules Contexts and Processing Inline Rule Editor Module 3: Network Firewall AFM Firewalls Contexts Modes Packet Processing Rules and Direction Rules Contexts and Processing Inline Rule Editor Configuring Network Firewall Network Firewall Rules and Policies Network Firewall Rule Creation Identifying Traffic by Region with Geolocation Identifying Redundant and Conflicting Rules Identifying Stale Rules Prebuilding Firewall Rules with Lists and Schedules Rule Lists Address Lists Port Lists Schedules Network Firewall Policies Policy Status and Management Other Rule Actions Redirecting Traffic with Send to Virtual Checking Rule Processing with Packet Tester Examining Connections with Flow Inspector Module 4: Logs Event Logs Logging Profiles Limiting Log Messages with Log Throttling Enabling Logging in Firewall Rules BIG-IP Logging Mechanisms Log Publisher Log Destination Filtering Logs with the Custom Search Facility Logging Global Rule Events Log Configuration Changes QKView and Log Files SNMP MIB SNMP Traps Module 5: IP Intelligence Overview Feature 1 Dynamic White and Black Lists Black List Categories Feed Lists IP Intelligence Policies IP Intelligence Log Profile IP Intelligence Reporting Troubleshooting IP Intelligence Lists Feature 2 IP Intelligence Database Licensing Installation Configuration Troubleshooting IP Intelligence iRule Module 6: DoS Protection Denial of Service and DoS Protection Overview Device DoS Protection Configuring Device DoS Protection Variant 1 DoS Vectors Variant 2 DoS Vectors Automatic Threshold Configuration Variant 3 DoS Vectors Device DoS Profiles DoS Protection Profile Dynamic Signatures Dynamic Signatures Configuration DoS iRules Module 7: Reports AFM Reporting Facilities Overview Examining the Status of Particular AFM Features Exporting the Data Managing the Reporting Settings Scheduling Reports Examining AFM Status at High Level Mini Reporting Windows (Widgets) Building Custom Widgets Deleting and Restoring Widgets Dashboards Module 8: DoS White Lists Bypassing DoS Checks with White Lists Configuring DoS White Lists tmsh options Per Profile Whitelist Address List Module 9: DoS Sweep Flood Protection Isolating Bad Clients with Sweep Flood Configuring Sweep Flood Module 10: IP Intelligence Shun Overview Manual Configuration Dynamic Configuration IP Intelligence Policy tmsh options Extending the Shun Feature Route this Traffic to Nowhere - Remotely Triggered Black Hole Route this Traffic for Further Processing - Scrubber Module 11: DNS Firewall Filtering DNS Traffic with DNS Firewall Configuring DNS Firewall DNS Query Types DNS Opcode Types Logging DNS Firewall Events Troubleshooting Module 12: DNS DoS Overview DNS DoS Configuring DNS DoS DoS Protection Profile Device DoS and DNS Module 13: SIP DoS Session Initiation Protocol (SIP) Transactions and Dialogs SIP DoS Configuration DoS Protection Profile Device DoS and SIP Module 14: Port Misuse Overview Port Misuse and Service Policies Building a Port Misuse Policy Attaching a Service Policy Creating a Log Profile Module 15: Network Firewall iRules Overview iRule Events Configuration When to use iRules More Information Module 16: Recap BIG-IP Architecture and Traffic Flow AFM Packet Processing Overview

Duration 3 Days 18 CPD hours This course is intended for Operators of Juniper Networks security solutions, including network engineers, administrators, support personnel, and resellers. Overview Identify high-level security challenges in today's networks. Identify products that are incorporated into the Juniper Connected Security solution. Explain the value of implementing security solutions. Explain how Juniper Connected Security solves the cyber security challenges of the future. Explain the SRX Series devices and the added capabilities that next-generation firewalls provide. Explain traffic flows through the SRX Series devices. List the different security objects and how to create them. Describe interface types and perform basic interface configuration tasks. Describe the initial configuration for an SRX Series device. Explain security zones. Describe screens and their use. Explain address objects. Describe services and their use. Describe the purpose for security policies on an SRX Series device. Describe zone-based policies. Describe global policies and their use. Explain unified security policies. Configure unified security policies with the J-Web user interface. Describe IDP signatures. Configure an IDP policy using predefined templates with the J-Web user interface. Describe the use and configuration of the integrated user firewall feature. Describe the UTM security services List the available UTM services on the SRX Series device. Configure UTM filtering on a security policy with the J-Web user interface. Explain Sky ATP's use in security. Describe how Sky ATP and SRX Series devices operate together in blocking threats. Describe NAT and why it is used. Explain source NAT and when to use it. Explain destination NAT and when to use it. Explain static NAT and its uses. Describe the operation and configuration the different types of NAT. Identify various types of VPNs. Describe IPsec VPNs and their functionality. Describe how IPsec VPNs are established. Describe IPsec traffic processing. Configure IPsec VPNs with the J-Web user interface. Describe and configure proxy IDs and traffic selectors with the J-Web user interface. Monitor IPsec VPNs with the J-Web user interface. Describe the J-Web monitoring features. Explain the J-Web reporting features. Describe the Sky Enterprise service and how it can save resources. Explain the functionality of Junos Space Security Director. This course is designed to provide students with the foundational knowledge required to work with SRX Series devices. This course will use the J-Web user interface to introduce students to the Junos operating system. Module 1: COURSE INTRODUCTION COURSE INTRODUCTION Module 2: Juniper Security Concept Security Challenges Security Design Overview Juniper Connected Security Module 3: Juniper Connected Security ? SRX Series Devices Connected Security Interfaces Initial Configuration LAB 1: Initial Configuration Module 4: Security Objects Security Zone Objects Security Screen Objects Security Address Objects Security Services Objects LAB 2: Creating Security Objects with J-Web Module 5: Security Policies Security Policy Overview Zone-Based Policies Global Security Policies Application Firewall with Unified Security Policies LAB 3: Creating Security Policies with J-Web Module 6: Security Services ? IDP and User Firewall IDP Security Services Integrated User Firewall LAB 4: Adding IDP and User Firewall Security Services to Security Policies Module 7: Security Services ? UTM Content Filtering Web Filtering Antivirus Antispam LAB 5: Adding UTM Security Services to Security Policies Module 8: Juniper Connected Security ? Sky AT Sky ATP Overview Blocking Threats Lab 6: Demonstrating Sky ATP Module 9: Network Address Translation NAT Overview Source NAT Destination NAT Static NAT Lab 7: Implementing Network Address Translation Module 10: IPsec VPN Concepts VPN Types Secure VPN Requirements IPsec Tunnel Establishment IPsec Traffic Processing Module 11: Site-to-Site VPNs IPsec Configuration IPsec Site-to-Site Tunne Lab 8: Implementing Site-to-Site IPsec VPNs Module 12: Monitoring and Reporting J-Web monitoring options J-Web Reporting options Lab 9: Using Monitoring and Reporting Appendix A: SRX Series Hardware Appendix D: Sky Enterprise Services Appendix B: Virtual SRX Appendix EJunos Space Security Director Appendix CCLI Prime

Duration 3 Days 18 CPD hours This course is intended for Security Engineers, Security Administrators, Security Operations Specialists, Security Analysts, Network Engineers, and Support Staff Overview The Palo Alto Networks Firewall 11.0: Troubleshooting course is three days of instructor-led training that will help you: Investigate networking issues using firewall tools including the CLI Follow proven troubleshooting methodologies specific to individual features Analyze advanced logs to resolve various real-life scenarios Solve advanced, scenario-based challenges Palo Alto Networks next-generation firewalls are architected to safely enable applications and prevent modern threats. Their approach identifies all network traffic based on applications, users, content and devices, and lets you express your business policies in the form of easy-to-understand security rules. Flexible deployment options and native integration with their next-generation security platform extend the policy enforcement and cyberthreat prevention to everywhere your users and data are located: in your network, on your endpoints and in the cloud. Course Outline Module 1 - Tools and Resources Module 2 - CLI Primer Module 3 - Flow Logic Module 4 - Packet Captures Module 5 - Packet-Diagnostics Logs Module 6 - Host-Inbound Traffic Module 7 - Transit Traffic Module 8 - System Services Module 9 - Certificate Management and SSL Decryption Module 10 - User-ID Module 11 - GlobalProtect Module 12 - Support Escalation and RMAs Module 13 - Next Steps

Duration 1 Days 6 CPD hours This course is intended for Security Engineers Network Engineers Support staff Overview This course is intended to provide an understanding of Palo Alto Networks Next-Generation firewall technologies enable the student to perform a basic installation of Palo Alto Networks Next-Generation firewalls. Upon completion of this course, students will be able to: Explain the features and advantages of the Palo Alto Networks next-generation firewall architecture Understand the capabilities of App-ID, Content-ID, and User-ID Perform the basic configuration of the firewall including: Interfaces and virtual routers NAT Policies Security zones Objects Security policies Content security profiles View logs and basic reports This course was formerly named Palo Alto Networks Foundations of Next Generation Firewalls (EDU-150). ** Our foundation classes are just introductory trainings, NOT a full technical training. Your network has expanded beyond your organization\'s boundaries. Cloud locations and remote users (often using personal devices) have \'distributed\' the surface you need to both enable and protect.At the same time, the motivations of attackers and their sophistication have continued to evolve.Palo Alto Networks' next-generation firewalls are all based on a consistent Single-Pass Architecture, enabling security capability that is unique in the industry. This architecture is implemented in a portfolio of both physical and virtual appliances, designed to cover a range of performance and use case requirements.Features and management are consistent across the portfolio. Integration with GlobalProtect? mobile security service extends policy-based security to mobile devices (whether on-premises or remote). Integration with our threat intelligence services keeps information up to date for the firewall (e.g., URL categories, threat signatures). WildFire? cloud-based malware analysis environment integration supports a rapid \'feedback loop\' that enables the firewall to stop advanced threats throughout the attack lifecycle. Course Outline Module 0: Introduction Module 1: Platforms & Architecture Module 2: Getting Started Module 3: Basic Administration Module 4: Connectivity Module 5: Security Module 6: Logging & Reporting Additional course details: Nexus Humans Palo Alto Networks : Strata Foundations training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the Palo Alto Networks : Strata Foundations course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 4 Days 24 CPD hours This course is intended for The primary audience for this course is as follows: Security administrators Security consultants Network administrators System engineers Technical support personnel Channel partners and resellers Overview Upon completing this course, the learner will be able to meet these overall objectives: Define the use and placement IDS/IPS components. Identify Snort features and requirements. Compile and install Snort. Define and use different modes of Snort. Install and utilize Snort supporting software. Securing Cisco Networks with Open Source Snort (SSFSNORT) v3.0 is a 4-day course that shows you how to deploy Snort© in small to enterprise-scale implementations. You will learn how to install, configure, and operate Snort in Intrusion Detection System (IDS) and Intrusion Prevention System (IPS) modes. You?ll practice installing and configuring Snort, utilize additional software tools and define rules to configure and improve the Snort environment, and more. The course qualifies for 32 Cisco Continuing Education credits (CE) towards recertification.This course will help you:Learning how to implement Snort, an open-source, rule-based, intrusion detection and prevention system. Gain leading-edge skills for high-demand responsibilities focused on security. Module 1: Detecting Intrusions with Snort 3.0 History of Snort IDS IPS IDS vs. IPS Examining Attack Vectors Application vs. Service Recognition Module 2: Sniffing the Network Protocol Analyzers Configuring Global Preferences Capture and Display Filters Capturing Packets Decrypting Secure Sockets Layer (SSL) Encrypted Packets Module 3: Architecting Nextgen Detection Snort 3.0 Design Modular Design Support Plug Holes with Plugins Process Packets Detect Interesting Traffic with Rules Output Data Module 4: Choosing a Snort Platform Provisioning and Placing Snort Installing Snort on Linux Module 5: Operating Snort 3.0 Start Snort Monitor the System for Intrusion Attempts Define Traffic to Monitor Log Intrusion Attempts Actions to Take When Snort Detects an Intrusion Attempt License Snort and Subscriptions Module 6: Examining Snort 3.0 Configuration Introducing Key Features Configure Sensors Lua Configuration Wizard Module 7: Managing Snort Pulled Pork Barnyard2 Elasticsearch, Logstash, and Kibana (ELK) Module 8: Analyzing Rule Syntax and Usage Anatomy of Snort Rules Understand Rule Headers Apply Rule Options Shared Object Rules Optimize Rules Analyze Statistics Module 9: Use Distributed Snort 3.0 Design a Distributed Snort System Sensor Placement Sensor Hardware Requirements Necessary Software Snort Configuration Monitor with Snort Module 10: Examining Lua Introduction to Lua Get Started with Lua