DDOS demystified training course description This course covers DDOS attacks and how to defend against them. The course starts by studying DOS attacks and then DDOS attack. Reflectors, booters and stressers are followed by reflection and amplification. Once the various DDOS attacks have been covered we then study the ways to defend against DDOS attacks. What will you learn Describe DDOS. Explain how DDOS attacks work. Recognise DDOS attack types. Describe how to defend DDOS attacks. DDOS demystified training course details Who will benefit: Anyone involved in network security. Prerequisites: Network fundamentals Duration 1 day DDOS demystified training course contents What is DOS? Denial Of Service, outages, Attackers, Command and control, Bots. Why DOS? What is DDOS? Distributed, reflectors, botnets, botnet topologies, amplification, attack bandwidth, attack vectors, booters, stressers, backscatter, DirtJumper, XOR. RUDY. High and Low orbit Ion Cannon. Attack types Application layer attacks, HTTP flood, protocol attacks, SYN floods, teardrop, volumetric attacks, slowloris, DNS cachebusting, fraggle, smurf. IP address spoofing. Reflectors Reflector attacks, amplification attacks, quotients, embedded devices, DNS, NTP, SSDP. DDOS defence Protecting devices from becoming bots. Onsite, outsourced scrubbing, Defending self, defending the Internet, Black hole routing, rate limiting, intelligent application firewalls, anycast, IPS, upstream filtering, BCP38, BCP 140. uRPF.
Oracle SQL Advanced training course description The Oracle SQL Advanced course is designed to give delegates practical experience in using some of the more advanced features of Oracle SQL. Additional datatypes and the use of advanced SQL functions and expressions are covered together with enhanced table handling features. What will you learn Retrieve data using correlated subqueries, in-line views and multi-column subqueries. Use the WITH Clause. Inserting and Updating Rows Using Complex Subqueries Create Hierarchical Queries. Use ROLLUP, CUBE and GROUPING SETS group by enhancements. Implement the GROUPING and GROUPING_ID functions. Manage large data sets. Insert data conditionally and unconditionally. Merge Rows in a Table. Create TIMESTAMP and INTERVAL Datatypes. Use TIMESTAMP, TIMEZONE and INTERVAL functions and literals. Use regular expressions and implement related functions. Manage objects with the data dictionary. Manage schema objects. Perform flashback operations. Create and using external tables. Control user access to database objects. Oracle SQL Advanced training course details Who will benefit: Anyone who needs to use the more advanced features of SQL to improve their productivity in querying and updating an Oracle database. Prerequisites: Delegates should have attended the Oracle SQL course or have a similar level of experience. Duration 2 days Oracle SQL Advanced training course contents Retrieve data using subqueries ANY, ALL or SOME operators, Correlated subqueries, In-Line views, The Exists operator, The WITH clause, Multi-Column subqueries, Insert and update using a query, Correlated update and delete. Hierarchical queries Hierarchical data, The START WITH and CONNECT BY clauses, The LEVEL pseudo-column, Sequencing the output, Eliminating nodes and branches. Enhanced grouping features Review of basic grouping concepts, The ROLLUP and CUBE extensions, The GROUPING SETS extension, Using the GROUPING and GROUPING_ID functions. Manage large data sets Multi-table Inserts, Conditional and unconditional Inserts, Merging data into a table, Table and view based merge, A sub query based merge. Flashback technology Flashback query, The AS clause, Flashback table, Flashback drop. Date, time and time zone support Date, Timestamp and Interval datatypes, Handling dates and times, Handling intervals, Date, timestamp and interval functions and literals, Related NLS parameters. Regular expression support Regular expression notation, Character matching, Repetition operators, Sub expression grouping, Regular expression functions. Manage objects with the Data Dictionary The Data Dictionary, Useful Data Dictionary tables, Using the Data Dictionary. Manage schema objects Column operations, Constraint operations, Creating and dropping Indexes, B-Tree indexes, Function based indexes, Descending indexes, Creating and using external tables. Access control System privileges and roles, Create users, Alter user details, Grant and revoke object privileges.
Streaming telemetry training course description An introduction to streaming telemetry. The course progresses from a brief look at the weaknesses of SNMP onto what streaming telemetry is, how it differs from the xflow technologies, the data formats available and how to configure it. What will you learn Describe streaming telemetry. Explain how streaming telemetry works. Describe the data presentation formats available. Configure streaming telemetry. Streaming telemetry training course details Who will benefit: Network engineers. Prerequisites: TCP/IP foundation for engineers. Duration 1 day Streaming telemetry training course content What is streaming telemetry? SNMP weaknesses, Netflow, sflow, polling and the old models, push vs pull, What is streaming telemetry? Telemetry streaming architecture Model driven versus event driven telemetry, subscriptions, publications. Periodic versus on change, model selection and scalability. Telemetry streaming protocols TCP, UDP, SSH, HTTP, HTTP2, NETCONF, RESTCONF, gRPC, gNMI. Models and Encoding The role of YANG. YANG models and tools. XML/ NETCONF, JSON/RESTCONF, JSON over UDP. Protocol buffers/gRPC. Google Protocol Buffers Decoder ring, protocol definition file. GPB-KV, GPB-Compact. Keys. Streaming telemetry configuration Router: Destination, Sensor, subscription. Collector: YANG models, .proto file. Pipeline. ELK: Consume, store, visualise streaming data. Collection tools APIs, YANG development Kit, Downstream consumers, influxdata, Grafana, Kafka, Prometheus, others.
Total TRILL training course description A comprehensive look at Transparent Interconnection of Lots of Links (TRILL). This TRILL course starts with the problems in traditional switched networks then moves onto to how TRILL solves these problems. As IS -IS is key to loop free topologies in TRILL networks, this protocol is also studied. What will you learn Explain the benefits of TRILL. Explain how TRILL works. Explain the role of IS-IS in TRILL. Integrate TRILL into existing networks. Total TRILL training course details Who will benefit: Technical staff working with Ethernet. Prerequisites: Definitive Ethernet switching for engineers Duration 1 day Total TRILL training course contents What is TRILL? Layer 2 versus Layer 3, STP problems: One path, convergence, MAC explosion. TRILL switches, RBridges, TRILL campus. TRILL standards TRILL components RBridges, mixing Rbridges with bridges, appointed forwarders. IS-IS Link layer IS-IS, SPF trees, traffic management. IS-IS extensions for TRILL. ISIS TLV. How TRILL works TRILL IS-IS hello discovery, Designated bridge, IS-IS flooding, Appointed forwarder, unicast versus multi-destination frames. TRILL nicknames. TRILL packet headers Local link header, TRILL header. TRILL over Ethernet, TRILL over PPP. VLANs. Fine grained labelling. TRILL BFD. TRILL OAM. Frame overheads. TRILL comparisons MPLS, IP, 802.1aq.
Securing UNIX systems training course description This course teaches you everything you need to know to build a safe Linux environment. The first section handles cryptography and authentication with certificates, openssl, mod_ssl, DNSSEC and filesystem encryption. Then Host security and hardening is covered with intrusion detection, and also user management and authentication. Filesystem Access control is then covered. Finally network security is covered with network hardening, packet filtering and VPNs. What will you learn Secure UNIX accounts. Secure UNIX file systems. Secure UNIX access through the network. Securing UNIX systems course details Who will benefit: Linux technical staff needing to secure their systems. Prerequisites: Linux system administration (LPIC-1) Duration 5 days Securing UNIX systems course contents Cryptography Certificates and Public Key Infrastructures X.509 certificates, lifecycle, fields and certificate extensions. Trust chains and PKI. openssl. Public and private keys. Certification authority. Manage server and client certificates. Revoke certificates and CAs. Encryption, signing and authentication SSL, TLS, protocol versions. Transport layer security threats, e.g. MITM. Apache HTTPD with mod_ssl for HTTPS service, including SNI and HSTS. HTTPD with mod_ssl to authenticate users using certificates. HTTPD with mod_ssl to provide OCSP stapling. Use OpenSSL for SSL/TLS client and server tests. Encrypted File Systems Block device and file system encryption. dm-crypt with LUKS to encrypt block devices. eCryptfs to encrypt file systems, including home directories and, PAM integration, plain dm-crypt and EncFS. DNS and cryptography DNSSEC and DANE. BIND as an authoritative name server serving DNSSEC secured zones. BIND as an recursive name server that performs DNSSEC validation, KSK, ZSK, Key Tag, Key generation, key storage, key management and key rollover, Maintenance and resigning of zones, Use DANE. TSIG. Host Security Host Hardening BIOS and boot loader (GRUB 2) security. Disable useless software and services, sysctl for security related kernel configuration, particularly ASLR, Exec-Shield and IP / ICMP configuration, Exec-Shield and IP / ICMP configuration, Limit resource usage. Work with chroot environments, Security advantages of virtualization. Host Intrusion Detection The Linux Audit system, chkrootkit, rkhunter, including updates, Linux Malware Detect, Automate host scans using cron, AIDE, including rule management, OpenSCAP. User Management and Authentication NSS and PAM, Enforce password policies. Lock accounts automatically after failed login attempts, SSSD, Configure NSS and PAM for use with SSSD, SSSD authentication against Active Directory, IPA, LDAP, Kerberos and local domains, Kerberos and local domains, Kerberos tickets. FreeIPA Installation and Samba Integration FreeIPA, architecture and components. Install and manage a FreeIPA server and domain, Active Directory replication and Kerberos cross-realm trusts, sudo, autofs, SSH and SELinux integration in FreeIPA. Access Control Discretionary Access Control File ownership and permissions, SUID, SGID. Access control lists, extended attributes and attribute classes. Mandatory Access Control TE, RBAC, MAC, DAC. SELinux, AppArmor and Smack. etwork File Systems NFSv4 security issues and improvements, NFSv4 server and clients, NFSv4 authentication mechanisms (LIPKEY, SPKM, Kerberos), NFSv4 pseudo file system, NFSv4 ACLs. CIFS clients, CIFS Unix Extensions, CIFS security modes (NTLM, Kerberos), mapping and handling of CIFS ACLs and SIDs in a Linux system. Network Security Network Hardening FreeRADIUS, nmap, scan methods. Wireshark, filters and statistics. Rogue router advertisements and DHCP messages. Network Intrusion Detection ntop, Cacti, bandwidth usage monitoring, Snort, rule management, OpenVAS, NASL. Packet Filtering Firewall architectures, DMZ, netfilter, iptables and ip6tables, standard modules, tests and targets. IPv4 and IPv6 packet filtering. Connection tracking, NAT. IP sets and netfilter rules, nftables and nft. ebtables. conntrackd Virtual Private Networks OpenVPN server and clients for both bridged and routed VPN networks. IPsec server and clients for routed VPN networks using IPsec-Tools / racoon. L2TP.
Total NetFlow training course description A comprehensive hands on course covering NetFlow. The course starts with the basics of flows moving swiftly onto configuring NetFlow and studying the information it provides. What will you learn Describe NetFlow. Configure generators and collectors. Recognise how NetFlow can be used. Describe the issues in using NetFlow. Compare NetFlow with SNMP, RMON and sflow. Total NetFlow training course details Who will benefit: Technical staff working with NetFlow. Prerequisites: TCP/IP Foundation Duration 2 days Total NetFlow for engineers What is NetFlow? Flows. Where to monitor traffic. Hands on Wireshark flow analysis. Getting started with NetFlow NetFlow configuration. Hands on Accessing NetFlow data using the CLI. NetFlow architecture Generators and collectors. When flows are exported. NetFlow reporting products. SolarWinds. Hands on Collector software. NetFlow features and benefits Real time segment statistics, real time top talkers, traffic matrices. Hands on Traffic analysis with NetFlow. NetFlow issues NetFlow impact, agent resources, server resources, comparing NetFlow with SNMP, RMON and sflow. Hands on Advanced NetFlow configuration. Export formats Flow aging timers, NetFlow versions, export formats, templates, IPFIX. Hands on NetFlow packet analysis. NetFlow MIBs The NetFlow MIB, configuration, retrieving NetFlow statistics. Hands on Integrating NetFlow with SNMP.
Total SPB training course description A comprehensive look at Service Provider Bridging (SPB) as standardised in 802.1aq. This SPB course starts with the problems in traditional switched networks then moves onto to how SPB solves these problems. As IS-IS is key to loop free topologies in SPB networks, this protocols is also studied. What will you learn Explain the benefits of SPB. Explain how SPB works. Explain the role of IS-IS in SPB. Integrate SPB into existing networks. Total SPB training course details Who will benefit: Technical staff working with Ethernet. Prerequisites: Definitive Ethernet switching for engineers Duration 1 day Total SPB training course contents What is SPB? Layer 2 versus Layer 3, STP problems: One path, convergence, MAC explosion. Virtualisation issues: VRF. Service Provider Bridging (SPB), 802.1aq. Virtual Services Network. SPB variants 802.1Q, 802.1ad, Q-in-Q, VLAN IDs, 802.1ah, M-in-M, I-SID. SPBV, SPBM. SPBM frame format. How SPB works Node ID, Backbone Edge Bridges, Backbone MAC address, Customer MACs, I-SID. IS-IS. Forwarding database. VSN. IS-IS Link layer IS-IS, SPF trees, traffic management. IS-IS extensions for SPB. ISIS TLV. SPB services Data centre bridging, server virtualisation, multitenant applications. Integration of SPB into existing networks. VLAN to ISID mappings. Inter ISID routing, IP/SPB Layer 3 VRF extensions. Miscellaneous Multicast in SPB environments. Source specific multicast trees. SPB configuration. SPB deployment considerations.
IP security training course description Connection to the Internet is becoming an essential business tool. This course looks at firewalls, digital certificates, encryption and other essential topics for e-commerce sites. A generic course that looks at firewalls and VPNs. Hands on sessions include using hacking tools and configuring firewalls. What will you learn Describe: Basic security attacks RADIUS SSL IPSec VPNs Implement digital certificates Deploy firewalls to protect Web servers and users. Secure Web servers and clients. IP security training course details Who will benefit: Network administrators. Network operators. Security auditors Prerequisites: TCP/IP foundation for engineers Duration 2 days IP security training course contents TCP/IP review Brief overview of the relevant headers. Hands on Download software for course, use analyser to capture passwords on the wire. Security review Policies, Types of security breach, denial of service, data manipulation, data theft, data destruction, security checklists, incident response. Security exploits The Internet worm, IP spoofing, SYN attack, hijacking, Ping o' Death⦠keeping up to date with new threats. Hands on Use a port scanning tool, use a 'hacking' tool. Firewalls Products, Packet filtering, DMZ, content filtering, stateful packet inspection, Proxies, firewall architectures, Intrusion Detection Systems, Viruses. Hands on Set up a firewall and prevent attacks. NAT NAT and PAT, Why use NAT, NAT-ALG, RSIP. Encryption Encryption keys, Encryption strengths, Secret key vs Public key, algorithms, systems, SSL, SSH, Public Key Infrastructures. Hands on Run a password-cracking program. Authentication Types of authentication, Securid, Biometrics, PGP, Digital certificates, X.509 v3, Certificate authorities, CRLs, PPP authentication, RADIUS. Hands on Using certificates. Web client and server security Cookies, browser certificates, censorship, PICS. Operating system security, Web server user authentication, Restricting access, Logging, Securing CGI scripts. Hands on Browser security. VPNs and IPSec What is a VPN, tunnelling, L2F, PPTP, L2TP, IPSec, AH, ESP, transport mode, tunnel mode.
Definitive Salt training course description Salt is a remote execution framework and configuration management system. This course covers Salt from the basics. After a quick first taste the course moves onto execution modules, salt states, minion and master data, jinja, Salt extensions and then topology and configuration options. Hands on sessions are used to reinforce the theory rather than teach specific manufacturer equipment. What will you learn Install and use Salt. Describe the architecture of Salt. Manage configurations with Salt. Extend Salt. Definitive Salt training course details Who will benefit: Anyone working with Salt. Prerequisites: Linux fundamentals. Duration 2 days Definitive Salt training course contents Introduction What is Salt? High- level architecture, Some quick examples, system management, configuration management, A brief history, Topology options, Extending Salt. Quick start: First taste of Salt Single-master setup, from packages, bootstrap scripts, Starting up, Basic commands, salt: the main workhorse, salt-key: key management, salt-call: execution on the minion, salt-run: co-ordination of jobs on the master, summary of commands, Key management, viewing keys, accepting keys, rejecting keys, key files, Minion targeting, minion ID, list (-L), glob, regular expressions (-E), grains (-G), compound (-C), targeting summary, Additional remote execution details, Conclusion. Execution modules: The functional foundation sys: information and documentation about modules, sys.doc basic documentation, sys.list_modules, sys.list_functions: simple listings, cmd: execute via shell, cmd.run: run any command, pkg: manage packages, virtual modules, pkg.lists_pkgs: list all installed packages, pkg.available version: see what version will be installed, pkg.install: install packages, user: manage users, user.add: add users, user.list_users, user info: get user info, saltutil: access various Salt utilities, Summary. Configuration management: Salt states Salt files overview, SLS example: adding a user, working with the multi-layered state system, Highstate and the top file, the top file, State ordering, require: depend on another state, watch: run based on other changes, odds and ends, Summary. Minion data / master data Grains are minion data, performing basic grain operations, setting grains, targeting with grains in the top file, Pillars are data from the master, querying pillar data, querying other sources with external pillars, Renderers give data options. Extending Salt: part I Introduction to Jinja, Jinja basics, Templating with Jinja, filtering by grains, Custom execution module, Custom state modules, Custom grains, External pillars, Summary. More on the matter Runners, manage minions, manage jobs, The orchestrate runner, The event system, The reactor system, Summary. Extending Salt: part II Python client API, reading configuration data on a master and minion, using the master client (localclient) API, Using the caller client API, Custom runners, writing a custom runner, using the runnerclient API, Summary. Topology and configuration options Master configuration, directories and files, logging, access control, files server options, Topology variations, masterless minions, peer systems, syndication masters, multiple masters. Brief introduction to salt-cloud Overview, Setup AWS and salt-cloud, installing salt-cloud, cloud providers, cloud profiles, cloud maps, Introspection via salt cloud, Creating infrastructure, More information. Using vagrant to run Salt examples YAML.
SMPTE 2022 training course description SMPTE 2022 is the standard for IP video transport in the broadcast industry. This course covers the seven section of the standard in detail. Particular attention is given to FEC and seamless protection switching areas of the standard. What will you learn Use Wireshark to analyse. SMPTE 2022 streams. Explain the role of FEC in SMPTE 2022. Explain how SMPTE 2022 provides resilience. SMPTE 2022 training course details Who will benefit: Anyone working with TV distribution. Prerequisites: TCP/IP foundation for engineers Duration 1 day SMPTE 2022 training course contents Introduction What is SMPTE 2022, SMPTE 2022 parts. SDI over IP. Contribution and distribution versus delivery. The SMPTE 2022 protocol stack SMPTE 2022-2 (mapping of MPEG TS into IP) and SMPTE 2022-6 mapping uncompressed video into IP. IP: Best effort, connectionless, DF flag, routers, Diffserv, RSVP. IPv6. UDP: Unreliable, connectionless, broadcasts, multicasts and unicasts. RTP RTP, ports, payloads types, sequence numbers, timestamps. RTP header extensions. RTCP. MPEG2-TS: Elementary streams, transport over IP. FEC Forward Error Correction. SMPTE 2022-1, SMPTE 2022-5. Logical rows and columns. 1D and 2D parity. FEC header format. FEC configuration and choosing dimensions. FEC traffic shaping. Overheads and delays. Seamless protection switching IP failover. SMPTE 2022-7: Sending two matching streams over different paths. Stream synchronization. The HBRMT header. Calculating the packet to switch over. Summary Summary of the 7 sections of the SMPTE 2022 standard. Clock recovery.