• Professional Development
  • Medicine & Nursing
  • Arts & Crafts
  • Health & Wellbeing
  • Personal Development

172 Architecture courses in Bristol

Supporting Microsoft IIS

5.0(3)

By Systems & Network Training

Supporting Microsoft IIS training course description This course provides students with the fundamental knowledge and skills to configure and manage Internet Information Services. This course is intended to help provide pre-requisite skills supporting a broad range of Internet web applications, security, and knowledge to help support other products that use IIS such as Exchange and SharePoint. What will you learn Install IIS. Configure IIS. Secure websites. Maintain IIS. Supporting Microsoft IIS training course details Who will benefit: Technical staff working with Microsoft IIS. Prerequisites: TCP/IP foundation for engineerss Supporting Windows ( XP or 2000 or 2003) Duration 5 days Supporting Microsoft IIS course contents Overview and Installing IIS Web Server infrastructure, installing IIS. Hands on Default install of IIS, verify and test.. Configuring the default website Default website, IIS Manager, default IIS file structure, configuring DNS records for a website, creating virtual directories and Applications. Hands on Configuring the Default website for public access. Creating Virtual Directories and Applications. Application Pools Application Pool Architecture, Application Pool recycling. Hands on Creating and managing Application Pools. Creating additional websites Multiple websites on a single server, website bindings. Hands on Creating new websites. Website and Web application support Configuring Common features, adding support for web applications. Hands on Adding support for web applications. Securing Websites and applications Access control, sites, applications, authentication and permissions. URL authorization rules. Hands on Configuring Authentication and permissions. Securing Data Transmissions with SSL Certificates and SSL, creating certificates for a web server, adding a certificate to a website. Hands on Certificates and HTTPS. Using the Central Certificate Store The Central Certificate Store. Hands on Install and configure the Central Certificate Store. Configuring Remote Administration Installing and Configuring the Management Service. Connecting to remote web servers and websites. Delegating Management Access. Hands on Remote administration. Implementing FTP Implementing FTP, configuring an FTP site. Hands on Install and configure a secured FTP site. Monitoring IIS IMonitoring IIS logs with Log Parser. Hands on Analyze a set of IIS log files for possible issues using Log Parser. Analyze performance data for performance related problems using PerfMon. Backing up and Restoring IIS The IIS environment. Hands on Performing a backup and restore of a website. Building Load-Balanced Web Farms Load-balancing mechanisms, building a Load-Balanced Web Farm using ARR, sharing content to a Web Farm using a network share, Sharing content to a Web Farm using DFS-R, Sharing IIS Configurations in a Web Farm. Hands on Installing and configuring ARR, sharing content to a Web Farm using network share and DFS-R, sharing IIS Configurations in a Web Farm.

Supporting Microsoft IIS
Delivered in Internationally or OnlineFlexible Dates
£3,697

Peering demystified

5.0(3)

By Systems & Network Training

Peering demystified training course description A concise overview course covering The Internet and peering. Particular emphasis is placed on the structure of the Internet, how IXs benefit the Internet, IX architectures, peering and the technical buzzwords behind the IX services. What will you learn Describe the structure of the Internet Explain the role of RIPE, ARIN and IXs in the Internet Explain how IXs connect ISPs and the benefits of using IXs. Describe peering from a technical perspective including the role of BGP and AS's. Peering demystified training course details Who will benefit: Non technical staff working for Internet companies. Prerequisites: None. Duration 1 day Peering demystified training course contents IP and routers IP as glue. What is a router? How routers join networks, benefits and disadvantages of routers, default gateways, routing tables, routing protocols. Addressing IP address format, rules of IP addressing, where to get IP addresses. Subnetting and groups of IP addresses. The Internet What is the Internet? The big picture, IP basics, registering IP addresses, DNS and registering domain names, whois, The IAB, IANA, ICANN, RIPE and other Internet organisations. ISPs Top ISPs, Tier 1, Tier 2 and Tier 3 ISPs, backbone providers, circuit providers, content providers, virtual ISPs, the internal network of ISPs. Customer connections to ISPs (DSL, Leased lines, MPLS…) ISP to ISP connections: Peering points Public peering versus private peering, NAPs, Internet Exchanges, Metropolitan Area Exchanges, LINX, other major peering points, the geography of the Internet. BGP and ASNs. How to peer. IRRs. IX architecture Ethernet switching.

Peering demystified
Delivered in Internationally or OnlineFlexible Dates
£797

Transmission demystified

5.0(3)

By Systems & Network Training

Transmission demystified training course description Transmission is the process of sending information along a medium of, copper, fibre or wireless. This course looks at transmission techniques for both telecommunications and data communications with a particular focus on Microwave, SDH, DWDM transmission. The course aims to demystify these technologies by explaining all the buzzwords used in transmission. What will you learn Describe various transmission technologies such as multiplexing and demultiplexing. Explain how Microwave works. Explain how SDH works. Explain how DWDM works. Transmission demystified training course details Who will benefit: Anyone working in telecommunications. Prerequisites: None. Duration 2 days Transmission demystified training course contents Transmission basics Systems, media, signals. Signal degradation, noise, distortion, attenuation. Digital, analogue. Modulation, encoding. RF Frequency, wavelength. Distance / range issues, interference, Antenna, power, dB, RF propagation, testing. Microwave transmission What is microwave transmission, point to point communications, line of sight, parabolic antenna, relays, planning considerations, rain and other issues Wired transmissions Copper, Fibre, optical transmission, fibre characteristics, fibre component parts. Multi Mode Fibre (MMF). Single Mode Fibre (SMF). Fibre connections. Lasers. Attenuations, dispersion, optical signal noise ratios (OSNR) and their effects. Channel Spacing and Signal Direction. Limiting factors to single wavelength. Introduction to SDH Timing and synchronisation of digital signals, the plesiochronous digital hierarchy (PDH), the synchronous digital hierarchy (SDH), service protection with SDH. TDM. SDH6 Standards, basic units, frames, STM1 frame, bit rates, STM0, STM1, STM4, STM16, STM64, STM256, SDH architecture, rings, Add drop multiplexors. SDH network topologies, structure of SDH equipment, SDH synchronisation, protection switching in SDH networks, SDH alarm structure, testing of SDH, equipment and systems, Ethernet over SDH. WDM overview Multiplexing, TDM, WDM benefits. WDM standards. CWDM vs. DWDM. Four Wave Mixing (FWM). Impact and countermeasures to FWM on WDM.tructure of SDH equipment, SDH synchronisation, protection switching in SDH networks, SDH alarm structure, testing of SDH, equipment and systems, Ethernet over SDH. DWDM ITU G.694.1, channel and spacing. Optical Terminal Multiplexers (OTM). Optical Add/Drop Multiplexers (OADM). Adding versus dropping. Optical Amplifiers. Erbium Doped Fibre Amplifiers (EDFA). Transponders and Combiners. Optical and Electrical Cross Connects (OXCs/DXCs). Cross Connect types (Transparent/Opaque). Advantages and disadvantages of various Optical cross connects. IP transmission Telecommunications versus data communications, IP transmission, VoIP, MPLS.

Transmission demystified
Delivered in Internationally or OnlineFlexible Dates
£1,727

DevOps for networking engineers

5.0(3)

By Systems & Network Training

Network DevOps course description This course is not a soft skills course covering the concepts of DevOps but instead concentrates on the technical side of tools and languages for network DevOps. Particular technologies focussed on are ansible, git and Python enabling delegates to leave the course ready to starting automating their network. Hands on sessions follow all major sections. More detailed courses on individual aspects of this course are available. What will you learn Evaluate network automation tools. Automate tasks with ansible. Use git for version control. Use Python to manage network devices. Use Python libraries for network devices. Network DevOps course details Who will benefit: Administrators automating tasks. Prerequisites: TCP/IP Foundation Duration 5 days Network DevOps course contents What is DevOps Programming and automating networks, networks and clouds, AWS, OpenStack, SDN, DevOps for network operations. Initial configuration Configuring SSH, ZTP, POAP. Hands on Initial lab configuration. Getting started with ansible The language, the engine, the framework. Uses of ansible, orchestration. The architecture, Controlling machines, nodes, Agentless, SSH, modules. Configuration management, inventories, playbooks, modules, roles. Hands on Installing ansible, running ad hoc commands. Ansible playbooks ansible-playbook, YAML, plays, tasks, handlers, modules. Playbook variables. Register module, debug module. Hands on Running playbooks. Ansible Inventories /etc/ansible/hosts, hosts, groups, static inventories, dynamic inventories. Inventory variables, external variables. Limiting hosts. Hands on Static inventories, variables in inventory files. Ansible modules for networking Built in modules, custom modules, return values. Core modules for network operations. Cisco and/or Juniper modules. ansible_connection. Ansible 2.6 CLI. Hands on Using modules. Ansible templating and roles aConfiguration management, full configurations, partial configurations. The template module, the assemble module, connection: local, Jinja2 templates, variables, if, for, roles. Hands on Generating multiple configurations from a template. Network programming and modules Why use Python? Why use ansible? alternatives, ansible tower, Linux network devices. Programming with Python Python programming Functions. Classes, objects and instances, modules, libraries, packages. Python strings, Python file handling, pip list, pip instal. Hands on Python programming with pyping. More Python programming Functions. Classes, objects and instances, modules, libraries, packages. Python strings, Python file handling, pip list, pip install. Hands on Python programming with pyping. Git Distributed version control, repositories, Git and GitHub, Alternatives to GitHub, Installing git, git workflows, creating repositories, adding and editing files, branching and merging, merge conflicts. Hands on working with Git. Python and networking APIs, Sockets, Telnetlib, pysnmp, ncclient, ciscoconfparse. Paramiko SSH and Netmiko Integrating Python and network devices using SSH. Netmiko, Netmiko methods. Hands on Netmiko. NAPALM What is NAPALM, NAPALM operations, getters, Replace, merge, compare, commit, discard. Hands on Configuration with NAPALM. Integrating ansible and NAPALM. Python and REST REST APIs, enabling the REST API. Accessing the REST API with a browser, cURL, Python and REST, the request library. Hands on Using a REST API with network devices.

DevOps for networking engineers
Delivered in Internationally or OnlineFlexible Dates
£3,697

CWISA Wireless IoT Solutions Administrator

5.0(3)

By Systems & Network Training

CWISA training course description This CWISA course covers wireless technologies with reference to IoT. It examines from an IoT perspective how wireless works, and is an excellent introduction to IoT for the wireless engineer. Topics range from wireless technologies, RF, to mobile networks, IoT, and security. What will you learn Describe wireless networking and IoT technologies. Explain basic RF communications. Plan wireless solutions. Describe how to implement wireless solutions. Use best practices in implementing wireless solutions. CWISA training course details Who will benefit: Anyone working with IoT technologies. Prerequisites: RF fundamentals. Duration 4 days CWISA training course contents Introduction to wireless technologies History of wireless, radio waves and frequencies, wireless technologies and related components, common components of wireless solutions, LAN networking requirements, Network security, Implementing wireless solutions, staging, documentation, security updates, Industry organizations, IEEE, compatibility and certification groups. Wireless network use cases Wireless BANs, Wireless PANs, Wireless LANs, Wireless MANs, Wireless WANs, Wireless sensor networks, New network driver-Internet of Things, IoT for industry (IIoT), IoT for connected vehicles, Residential environments, Retail, Education (K12), Higher education, Agriculture, Smart cities / Public access, Health care, Office buildings, Hospitality, Industry, Stadiums, arenas, and large public venues. Planning wireless solutions Identifying use cases and applications, common wireless requirements and constraints, performing a wireless system design, selecting and evaluating design parameters. RF communications RF wave characteristics, RF propagation behaviours, RF signal metrics, fundamentals of wireless modulation. other wireless carriers, common frequency bands. Radio frequency hardware Hardware levels, basic RF hardware components (circuit board level), RF link types (use category). RF device types. Mobile communications networks Mobile networks, LTE, 5G, Use cases. Short-range, low-rate, and low-power networks RF and speed, RF and range, RF and power, 802.11, 802.15.4, Bluetooth, LoRa (Long range) / LoRaWAN, ZigBee, 6LoWPAN, NB-IoT and LTE-M. Wireless sensor networks What is a Wireless Sensor Network (WSN)? WSN applications, Sensors and actuators, WSN architectures, Planning a WSN. Internet of Things (IoT) Internet of Things (IoT) defined, IoT history and its definition revisited, one more comment on the definition of IoT, IoT verticals, Oil & Gas, IoT structure/ architecture basics, IoT connected objects. Securing wireless networks Confidentiality, integrity and availability, Privacy, non-repudiation, authenticity & safety, Importance of authentication in wireless networks, Key cryptographic technologies & concepts, Authentication methods, Authorisation, OAuth 2.0 authorisation framework, monitoring. Troubleshooting wireless solutions Proper solutions design, designing and implementing wireless solutions, basic installation procedures, general configuration considerations, troubleshooting and remediation, troubleshoot common problems in wireless solutions. Programming, scripting and automation What is an API? categories of APIs, common API communication methods, choosing a language, why are we integrating systems? Application & integration architectures. Data structures & types, XML, YAML, API types.

CWISA Wireless IoT Solutions Administrator
Delivered in Internationally or OnlineFlexible Dates
£2,797

Essential EVPN

5.0(3)

By Systems & Network Training

Essential EVPN training course description Ethernet VPN (E-VPN) and Provider Backbone Bridging E-VPN (PBB-EVPN) are emerging technologies providing Ethernet services over MPLS. This course studies the technologies in E-VPN/PBB-EVPN providing multi-homing, multi pathing, auto discovery, multicast, forwarding and fast convergence. What will you learn Differentiate between E-VPN and PBB-EVPN. Explain how E-VPN operates. Explain how PBB-EVPN operates. Explain how E-VPN provides: Multi homing Multi pathing Auto discovery. Essential EVPN training course details Who will benefit: Network engineers. Staff working for carriers. Prerequisites: Definitive Ethernet switching for engineers Concise MPLS for engineers Duration 2 days Essential EVPN training course contents Introduction to EVPN Network virtualization What Is network virtualization? types of virtual networks, network tunnelling, the consequences of tunnelling, packet load balancing, network interface card behaviour. maximum transmission unit, lack of visibility, VXLAN, protocols to implement the control plane, support for network virtualization technologies, merchant silicon Software, standards. The building blocks of Ethernet VPN A brief history of EVPN, architecture and protocols for traditional EVPN deployment, EVPN in the data center BGP constructs for Virtual networks, address family indicator/subsequent address family indicator, route distinguisher, route target, RD, RT, and BGP processing, route types, modifications to support EVPN over eBGP, keeping the NEXT HOP unmodified, retaining route targets, FRR support for EVPN, automatic propagation of NEXT HOP, RT/RD derivation, what Is not supported in FRR. Bridging with Ethernet VPN An overview of traditional bridging, overview of bridging with EVPN, what Ifs, why does NVE L3 get an advertisement for MACA? handling BUM packets, handling MAC moves, support for dual-attached hosts, the host-switch Interconnect, VXLAN model for dual-attached hosts, switch peering solutions, handling Link failures, duplicate multi-destination frames, ARP/ND suppression. Routing with Ethernet VPN The case for routing in EVPN, routing use cases in the data center, routing models, where is the routing performed? centralized routing, distributed routing, how routing works in EVPN, asymmetric routing, symmetric routing, VRFs in EVPN routing, summarized route announcements, BGP support for EVPN routing, comparing asymmetric and symmetric models, vendor support for EVPN routing. Configuring and administering Ethernet VPN The sample topology, configuration cases, configuring the MTU, the end first: complete FRR configurations, the Invariants: configuration for the spines, firewall, and servers, centralized routing, asymmetric distributed routing, symmetric routing, dissecting the configuration, configuring the underlay, configuring the overlay: FRR configuring the overlay: interfaces, examining an EVPN network, show running configuration, show BGP summary, show EVPN VNIs and VTEPs, identify which VTEP advertised a MAC address, comparing FRR and Cisco EVPN configurations, considerations for deploying EVPN in large networks.

Essential EVPN
Delivered in Internationally or OnlineFlexible Dates
£2,477

Network automation for engineers

5.0(3)

By Systems & Network Training

Network automation course description This course is not a soft skills course covering the concepts of DevOps but instead concentrates on the technical side of tools and languages for network DevOps. Particular technologies focussed on are ansible, git and Python enabling delegates to leave the course ready to starting automating their network. Hands on sessions follow all major sections. More detailed courses on individual aspects of this course are available. What will you learn Evaluate network automation tools. Automate tasks with ansible. Use git for version control. Use Python to manage network devices. Use Python libraries for network devices. Network automation course details Who will benefit: Network engineers. Prerequisites: TCP/IP foundation for engineers. Duration 5 days Network automation course contents What is DevOps Programming and automating networks, networks and clouds, AWS, OpenStack, SDN, DevOps for network operations. Initial configuration Configuring SSH, ZTP, POAP. Hands on Initial lab configuration. Getting started with ansible The language, the engine, the framework. Uses of ansible, orchestration. The architecture, Controlling machines, nodes, Agentless, SSH, modules. Configuration management, inventories, playbooks, modules, roles. Hands on Installing ansible, running ad hoc commands. Ansible playbooks ansible-playbook, YAML, plays, tasks, handlers, modules. Playbook variables. Register module, debug module. Hands on Running playbooks. Ansible Inventories /etc/ansible/hosts, hosts, groups, static inventories, dynamic inventories. Inventory variables, external variables. Limiting hosts. Hands on Static inventories, variables in inventory files. Ansible modules for networking Built in modules, custom modules, return values. Core modules for network operations. Cisco and/ or Juniper modules. ansible_connection. Ansible 2.6 CLI. Hands on Using modules. Ansible templating and roles Configuration management, full configurations, partial configurations. The template module, the assemble module, connection: local, Jinja2 templates, variables, if, for, roles. Hands on Generating multiple configurations from a template. Network programming and modules Why use Python? Why use ansible? alternatives, ansible tower, Linux network devices. Programming with Python Scripting versus application development, Python interactive mode, Python scripts, Python 2.7 vs Python 3. A simple Python script. Variables, loops, control statements, operators. PEP style guide. Python IDEs. Hands on Simple Python programs. More Python programming Functions. Classes, objects and instances, modules, libraries, packages. Python strings, Python file handling, pip list, pip install, Hands on Python programming with pyping. Git Distributed version control, repositories, Git and GitHub, Alternatives to GitHub, Installing git, git workflows, creating repositories, adding and editing files, branching and merging, merge conflicts. Hands on working with Git. Python and networking APIs, Sockets, Telnetlib, pysnmp, ncclient, ciscoconfparse. Paramiko SSH and Netmiko Integrating Python and network devices using SSH. Netmiko, Netmiko methods. Hands on Netmiko. PyEZ Juniper, NETCONF, installing PyEZ, a first pyEZ script, pyEZ configuration management. Hands on Juniper configuration management with pyEZ. NAPALM What is NAPALM, NAPALM operations, getters, Replace, merge, compare, commit, discard. Hands on Configuration with NAPALM. Integrating ansible and NAPALM. Python and REST REST APIs, enabling the REST API. Accessing the REST API with a browser, cURL, Python and REST, the request library. Hands on Using a REST API with network devices.

Network automation for engineers
Delivered in Internationally or OnlineFlexible Dates
£3,697

Introduction to the Junos Operating System

5.0(3)

By Systems & Network Training

Junos Operating System training course description This course provides students with the foundational knowledge required to work with the Junos OS and to configure Junos devices. The course provides a brief overview of the Junos device families and discusses the key architectural components of the software. The course then delves into foundational routing knowledge and configuration examples including general routing concepts, routing policy, and firewall filters. Delegates will gain experience in configuring and monitoring the Junos OS and monitoring basic device operations. This course is based on Junos OS Release 15.1X49. What will you learn Describe the design architecture of the Junos OS. Navigate within the Junos CLI and perform tasks within the CLI operational and configuration modes. Configure and monitor network interfaces. Navigate within the Junos J-Web interface. Identify where you might use firewall filters. Explain basic routing operations and concepts. Identify key factors in Juniper Networks' security. Junos Operating System training course details Who will benefit: This course benefits individuals responsible for configuring and monitoring devices running the Junos OS. Prerequisites: TCP/IP foundation for engineers Duration 3 days Junos Operating System training course contents Junos Operating System Fundamentals The Junos OS Traffic Processing Overview of Junos Devices User Interface Options-The Junos CLI User Interface Options The Junos CLI: CLI Basics The Junos CLI: Operational Mode The Junos CLI: Configuration Mode User Interface Options-The J-Web Interface The J-Web GUI Configuration Lab 1: User Interface Options Initial Configuration Factory-Default Configuration Initial Configuration Interface Configuration Lab 2: Initial System Configuration Secondary System Configuration User Configuration and Authentication System Logging and Tracing Network Time Protocol Archiving Configurations SNMP Lab 3: Secondary System Configuration Operational Monitoring and Maintenance Monitoring Platform and Interface Operation Network Utilities Maintaining the Junos OS Password Recovery System Clean-Up Lab 4: Operational Monitoring and Maintenance Interface Configuration Examples Review of the Interface Configuration Hierarchy Interface Configuration Examples Using Configuration Groups Routing Fundamentals Routing Concepts: Overview of Routing Routing Concepts: The Routing Table Routing Concepts: Routing Instances Static Routing Dynamic Routing Lab 5: Routing Fundamentals Routing Policy Routing Policy Overview Case Study: Routing Policy Lab 6: Routing Policy Firewall Filters Firewall Filters Overview Case Study: Firewall Filters Unicast Reverse-Path-Forwarding Checks Lab 7: Firewall Filters Class of Service CoS Overview Traffic Classification Traffic Queueing Traffic Scheduling Case Study: CoS Lab 8: Class of Service JTAC Procedures Opening a Support Case Customer Support Tools Transferring Files to JTAC Juniper Security Concepts Security Challenges Juniper's Security Focus Appendix A: IPv6 Fundamentals IPv6 Addressing Protocols and Services Configuration

Introduction to the Junos Operating System
Delivered in Internationally or OnlineFlexible Dates
£2,367

Total OSPF for engineers

5.0(3)

By Systems & Network Training

OSPF training course description A detailed hands on examination of OSPF. Hands on sessions are used to reinforce the theory rather than teach specific manufacturer equipment. The course starts with a recap of reading routing tables and then jumps straight in with simple OSPF configuration. OSPF features are then studied and configured before moving onto how OSPF works within an area. Multi area OSPF is then studied before looking at OSPF operation in detail by analysing OSPF packets. Finally areas are covered again in more detail followed by troubleshooting. What will you learn Design OSPF networks. Design IP addressing schemes suitable for route summarisation. Troubleshoot OSPF networks. Describe the operation of OSPF. OSPF training course details Who will benefit: Technical staff working with OSPF. Prerequisites: TCP/IP Foundation for engineers Duration 3 days OSPF training course contents Basic routing and OSPF Reading routing tables, routing protocols, What is OSPF? Process IDs, passive interfaces. Hands on Simple OSPF configuration. OSPF History of OSPF, metrics, costs, convergence, Distance Vector vs. Link state routing protocols, IGPs, classless, OSPF features, load sharing, per packet/destination, OSPF authentication. Hands on Configuring OSPF features. OSPF within an area How OSPF works, LSDB, LSDB benefits and disadvantages, LSA types, Type 1 and 2, LSA propagation, router IDs, hellos, configuring hellos, the exchange protocol. Hands on Investigating OSPF structures. Areas Scalability, why areas? Area IDs, area 0, ABRs, ABR resilience, areas & LSDBs, areas & LSAs, Type 3 LSAs, virtual links. Hands on Multi area OSPF. Redistribution Multiple routing protocols, common scenarios, routing distance, External LSAs, E1 and E2. Type 4 LSAs. OSPF and default routes. Hands on Configuring static route redistribution. Route aggregation Route summarisation. How to aggregate, ABR summarisation, ASBR summarisation. Hands on OSPF address summarisation. OSPF packet formats OSPF packets, protocol stack, OSPF stages, packet flows, packet types, the OSPF header, multicasts, Hello, DDB, LS request, LS update, LS ACK, LSA header, LSA formats, neighbours, neighbour states, DRs, adjacencies, BDRs, DR election. Hands on Analysing OSPF packets, troubleshooting. OSPF network types BMA, NBMA, Point to point links. Hands on Configuring OSPF over Frame Relay. OSPF stub areas LSA types, area types, area architecture, stub areas, default routes, benefits and disadvantages of stub areas, TSSAs, NSSAs, Type 7 LSAs. Hands on Stub and TSSA configuration. The OSPF MIB SNMP overview, MIB 2, the OSPF MIB, OSPF MIB groups, useful objects, OSPF traps. Hands on the OSPF MIB. troubleshooting. Summary RFCs, OSPF design guidelines. OSPF variants (appendix) OSPF on demand, MOSPF, multicast overview, Type 6 LSAs, OSPF for IPv6 (OSPFv3).

Total OSPF for engineers
Delivered in Internationally or OnlineFlexible Dates
£2,367

Securing UNIX systems

5.0(3)

By Systems & Network Training

Securing UNIX systems training course description This course teaches you everything you need to know to build a safe Linux environment. The first section handles cryptography and authentication with certificates, openssl, mod_ssl, DNSSEC and filesystem encryption. Then Host security and hardening is covered with intrusion detection, and also user management and authentication. Filesystem Access control is then covered. Finally network security is covered with network hardening, packet filtering and VPNs. What will you learn Secure UNIX accounts. Secure UNIX file systems. Secure UNIX access through the network. Securing UNIX systems course details Who will benefit: Linux technical staff needing to secure their systems. Prerequisites: Linux system administration (LPIC-1) Duration 5 days Securing UNIX systems course contents Cryptography Certificates and Public Key Infrastructures X.509 certificates, lifecycle, fields and certificate extensions. Trust chains and PKI. openssl. Public and private keys. Certification authority. Manage server and client certificates. Revoke certificates and CAs. Encryption, signing and authentication SSL, TLS, protocol versions. Transport layer security threats, e.g. MITM. Apache HTTPD with mod_ssl for HTTPS service, including SNI and HSTS. HTTPD with mod_ssl to authenticate users using certificates. HTTPD with mod_ssl to provide OCSP stapling. Use OpenSSL for SSL/TLS client and server tests. Encrypted File Systems Block device and file system encryption. dm-crypt with LUKS to encrypt block devices. eCryptfs to encrypt file systems, including home directories and, PAM integration, plain dm-crypt and EncFS. DNS and cryptography DNSSEC and DANE. BIND as an authoritative name server serving DNSSEC secured zones. BIND as an recursive name server that performs DNSSEC validation, KSK, ZSK, Key Tag, Key generation, key storage, key management and key rollover, Maintenance and resigning of zones, Use DANE. TSIG. Host Security Host Hardening BIOS and boot loader (GRUB 2) security. Disable useless software and services, sysctl for security related kernel configuration, particularly ASLR, Exec-Shield and IP / ICMP configuration, Exec-Shield and IP / ICMP configuration, Limit resource usage. Work with chroot environments, Security advantages of virtualization. Host Intrusion Detection The Linux Audit system, chkrootkit, rkhunter, including updates, Linux Malware Detect, Automate host scans using cron, AIDE, including rule management, OpenSCAP. User Management and Authentication NSS and PAM, Enforce password policies. Lock accounts automatically after failed login attempts, SSSD, Configure NSS and PAM for use with SSSD, SSSD authentication against Active Directory, IPA, LDAP, Kerberos and local domains, Kerberos and local domains, Kerberos tickets. FreeIPA Installation and Samba Integration FreeIPA, architecture and components. Install and manage a FreeIPA server and domain, Active Directory replication and Kerberos cross-realm trusts, sudo, autofs, SSH and SELinux integration in FreeIPA. Access Control Discretionary Access Control File ownership and permissions, SUID, SGID. Access control lists, extended attributes and attribute classes. Mandatory Access Control TE, RBAC, MAC, DAC. SELinux, AppArmor and Smack. etwork File Systems NFSv4 security issues and improvements, NFSv4 server and clients, NFSv4 authentication mechanisms (LIPKEY, SPKM, Kerberos), NFSv4 pseudo file system, NFSv4 ACLs. CIFS clients, CIFS Unix Extensions, CIFS security modes (NTLM, Kerberos), mapping and handling of CIFS ACLs and SIDs in a Linux system. Network Security Network Hardening FreeRADIUS, nmap, scan methods. Wireshark, filters and statistics. Rogue router advertisements and DHCP messages. Network Intrusion Detection ntop, Cacti, bandwidth usage monitoring, Snort, rule management, OpenVAS, NASL. Packet Filtering Firewall architectures, DMZ, netfilter, iptables and ip6tables, standard modules, tests and targets. IPv4 and IPv6 packet filtering. Connection tracking, NAT. IP sets and netfilter rules, nftables and nft. ebtables. conntrackd Virtual Private Networks OpenVPN server and clients for both bridged and routed VPN networks. IPsec server and clients for routed VPN networks using IPsec-Tools / racoon. L2TP.

Securing UNIX systems
Delivered in Internationally or OnlineFlexible Dates
£4,997