1302 Courses in Leeds

Securing Linux systems training course description This course teaches you everything you need to know to build a safe Linux environment. The first section handles cryptography and authentication with certificates, openssl, mod_ssl, DNSSEC and filesystem encryption. Then Host security and hardening is covered with intrusion detection, and also user management and authentication. Filesystem Access control is then covered. Finally network security is covered with network hardening, packet filtering and VPNs. What will you learn Secure Linux accounts. Secure Linux file systems. Secure Linux access through the network. Securing Linux systems training course details Who will benefit: Linux technical staff needing to secure their systems. Prerequisites: Linux system administration (LPIC-1) Duration 5 days Securing Linux systems training course contents Cryptography Certificates and Public Key Infrastructures X.509 certificates, lifecycle, fields and certificate extensions. Trust chains and PKI. openssl. Public and private keys. Certification authority. Manage server and client certificates. Revoke certificates and CAs. Encryption, signing and authentication SSL, TLS, protocol versions. Transport layer security threats, e.g. MITM. Apache HTTPD with mod_ssl for HTTPS service, including SNI and HSTS. HTTPD with mod_ssl to authenticate users using certificates. HTTPD with mod_ssl to provide OCSP stapling. Use OpenSSL for SSL/TLS client and server tests. Encrypted File Systems Block device and file system encryption. dm-crypt with LUKS to encrypt block devices. eCryptfs to encrypt file systems, including home directories and, PAM integration, plain dm-crypt and EncFS. DNS and cryptography DNSSEC and DANE. BIND as an authoritative name server serving DNSSEC secured zones. BIND as an recursive name server that performs DNSSEC validation, KSK, ZSK, Key Tag, Key generation, key storage, key management and key rollover, Maintenance and resigning of zones, Use DANE. TSIG. Host Security Host Hardening BIOS and boot loader (GRUB 2) security. Disable useless software and services, sysctl for security related kernel configuration, particularly ASLR, Exec-Shield and IP / ICMP configuration, Exec-Shield and IP / ICMP configuration, Limit resource usage. Work with chroot environments, Security advantages of virtualization. Host Intrusion Detection The Linux Audit system, chkrootkit, rkhunter, including updates, Linux Malware Detect, Automate host scans using cron, AIDE, including rule management, OpenSCAP. User Management and Authentication NSS and PAM, Enforce password policies. Lock accounts automatically after failed login attempts, SSSD, Configure NSS and PAM for use with SSSD, SSSD authentication against Active Directory, IPA, LDAP, Kerberos and local domains, Kerberos and local domains, Kerberos tickets. FreeIPA Installation and Samba Integration FreeIPA, architecture and components. Install and manage a FreeIPA server and domain, Active Directory replication and Kerberos cross-realm trusts, sudo, autofs, SSH and SELinux integration in FreeIPA. Access Control Discretionary Access Control File ownership and permissions, SUID, SGID. Access control lists, extended attributes and attribute classes. Mandatory Access Control TE, RBAC, MAC, DAC. SELinux, AppArmor and Smack. etwork File Systems NFSv4 security issues and improvements, NFSv4 server and clients, NFSv4 authentication mechanisms (LIPKEY, SPKM, Kerberos), NFSv4 pseudo file system, NFSv4 ACLs. CIFS clients, CIFS Unix Extensions, CIFS security modes (NTLM, Kerberos), mapping and handling of CIFS ACLs and SIDs in a Linux system. Network Security Network Hardening FreeRADIUS, nmap, scan methods. Wireshark, filters and statistics. Rogue router advertisements and DHCP messages. Network Intrusion Detection ntop, Cacti, bandwidth usage monitoring, Snort, rule management, OpenVAS, NASL. Packet Filtering Firewall architectures, DMZ, netfilter, iptables and ip6tables, standard modules, tests and targets. IPv4 and IPv6 packet filtering. Connection tracking, NAT. IP sets and netfilter rules, nftables and nft. ebtables. conntrackd Virtual Private Networks OpenVPN server and clients for both bridged and routed VPN networks. IPsec server and clients for routed VPN networks using IPsec-Tools / racoon. L2TP.

The City & Guilds 2365 Level 3 Course is the natural progression for anyone who has completed the Level 2 Diploma 2365 course or related level 2 courses. On completion of this course you will then be able to undertake the Level 3 NVQ thus becoming recognised as a fully qualified electrical engineer within the industry with the ability to apply for JIB (Gold Card) membership upon successful completion of the AM2 Assessment. Further information on the Level 3 can be found here: C&G 2365 Level 3 Diploma in Electrical Installations — Optima Electrical Training (optima-ect.com)

Java training course description A comprehensive introduction of the Java language and environment. It is important to note that the course will assume that the delegates are already familiar with the C language as this enables more advanced features of the Java language to be covered in the course. The course will also give an overview of areas related to programming in Java. What will you learn Describe the Java architecture. Write Java applets and applications. Debug Java programs. Examine existing code and determine its function. Use multimedia extensions, the awt, multithreading, exceptions within Java Java training course details Who will benefit: Those wishing to program in Java. Prerequisites: Complete C programming Duration 5 days Java training course contents Review of UNIX fundamentals What is Java? What Java is, history of Java, reasons for success. The Java Virtual Machine, Bytecodes, getting up and running with Java, Java resources. Simple Java applications. C features in Java Java data structures, Java flow control, differences from C, arrays, strings and packages. OO features in Java Java classes and objects, inheritance, overloading, packages. Differences from C++. Java applets Applications vs. applets, HTML, the applet tag, applet methods, life cycle, testing and debugging. Multimedia applets Images, sounds, fonts, colours and animation. Java products The JDK in detail, other development environments. Javabeans and JDBC overviews. Abstract Window Toolkit JFC and Swing versus AWT. Event handling (JDK 1.1), GUIs, panels, buttons, lists, scrollbars, text areas, frames… Exception handling and multithreading Handling exceptions. Starting, pausing, stopping threads, producers, consumers, monitoring. More standard classes Java file I/O, Streams, The system class. The networking model, java.net classes. Security and Java Types of attack, the security manager, craplets, securing the network. Integrating legacy code with Java

WAN training course description A hands on Introduction to Wide Area Networks for engineers. This course covers all current major WAN technologies from a perspective of design, evaluating technologies available as well as hands on to consolidate the theory What will you learn Describe the seven-layer model and realise how it applies to the real world. Evaluate and describe WAN technologies. Describe the architecture of WANs in the core. Use WANS to interconnect LANS. WAN training course details Who will benefit: Technical staff wishing to find out more about how their WAN works. Prerequisites: Intro to data communications & networking Duration 5 days WAN training course contents Introduction LANs, MANS and WANS, protocols, the OSI seven layer model, ITU-T, ETSI, DTE, DCE, and the overall picture. WAN architectures Service providers, core, access, DTE, DCE, CPE, dialup, circuit switched, packet switched, how to choose a WAN, common bandwidths, site to site, remote access. Topologies: Star, Full mesh, partial mesh. History of WANs Before IP was ubiquitous, The PSTN, Dial up networks, modems, ISDN, Stat mux, TDM, 64k, N*64, E1, X25, Frame Relay The role of IP and routers The growth of IP, the role of routers, routing tables, routing protocols. Hands on: IP and routing. Layer 1 Physical Copper, Fibre, Wireless, Microwave, Phone lines, FTTC, FTTH, mobile networks. Service provider technologies The transport plane, SDH, SONET, DWDM. WAN access Phone lines, leased lines, xDSL, WiMax, satellite, the role of PPP. Broadband adband xDSL, ADSL, SDSL, local loops, DSLAM, DSL architecture. ATM Cell switching principles, ATM switching, Virtual paths, QOS, CBR, VBR, ABR, UBR, AAL1 to AAL5, MPOA, LANE, Voice over ATM. The Internet VPNs, IPSEC, QOS. What is MPLS? Core MPLS, MPLS and the 7 layer model, MPLS protocol, MPLS standard, MPLS runs on routers, MPLS history, Why MPLS? MPLS architecture LSRs, PE and P router roles, FEC, swapping labels, MPLS packet format, Loops, TTL control. Ethernet What is Ethernet? LANs, MANs, WANs, Ethernet and switches in the LAN. Traditional LAN/WAN integration, routers. The Ethernet interface for the WAN. Standards: Transporting carrier Ethernet.

CCNP (ENARSI) training course description The Implementing Cisco Enterprise Advanced Routing and Services (ENARSI) v1.0 gives you the knowledge you need to install, configure, operate, and troubleshoot an enterprise network. This course covers advanced routing and infrastructure technologies, expanding on the topics covered in the Implementing and Operating Cisco Enterprise Network Core Technologies (ENCOR) v1.0 course. This course helps prepare for the exam, Implementing Cisco Enterprise Advanced Routing and Services (300- 410 ENARSI), which leads to the new CCNP What will you learn Gain the knowledge you need to install, configure, operate, and troubleshoot an enterprise network. Qualify for professional-level job roles in advance routing and services Prepare for the Implementing Cisco Enterprise Advanced Routing and Services Exam (300-410 ENARSI). CCNP (ENARSI) training course details Who will benefit: Enterprise network engineers, System engineers, System administrators, Network administrators. Prerequisites: CCNP core Duration 5 days CCNP (ENARSI) training course content Course Objectives Configure classic Enhanced Interior Gateway Routing Protocol (EIGRP) and named EIGRP for IPv4 and IPv6 Optimize classic EIGRP and named EIGRP for IPv4 and IPv6 Troubleshoot classic EIGRP and named EIGRP for IPv4 and IPv6 Configure Open Shortest Path First (OSPF)v2 and OSPFv3 in IPv4 and IPv6 environments Optimize OSPFv2 and OSPFv3 behaviour Troubleshoot OSPFv2 for IPv4 and OSPFv3 for IPv4 and IPv6 Implement route redistribution using filtering mechanisms Troubleshoot redistribution Implement path control using Policy-Based Routing (PBR) and IP Service Level Agreement (SLA) Configure Multiprotocol-Border Gateway Protocol (MPBGP) in IPv4 and IPv6 environments Optimize MPBGP in IPv4 and IPv6 environments Troubleshoot MPBGP for IPv4 and IPv6 Describe the features of Multiprotocol Label Switching (MPLS) Describe the major architectural components of an MPLS VPN Identify the routing and packet forwarding functionalities for MPLS VPNs Explain how packets are forwarded in an MPLS VPN environment Implement Cisco Internetwork Operating System (IOS) Dynamic Multipoint VPNs (DMVPNs) Implement Dynamic Host Configuration Protocol (DHCP) Describe the tools available to secure the IPV6 first hop Troubleshoot Cisco router security features Troubleshoot infrastructure security and services Course Outline Implementing EIGRP Optimizing EIGRP Troubleshooting EIGRP Implementing OSPF Optimizing OSPF Troubleshooting OSPF Configuring Redistribution Troubleshooting Redistribution Implementing Path Control Implementing Internal Border Gateway Protocol (IBGP) Optimizing BGP Implementing MP-BGP Troubleshooting BGP Exploring MPLS Introducing MPLS L3 VPN Architecture Introducing MPLS L3 VPN Routing Configuring Virtual Routing and Forwarding (VRF)-Lite Implementing DMVPN Implementing DHCP Introducing IPv6 First Hop Security Securing Cisco Routers Troubleshooting Infrastructure Security and Services Troubleshooting with DNA Center Assurance. Lab outline Configure EIGRP Using Classic Mode and Named Mode for IPv4 and IPv6 Verify the EIGRP Topology Table Configure EIGRP Stub Routing, Summarization, and Default Routing Configure EIGRP Load Balancing and Authentication Troubleshoot EIGRP Issues Configure OSPFv3 for IPv4 and IPv6 Verify the LinkState Database Configure OSPF Stub Areas and Summarization Configure OSPF Authentication Troubleshoot OSPF Issues Implement Routing Protocol Redistribution Manipulate Redistribution Manipulate Redistribution Using Route Maps Troubleshoot Redistribution Issues Implement PBR Configure IBGP and External Border Gateway Protocol (EBGP) Implement BGP Path Selection Configure BGP Advanced Features Configure BGP Route Reflectors Configure MP-BGP for IPv4 and IPv6 Troubleshoot BGP Issues Configure Routing with VRF -Lite Implement Cisco IOS DMVPN Obtain IPv6 Addresses Dynamically Troubleshoot DHCPv4 and DHCPv6 Issues Troubleshoot IPv4 and IPv6 Access Control List (ACL) Issues Configure and Verify Unicast Reverse Path Forwarding (uRPF) Troubleshoot Network Management Protocol Issues: Lab 1 and 2

Advanced Python training course description This course caters to network engineers aiming to enhance both their Python proficiency and network automation skills. Delving deeper into key areas such as netmiko, Nornir, and ncclient, we also focus on automating network testing and validation. Participants gain greater confidence working with Python functions, classes, objects, and error handling. The course additionally introduces more libraries like Scrapli, TTP, pyATS, Genie, pybatfish, and Suzieq, which cover parsing strategies, automation testing, validation, network analysis, observability, and telemetry. The curriculum also encompasses concurrency techniques. What will you learn Write Python modules and functions. Evaluate techniques to parse unstructured data. Use NETCONF filters. Handle Python errors effectively (try, assert…). Use postman. Automate testing and validation of the network. Use scrapli, Genie, batfish and Suzieq. Advanced Python training course details Who will benefit: Network engineers. Prerequisites: Python for network engineers Duration 5 days Advanced Python training course contents Review CLI, NETCONF, RESTCONF, structured versus unstructured data, gNMI and when to use which. PEP 8. Naming conventions. Packages, modules, Classes and methods. The scrapli library. Netmiko versus scrapli. Hands on: scrapli, Dictionaries versus Regular Expressions. Modules and Functions Writing your own modules, containers versus packages, virtual environments. Best practices, calling functions, writing your own functions. Parameters, arguments. Named arguments, dictionaries as arguments. Builtins. Docstrings. Main. __name__, __main__ . Program arguments. Hands on: Getting interfaces, showing interface status using Netmiko and functions. Using dictionaries as arguments. Writing your own modules. Parsing strategies Turning unstructured data into structured data. textfsm, PyATS Genie parser, NAPALM getters, Template Text Parser. Hands on: Genie parser, TTP. Accessing structured data with lists and dictionaries. Classes, objects and Python Python classes in Genie, PyEZ and others . Hands on: studying network automation classes, objects, methods and attributes. Configuration management - more nornir, ncclient, requests Nornir tasks. Nornir results, Nornir functions, Nornir plugins. Nornir processors. YANG, YANG models, pyang. NETCONF hello. Capabilities. Schemas. Filters. Subtrees. XPATH. Exploring available YANG data models. NETCONF and network wide transactions. Asserting NETCONF capabilities. Configuration types. Locking configurations, commits. NETCONF data stores. Netconf-console. RESTCONF differences from NETCONF. URI construction. Postman. More XML and JSON. Git and configuration versions. Hands on: Nornir and Jinja2. Exploring available models, NETCONF filters. Using postman. Python error handling and debugging Context handlers, try, assert, logging, pdb, pytest, unit testing, chatgpt. Hands on: Writing code with each of the error handling methods, investigating what happens on an error. Use chatgpt to debug your code. Python Automation Testing Testing and validation. pyATS, Genie. Testbed file. Genie parse, genie learn, genie diff. Genie conf, Genie ops, Genie SDK, Genie harness. Xpresso. Hands on: Using Genie for state comparisons of the network. Network analysis Batfish, pybatfish, configuration analysis, analysing routing, analysing ACLs. Pandas. Pandas dataframe. Filtering and selecting values of interest. Hands on: Use Batfish to analyse network snapshots, find network adjacencies, flow path analysis. Network observability Suzieq, using docker, using as a package. Sqpoller, suzieq-gui, suzieq-cli, sq-rest-server. Namespaces and seeing devices, network state and Asserts. Time based analysis, snapshots and changes. Hands on: Suzieq: Gathering data from the network, analysing data from the network. Network state assertion. Telemetry gRPC, gNMI. CAP, GET, SET. Subscriptions. Model Driven telemetry. Hands on: Analysing telemetry data with Python. Concurrency asyncio, threads, processes. Nornir concurrency. Scrapli and netmiko concurrency. Hands on: Multiple SSH connections to devices at same time. Scarpli asyncio.

Cyber security training course description This cyber security course focusses on the network side of security. Technologies rather than specific products are studied focussing around the protection of networks using firewalls and VPNs. What will you learn Describe: - Basic security attacks - RADIUS - SSL - VPNs Deploy firewalls and secure networks Explain how the various technologies involved in an IP VPN work. Describe and implement: - L2TP - IPsec - SSL - MPLS, L3, VPNs. Cyber security training course details Who will benefit: Anyone working in the security field. Prerequisites: TCP/IP foundation for engineers Duration 5 days Cyber security training course contents Security review Denial of service, DDOS, data manipulation, data theft, data destruction, security checklists, incident response. Security exploits IP spoofing, SYN attacks, hijacking, reflectors and amplification, keeping up to date with new threats. Hands on port scanning, use a 'hacking' tool. Client and Server security Windows, Linux, Log files, syslogd, accounts, data security. Hands on Server hardening. Firewall introduction What is a firewall? Firewall benefits, concepts. HAnds on launching various attacks on a target. Firewall types Packet filtering, SPI, Proxy, Personal. Software firewalls, hardware firewalls. Firewall products. Hands on Simple personal firewall configuration. Packet filtering firewalls Things to filter in the IP header, stateless vs. stateful filtering. ACLs. Advantages of packet filtering. Hands on Configuring packet filtering firewalls. Stateful packet filtering Stateful algorithms, packet-by-packet inspection, application content filtering, tracks, special handling (fragments, IP options), sessions with TCP and UDP. Firewall hacking detection: SYN attacks, SSL, SSH interception. Hands on SPI firewalls. Proxy firewalls Circuit level, application level, SOCKS. Proxy firewall plusses and minuses. Hands on Proxy firewalls. Firewall architectures Small office, enterprise, service provider, what is a DMZ? DMZ architectures, bastion hosts, multi DMZ. Virtual firewalls, transparent firewalls. Dual firewall design, high availability, load balancing, VRRP. Hands on Resilient firewall architecture. Testing firewalls Configuration checklist, testing procedure, monitoring firewalls, logging, syslog. Hands on Testing firewalls. Encryption Encryption keys, Encryption strengths, Secret key vs Public key, algorithms, systems, SSL, SSH, Public Key Infrastructures. Hands on Password cracking. Authentication Types of authentication, Securid, Biometrics, PGP, Digital certificates, X.509 v3, Certificate authorities, CRLs, RADIUS. Hands on Using certificates. VPN overview What is a VPN? What is an IP VPN? VPNs vs. Private Data Networks, Internet VPNs, Intranet VPNs, Remote access VPNs, Site to site VPNs, VPN benefits and disadvantages. VPN Tunnelling VPN components, VPN tunnels, tunnel sources, tunnel end points, tunnelling topologies, tunnelling protocols, which tunnelling protocol? Requirements of tunnels. L2TP Overview, components, how it works, security, packet authentication, L2TP/IPsec, L2TP/PPP, L2 vs L3 tunnelling. Hands on Implementing a L2TP tunnel. IPsec AH, HMAC, ESP, transport and tunnel modes, Security Association, encryption and authentication algorithms, manual vs automated key exchange, NAT and other issues. Hands on Implementing an IPsec VPN. SSL VPNs Layer 4 VPNs, advantages, disadvantages. SSL. TLS. TLS negotiation, TLS authentication. TLS and certificates. Hands on Implementing a SSL VPN. MPLS VPNs Introduction to MPLS, why use MPLS, Headers, architecture, label switching, LDP, MPLS VPNs, L2 versus L3 VPNs. Point to point versus multipoint MPLS VPNs. MBGP and VRFs and their use in MPLS VPNs. Hands on Implementing a MPLS L3 VPN. Penetration testing Hacking webservers, web applications, Wireless networks and mobile platforms. Concepts, threats, methodology. Hands on Hacking tools and countermeasures.

CCNP training course description The Implementing and Operating Cisco Enterprise Network Core Technologies (ENCOR) v1.2 course provides the knowledge and skills needed to configure, troubleshoot, and manage enterprise wired and wireless networks. You'll learn to implement security principles within an enterprise network and how to overlay network design using solutions such as SDAccess and SD-WAN. Course content includes 3 days of self-study material. This course helps you prepare for the 350-401 Implementing Cisco Enterprise Network Core Technologies (ENCOR) exam What will you learn Configure, troubleshoot, and manage enterprise wired and wireless networks Implement security principles within an enterprise network Prepare you prepare to take the 350-401 Implementing Cisco Enterprise Network Core Technologies (ENCOR) exam CCNP training course details Who will benefit: Mid-level network engineers, Network administrators, Network support technicians, Help desk technicians. Prerequisites: Implementation of Enterprise LAN networks. Basic understanding of Enterprise routing and wireless connectivity, and Python scripting Duration 5 days CCNP training course content Cisco Enterprise Network Architecture: Access, distribution, core in the hierarchical network. Cisco Switching Paths: Switching mechanisms, TCAM, CAM, process switching, fast switching, and CEF. Implementing Campus LAN Connectivity: Troubleshoot L2 connectivity using VLANs and trunkingBuilding Redundant Switched Topology: STP Implementing Layer 2 Port Aggregation Troubleshoot link aggregation using Etherchannel EIGRP Implement and optimize OSPFv2/v3, including adjacencies, packet types, and areas, summarization, and route filtering for IPv4/v6 Implement EBGP interdomain routing, path selection, and single and dual-homed networkingImplementing Network Redundancy: HSRP and VRRP Implement static and dynamic NAT Virtualization Protocols and TechniquesVPNs and Interfaces: Overlay technologies such as VRF, GRE, VPN, and LISP Wireless Principles: RF, antenna characteristics, and wireless standards.Wireless Deployment: Models available, autonomous AP deployments and cloud-based designs within the centralized Cisco WLC architecture Wireless Roaming and Location ServicesWireless AP Operation: How APs communicate with WLCs to obtain software, configurations, and centralized managementWireless Client Authentication: EAP, WebAuth, and PSK wireless client authentication on a WLC. Troubleshoot wireless client connectivity issues using various available tools Troubleshoot networks using services such as NTP, SNMP, Cisco IP SLAs, NetFlow, and Cisco IOS EEM Explain network analysis and troubleshooting tools, which include show and debug commands, as well as best practices in troubleshootingMulticast Protocols: IGMP v2/v3, PIM DM/SM and RPs Introducing QoS: Concepts and features. Implementing Network Services: Secure administrative access for Cisco IOS devices using CLI access, RBAC, ACL, and SSH, and device hardening concepts to secure devices from less secure applications Using Network Analysis ToolsInfrastructure Security: Scalable administration using AAA and the local database, features and benefits Enterprise Network Security Architecture: VPNs, content security, logging, endpoint security, personal firewalls, and other security features. Automation and Assurance with Cisco DNA Center: Purpose, function, features, and workflow. Intent-Based Networking, for network visibility, proactive monitoring, and application experienceCisco SD-Access Solution: Nodes, fabric control plane, and data plane, VXLAN gatewaysCisco SD-WAN Solution: Components and features of Cisco SD-WAN solutions, including the orchestration, management, control, and data planesBasics of Python Programming: Python components and conditionals with script writing and analysis Network Programmability: NETCONF and RESTCONF APIs in Cisco DNA Center and vManage Labs: Investigate the CAM. Analyze CEF. Troubleshoot VLAN and Trunk Issues. Tuning STP and Configuring RSTP. Configure MSTP. Troubleshoot EtherChannel. Implement Multi-area OSPF. Implement OSPF Tuning. Apply OSPF Optimization. Implement OSPFv3. Configure and Verify Single-Homed EBGP. Implementing HSRP. Configure VRRP. Implement NAT. Configure and Verify VRF. Configure and Verify a GRE Tunnel. Configure Static VTI Point-to-Point Tunnels. Configure Wireless Client Authentication in a Centralized Deployment. Troubleshoot Wireless Client Connectivity Issues. Configure Syslog. Configure and Verify Flexible NetFlow. Configuring Cisco IOS EEM. Troubleshoot Connectivity and Analyze Traffic with Ping, Traceroute, and Debug. Configure and Verify Cisco IP SLAs. Configure Standard and Extended ACLs. Configure Control Plane Policing. Implement Local and Server-Based AAA. Writing and Troubleshooting Python Scripts. Explore JSON Objects and Scripts in Python. Use NETCONF Via SSH. Use RESTCONF with Cisco IOS XE.

Network management technologies course description A comprehensive tour of the available network management technologies available for todays networks. The course starts with basic tools such as syslog along with Python network automation. SNMP is then covered with the *flow technologies and streaming telemetry. Configuration management with ansible, Python, NETCONF and RESTCONF is then studied. The final part of the course looks at SDN. Hands on sessions are used throughout to reinforce the theory rather than teach specific manufacturer equipment. Note that sections are available as individual courses. What will you learn Evaluate network management technologies. Evaluate network management technologies. Recognise the weaknesses of SNMP versus NETCONF and streaming telemetry. Explain the role of NETCONF and RESTCONF. Compare & contrast *flow and streaming telemetry. Explain the role of SDN in network management. Automate network configuration with ansible and Python. Network management technologies course details Who will benefit: Those wishing to manage networks. (Previous Python experience is NOT needed) Prerequisites: Intro to data comms Duration 5 days Network management technologies course content Basic network management Network management What is network management? Benefits, issues. FCAPS model. Fault management, Configuration management, accounting, performance, security. What to manage, what not to manage. Managing network devices, managing servers. Monitoring networks Traditional network tools Ping..., SSH, syslog, TFTP for configurations. nmap. Wireshark. CLI. Web based management. Splunk. Nessus, snort, Kali. Hands on syslog, network inventories. Network automation using the CLI Programming and automating networks, netOps. Python, Git. Python network modules, SSH, paramiko, netmiko. EVE-NG. Hands onPython network modules. Structured versus unstructured data Problems with automation and unstructured data. XML, JSON, YAML. The role of YANG. Hands on Parsing data. SNMP SNMP architecture, SNMP MIBs, SMI, the SNMP protocol, polling security. Configuring SNMP. SNMPv1, v2, v3, SNMP security. Which version should you use? MIBs and MIB structure. mib-2, extra parts of mib-2, Private enterprise MIBs. Summary: What SNMP is good/bad at. Hands on Configuring agents and a NMS. MIB browsing. Server management Microsoft, Linux, application polling. WMI vs SNMP. Hands on: Application polling. Performance management *flow Polling, push vs pull, netflow, sflow, IPFIX, *flow. Flows. Where to monitor traffic. Comparing *flow with SNMP. Architecture: Generators and collectors. When flows are exported. NetFlow reporting products. SolarWinds. Hands on Netflow configuration. Collectors. Streaming telemetry Model driven telemetry, periodic/on change. Structured data. Telemetry protocol stack. gRPC and gNMI. Protobuf. gNMI operations. Telemetry architecture. Telegraf, databases, Grafana. Hands on Telemetry example. Configuration management Configuration management tools Chef, puppet, ansible, saltstack. Ansible architecture, controlling machines, nodes, agentless, SSH, modules. Inventories, playbooks, modules, network modules, jinja2 templates. Hands on Network configuration with ansible. NETCONF What is NETCONF? Protocol stack, Data stores, traffic flows, validating configurations, rollback. YANG data models and how YANG is used by NETCONF. XML. Explorers and other tools. Hands on anx, Python and NETCONF. RESTCONF The REST API, HTTP, What is RESTCONF? Tools including Postman. Comparison with NETCONF. Hands on Configuration with RESTCONF. Python network automation: configuration SSH issues. Using structured data. Jinja2. ncclient, requests, NAPALM, Nornir. Automated testing. Hands on Python network device configuration with nornir. Software Defined Networks and orchestration Classic SDN What is SDN? benefits. SDN architecture. SDN applications, SDN switches, SDN controllers, Network Operating Systems. Control plane, data plane. Northbound interfaces. SDN components. Southbound interfaces. OpenFlow. ONF, OpenFlow ports, Flow tables. Network virtualization Virtual networks, virtual switches, NfV. Service chaining. NfV and SDN. SDN implementations Classic SDN, Hybrid SDN, SDN via APIs, SDN via overlays. Data centre SDN, VXLAN, Service Provider SDN, SD WAN, Enterprise SDN, WiFi. SDN and open source OpenDaylight, OpenVSwitch, Open Networking Forum, Open Network Operating System. Hands onOpenStack. SD-WAN What is SD-WAN? Architecture: Edge, gateway, orchestrator, controller. Overlay and underlay. Use of MPLS, 4G/5G. Benefits and features. Secure Access Service Edge (SASE).

Integrating Linux and Microsoft course description This course is designed for the enterprise-level Linux professional and represents the highest level of professional, distribution-neutral Linux certification within the industry. LPIC-3 300 covers administering Linux enterprise-wide with an emphasis on mixed environments. What will you learn Configure and troubleshoot OpenLDAP. Use OpenLDAP as an authentication backend. Manage software packages. Use Samba - Share configuration - User and group management - Domain integration - Name services - with Linux and Windows clients Integrating Linux and Microsoft course details Who will benefit: Enterprise-level Linux professionals. Prerequisites: Delegates must have an active LPIC-2 certification to receive LPIC-3 certification, but the LPIC-2 and LPIC-3 exams may be taken in any order. Duration 5 days Integrating UNIX and Microsoft course contents OPENLDAP CONFIGURATION OpenLDAP replication Replication concepts, OpenLDAP replication, replication log files, replica hubs, LDAP referrals, LDAP sync replication. Securing the Directory Securing the directory with SSL and TLS, Firewall considerations, Unauthenticated access methods, User/password authentication methods, Maintanence of SASL user DB, certificates. OpenLDAP Server Performance Tuning Measure OpenLDAP performance, Tune software configuration to increase performance, indexes. OPENLDAP AS AN AUTHENTICATION BACKEND LDAP Integration with PAM and NSS Configure PAM to use LDAP for authentication, NSS to retrieve information from LDAP and PAM modules in UNIX. Integrating LDAP with Active Directory and Kerberos Kerberos integration with LDAP, Cross platform authentication, Single sign-on concepts, Integration and compatibility limitations between OpenLDAP and Active Directory. SAMBA BASICS Samba Concepts and Architecture Samba daemons and components, key issues regarding heterogeneous network, Identify key TCP/UDP ports used with SMB/CIFS, Knowledge of Samba3 and Samba4 differences. Configure Samba Samba server configuration file structure, variables and configuration parameters, Troubleshoot and debug configuration problems. Regular Samba Maintenance Monitor and interact with running Samba daemons, Perform regular backups of Samba configuration and state data. Troubleshooting Samba Samba logging, Backup TDB files, Restore TDB files, Identify TDB file corruption, Edit / list TDB file content. Internationalization Internationalization character codes and code pages, differences in the name space between Windows and Linux/Unix with respect to share, names, user/group/computer naming in a non-English environment. SAMBA SHARE CONFIGURATION Linux File System and Share/Service Permissions File / directory permission control, Samba interaction with Linux file system permissions and ACLs, Use Samba VFS to store Windows ACLs. Print Services Printer sharing, integration between Samba and CUPS, Manage Windows print drivers and configure downloading of print drivers, security concerns with printer sharing. SAMBA USER AND GROUP MANAGEMENT Managing User Accounts and Groups User and group accounts, mappings, user account management tools, smbpasswd, file/directory ownership of objects. Authentication, Authorization and Winbind Local password database, password synchronization, passdb backends, Convert between passdb backends, Integrate Samba with LDAP, Winbind service, PAM and NSS. SAMBA DOMAIN INTEGRATION Samba as a PDC and BDC Domain membership and trust relationships, Create and maintain a PDC and BDC with Samba3/4, Add computers to an existing domain, logon scripts, roaming profiles, system policies. Samba4 as an AD compatible Domain Samba 4 as an AD DC, smbclient, how Samba integrates with AD services: DNS, Kerberos, NTP, LDAP. Configure Samba as a Domain Member Server Joining Samba to NT4 and AD domains, obtain a TGT from a KDC. SAMBA NAME SERVICES NetBIOS and WINS WINS concepts, NetBIOS concepts, local master browser, domain master browser, Samba as a WINS server, name resolution, WINS replication, NetBIOS browsing and browser elections, NETBIOS name types. Active Directory Name Resolution DNS for Samba4 as an AD Domain Controller, DNS forwarding with the internal DNS server of Samba4. WORKING WITH LINUX AND WINDOWS CLIENTS CIFS Integration SMB/CIFS concepts, remote CIFS shares from a Linux client, securely storing CIFS credentials, features and benefits of CIFS, permissions and file ownership of remote CIFS shares. Working with Windows Clients browse lists and SMB clients from Windows, Share file/print resources from Windows, the smbclient program, the Windows net utility.