Security+ training course description A hands on course aimed at getting delegates successfully through the CompTia Security+ examination. What will you learn Explain general security concepts. Describe the security concepts in communications. Describe how to secure an infrastructure. Recognise the role of cryptography. Describe operational/organisational security. Security+ training course details Who will benefit: Those wishing to pass the Security+ exam. Prerequisites: TCP/IP foundation for engineers Duration 5 days Security+ training course contents General security concepts Non-essential services and protocols. Access control: MAC, DAC, RBAC. Security attacks: DOS, DDOS, back doors, spoofing, man in the middle, replay, hijacking, weak keys, social engineering, mathematical, password guessing, brute force, dictionary, software exploitation. Authentication: Kerberos, CHAP, certificates, usernames/ passwords, tokens, biometrics. Malicious code: Viruses, trojan horses, logic bombs, worms. Auditing, logging, scanning. Communication security Remote access: 802.1x, VPNs, L2TP, PPTP, IPsec, RADIUS, TACACS, SSH. Email: S/MIME, PGP, spam, hoaxes. Internet: SSL, TLS, HTTPS, IM, packet sniffing, privacy, Javascript, ActiveX, buffer overflows, cookies, signed applets, CGI, SMTP relay. LDAP. sftp, anon ftp, file sharing, sniffing, 8.3 names. Wireless: WTLS, 802.11, 802.11x, WEP/WAP. Infrastructure security Firewalls, routers, switches, wireless, modems, RAS, PBX, VPN, IDS, networking monitoring, workstations, servers, mobile devices. Media security: Coax, UTP, STP, fibre. Removable media. Topologies: Security zones, DMZ, Intranet, Extranet, VLANs, NAT, Tunnelling. IDS: Active/ passive, network/host based, honey pots, incident response. Security baselines: Hardening OS/NOS, networks and applications. Cryptography basics Integrity, confidentiality, access control, authentication, non-repudiation. Standards and protocols. Hashing, symmetric, asymmetric. PKI: Certificates, policies, practice statements, revocation, trust models. Key management and certificate lifecycles. Storage: h/w, s/w, private key protection. Escrow, expiration, revocation, suspension, recovery, destruction, key usage. Operational/Organisation security Physical security: Access control, social engineering, environment. Disaster recovery: Backups, secure disaster recovery plans. Business continuity: Utilities, high availability, backups. Security policies: AU, due care, privacy, separation of duties, need to know, password management, SLAs, disposal, destruction, HR policies. Incident response policy. Privilege management: Users, groups, roles, single sign on, centralised/decentralised. Auditing. Forensics: Chain of custody, preserving and collecting evidence. Identifying risks: Assets, risks, threats, vulnerabilities. Role of education/training. Security documentation.
Jenkins training course description An introduction to Continuous Integration and development (CI/CD) in network automation using Jenkins. The course focusses specifically on the network Devops case of using Jenkins. What will you learn Explain how Jenkins can help with network automation. Configure Jenkins for network Devops. Use Jenkins for network automation. Jenkins training course details Who will benefit: Network engineers. Prerequisites: TCP/IP Foundation Duration 1 day Jenkins training course contents What is Jenkins? DevOps, CI/CD, version control systems, git, automating execution of tasks, Jenkins job, Jenkins pipeline, Jenkins plugins, CI server. Hands on Installing Jenkins. Example pipeline for network automation YAML, GitHub, Jenkins, ansible, network devices. Hands on Investigating a workflow: Auto deploying network configurations. Configuring Jenkins Code repository, build triggers, gerrit and reviews, build environment. A Jenkins job, build step, post build actions, running a Jenkins job, build log, home directory. Hands on Configuring Jenkins. CI using Jenkins Branches, pipeline, git, the git plugin. Hands on A Jenkins job to poll, build and unit test network configurations.
Total FabricPath training course description A comprehensive look at Cisco's FabricPath. This course starts with the problems in traditional switched networks then moves onto to how FabricPath solves these problems. As IS-IS is key to loop free topologies in FabricPath networks, this protocol is also studied. What will you learn Explain the benefits of FabricPath. Explain how FabricPath works Explain the role of IS-IS in FabricPath. Integrate FabricPath into existing networks. Total FabricPath training course details Who will benefit: Technical staff working with FabricPath. Prerequisites: Definitive Ethernet switching for engineers Duration 1 day Total FabricPath training course contents What is FabricPath? Layer 2 versus Layer 3, STP problems: One path, convergence, MAC explosion. Frame routing. Shortest path. Comparison with TRILL. FabricPath architecture Core and edge, VLANs, vPC+. IS-IS Link layer IS-IS, SPF trees, traffic management. IS -IS extensions for FabricPath. ISIS TLV. FabricPath forwarding Routing table, Switch IDs, multi destination trees, IGMP snooping. Roots. MAC versus switch tables. FabricPath Dynamic Resource Allocation Protocol (DRAP). FabricPath frames Encapsulation, frame format, Switch ID, Forwarding tag. Miscellaneous Basic configuration, interoperation with STP, TCN forwarding
Total sFlow training course description A comprehensive hands on course covering sFlow. The course starts with the basics of flows moving swiftly onto configuring sFlow and studying the information it provides. What will you learn Describe sFlow. Use Nmap. Recognise how sFlow can be used. Describe the issues in using sFlow. Compare SFlow with SNMP and NetFlow. Total sFlow training course details Who will benefit: Technical staff working with sFlow. Prerequisites: TCP/IP foundation for engineers. Duration 1 day Total sFlow training course content What is SFlow? Where to monitor traffic. Packet based sampling, Time based sampling. Adaptive sampling. Flow samples, Counter samples. Hands on Wireshark flow analysis. Getting started with sFlow sFlow configuration. Enabling sFlow. Per interface. Hands on Accessing sFlow data using the CLI. sFlow architecture SFlow agents and collectors. When flows are exported. Distributed sFlow architecture, subagents. sFlow reporting products. SolarWinds. Hands on Collector software. sFlow features and benefits Troubleshooting with sFlow, controlling congestion, security and audit trail analysis. Hands on Using sFlow. sFlow versus other technologies Flows. sFlow impact and scalability. sFlow versus SNMP and RMON, SFlow versus NetFlow/IPFIX. Hands on Advanced sFlow configuration.
Total TRILL training course description A comprehensive look at Transparent Interconnection of Lots of Links (TRILL). This TRILL course starts with the problems in traditional switched networks then moves onto to how TRILL solves these problems. As IS -IS is key to loop free topologies in TRILL networks, this protocol is also studied. What will you learn Explain the benefits of TRILL. Explain how TRILL works. Explain the role of IS-IS in TRILL. Integrate TRILL into existing networks. Total TRILL training course details Who will benefit: Technical staff working with Ethernet. Prerequisites: Definitive Ethernet switching for engineers Duration 1 day Total TRILL training course contents What is TRILL? Layer 2 versus Layer 3, STP problems: One path, convergence, MAC explosion. TRILL switches, RBridges, TRILL campus. TRILL standards TRILL components RBridges, mixing Rbridges with bridges, appointed forwarders. IS-IS Link layer IS-IS, SPF trees, traffic management. IS-IS extensions for TRILL. ISIS TLV. How TRILL works TRILL IS-IS hello discovery, Designated bridge, IS-IS flooding, Appointed forwarder, unicast versus multi-destination frames. TRILL nicknames. TRILL packet headers Local link header, TRILL header. TRILL over Ethernet, TRILL over PPP. VLANs. Fine grained labelling. TRILL BFD. TRILL OAM. Frame overheads. TRILL comparisons MPLS, IP, 802.1aq.
SMPTE 2022 training course description SMPTE 2022 is the standard for IP video transport in the broadcast industry. This course covers the seven section of the standard in detail. Particular attention is given to FEC and seamless protection switching areas of the standard. What will you learn Use Wireshark to analyse. SMPTE 2022 streams. Explain the role of FEC in SMPTE 2022. Explain how SMPTE 2022 provides resilience. SMPTE 2022 training course details Who will benefit: Anyone working with TV distribution. Prerequisites: TCP/IP foundation for engineers Duration 1 day SMPTE 2022 training course contents Introduction What is SMPTE 2022, SMPTE 2022 parts. SDI over IP. Contribution and distribution versus delivery. The SMPTE 2022 protocol stack SMPTE 2022-2 (mapping of MPEG TS into IP) and SMPTE 2022-6 mapping uncompressed video into IP. IP: Best effort, connectionless, DF flag, routers, Diffserv, RSVP. IPv6. UDP: Unreliable, connectionless, broadcasts, multicasts and unicasts. RTP RTP, ports, payloads types, sequence numbers, timestamps. RTP header extensions. RTCP. MPEG2-TS: Elementary streams, transport over IP. FEC Forward Error Correction. SMPTE 2022-1, SMPTE 2022-5. Logical rows and columns. 1D and 2D parity. FEC header format. FEC configuration and choosing dimensions. FEC traffic shaping. Overheads and delays. Seamless protection switching IP failover. SMPTE 2022-7: Sending two matching streams over different paths. Stream synchronization. The HBRMT header. Calculating the packet to switch over. Summary Summary of the 7 sections of the SMPTE 2022 standard. Clock recovery.
Total SPB training course description A comprehensive look at Service Provider Bridging (SPB) as standardised in 802.1aq. This SPB course starts with the problems in traditional switched networks then moves onto to how SPB solves these problems. As IS-IS is key to loop free topologies in SPB networks, this protocols is also studied. What will you learn Explain the benefits of SPB. Explain how SPB works. Explain the role of IS-IS in SPB. Integrate SPB into existing networks. Total SPB training course details Who will benefit: Technical staff working with Ethernet. Prerequisites: Definitive Ethernet switching for engineers Duration 1 day Total SPB training course contents What is SPB? Layer 2 versus Layer 3, STP problems: One path, convergence, MAC explosion. Virtualisation issues: VRF. Service Provider Bridging (SPB), 802.1aq. Virtual Services Network. SPB variants 802.1Q, 802.1ad, Q-in-Q, VLAN IDs, 802.1ah, M-in-M, I-SID. SPBV, SPBM. SPBM frame format. How SPB works Node ID, Backbone Edge Bridges, Backbone MAC address, Customer MACs, I-SID. IS-IS. Forwarding database. VSN. IS-IS Link layer IS-IS, SPF trees, traffic management. IS-IS extensions for SPB. ISIS TLV. SPB services Data centre bridging, server virtualisation, multitenant applications. Integration of SPB into existing networks. VLAN to ISID mappings. Inter ISID routing, IP/SPB Layer 3 VRF extensions. Miscellaneous Multicast in SPB environments. Source specific multicast trees. SPB configuration. SPB deployment considerations.
NETCONF and YANG training course description An introduction to NETCONF and YANG. The course progresses from what they are, why they are needed, and how to configure them onto a more detailed analysis of how NETCONF works and how to read YANG models. What will you learn Recognise the limits and problems of SNMP and the CLI. Describe the relationship between NETCONF and YANG. Configure NETCONF on network devices. Use NETCONF to configure devices. Read YANG models. NETCONF and YANG training course details Who will benefit: Network engineers. Prerequisites: Network management technologies Duration 1 day NETCONF and YANG training course content What are NETCONF and YANG? Network management and configuration issues. What is NETCONF? What is YANG? Protocols, data models, architecture. Hands on Configuring NETCONF on network devices, using NETCONF. NETCONF NETCONF layers, Secure transport: SSH, Messages: rpc, Operations, Content. Base operations: <get>, <get-config>, <edit-config>, <copy-config>, <delete-config>, <lock>,<unlock>, <close-session>, <kill-session> NETCONF datastores: :candidate, :startup, running. Hands on Retrieving a configuration with NETCONF, Editing a configuration with NETCONF. NETCONF more details NETCONF traffic flows, NETCONF capabilities, hello, capabilities exchange., Filtering data, atomic transactions, validating configurations. Hands on Using NETCONF. YANG YANG models, IETF standard YANG models, tree diagrams, an example: YANG interface management, Module header, Imports and includes, Containers, Lists, leaves, Data types, typedef, Instance data, XML. Hands on Reading YANG data models, creating a configuration instance.
LINX 3 training course description A detailed study of BGP, from the basics of how it works through to advanced issues such as route reflectors, policy, filtering, route selection and routing registries. The course culminates with a study of an industrial strength BGP template illustrating important issues such as bogon filtering. Practical hands on with routers follow the major sessions to reinforce the theory. A multiple choice exam, leading to the LAIT III certification, is available after the course. The exam consists of 60 questions and lasts 2 hours. What will you learn Connect enterprises to the Internet, and ISPs to each other. Describe how BGP works. List, describe and configure the main BGP attributes. Implement and troubleshoot BGP. Work with route aggregation and calculate CIDR prefixes in seconds. Influence traffic paths with BGP. LINX 3 training course details Who will benefit: Network engineers. Prerequisites: LAIT I and II OR CCNP and take LAIT I and LAIT II exams whilst on this course. Duration 5 days LINX 3 training course contents Basic BGP IGPs, EGPs, What's BGP? BGP RIB, in/out process, tables peers, adding routes. Hands on Simple configuration and troubleshooting. The Internet and peering ASs, AS numbers, Internet structure, ISP types, ISP network design, IXs, peering vs. transit, public/ private peering, bi/multi-lateral peering. Hands on AS information gathering. How BGP works Incremental updates, Path vector protocols, BGP protocol stack, the BGP header, message types, NLRI, withdrawn routes, route refresh, route dampening. Hands on More troubleshooting, packet analysis. MBGP and IPv6 Multiprotocol routing, AFI, SAFI, MBGP and multicasts, IPv6, MPLS VPNs. Hands on IPv6 BGPv4 aggregation CIDR, benefits, techniques, shortcuts, configuring BGP aggregation, leaking routes. Hands on Reducing routing table size. BGP path selection BGP attributes, attribute types, route selection order, Local preference, AS prepend, MEDs. Hands on Influencing traffic with BGP. BGP routing policies What is policy? Examples, route filtering, AS filtering, REs, applying preference selectively, peer groups. Hands on Sophisticated policies. RIPE and routing registries RIRs, Allocations, assignments, PI vs. PA. Objects, RPSL, routing registry, Hands on The RIPE database. Automating BGP configuration Automation tools, whois, IRRToolSet, Bogon lists, tracking bogon lists, HTTP, Peering, routing registries, DNS. Communities What is a community? Community names, communities for: peer types and geography. RFC 1998, default communities. Hands on Setting local preference on other routers. Route servers What are route servers? LINX route servers, route server policy control, What are route collectors, Looking glasses. Hands on Setting up and working with a route server. Peer relationships IBGP, EBGP, next hop self, advertising routes into/out of BGP, synchronisation. Hands on IBGP, troubleshooting a large BGP network. Route reflectors and confederations Full mesh IBGP, Route reflectors, RR configuration and design, confederations, migration issues. Hands on RR configuration. BGP architectures Stub vs. transit AS, when to use BGP, multihoming strategies and issues, default routes. Multihop EBGP, load balancing. Hands on Multihoming. BGP security RFC 7454, security steps, BGP TTL security, filters, RPKI, ROAs, rsync, rrdp, validators. A secure BGP template. Hands on RPKI prefix validation.