Network management technologies course description A comprehensive tour of the available network management technologies available for todays networks. The course starts with basic tools such as syslog along with Python network automation. SNMP is then covered with the *flow technologies and streaming telemetry. Configuration management with ansible, Python, NETCONF and RESTCONF is then studied. The final part of the course looks at SDN. Hands on sessions are used throughout to reinforce the theory rather than teach specific manufacturer equipment. Note that sections are available as individual courses. What will you learn Evaluate network management technologies. Evaluate network management technologies. Recognise the weaknesses of SNMP versus NETCONF and streaming telemetry. Explain the role of NETCONF and RESTCONF. Compare & contrast *flow and streaming telemetry. Explain the role of SDN in network management. Automate network configuration with ansible and Python. Network management technologies course details Who will benefit: Those wishing to manage networks. (Previous Python experience is NOT needed) Prerequisites: Intro to data comms Duration 5 days Network management technologies course content Basic network management Network management What is network management? Benefits, issues. FCAPS model. Fault management, Configuration management, accounting, performance, security. What to manage, what not to manage. Managing network devices, managing servers. Monitoring networks Traditional network tools Ping..., SSH, syslog, TFTP for configurations. nmap. Wireshark. CLI. Web based management. Splunk. Nessus, snort, Kali. Hands on syslog, network inventories. Network automation using the CLI Programming and automating networks, netOps. Python, Git. Python network modules, SSH, paramiko, netmiko. EVE-NG. Hands onPython network modules. Structured versus unstructured data Problems with automation and unstructured data. XML, JSON, YAML. The role of YANG. Hands on Parsing data. SNMP SNMP architecture, SNMP MIBs, SMI, the SNMP protocol, polling security. Configuring SNMP. SNMPv1, v2, v3, SNMP security. Which version should you use? MIBs and MIB structure. mib-2, extra parts of mib-2, Private enterprise MIBs. Summary: What SNMP is good/bad at. Hands on Configuring agents and a NMS. MIB browsing. Server management Microsoft, Linux, application polling. WMI vs SNMP. Hands on: Application polling. Performance management *flow Polling, push vs pull, netflow, sflow, IPFIX, *flow. Flows. Where to monitor traffic. Comparing *flow with SNMP. Architecture: Generators and collectors. When flows are exported. NetFlow reporting products. SolarWinds. Hands on Netflow configuration. Collectors. Streaming telemetry Model driven telemetry, periodic/on change. Structured data. Telemetry protocol stack. gRPC and gNMI. Protobuf. gNMI operations. Telemetry architecture. Telegraf, databases, Grafana. Hands on Telemetry example. Configuration management Configuration management tools Chef, puppet, ansible, saltstack. Ansible architecture, controlling machines, nodes, agentless, SSH, modules. Inventories, playbooks, modules, network modules, jinja2 templates. Hands on Network configuration with ansible. NETCONF What is NETCONF? Protocol stack, Data stores, traffic flows, validating configurations, rollback. YANG data models and how YANG is used by NETCONF. XML. Explorers and other tools. Hands on anx, Python and NETCONF. RESTCONF The REST API, HTTP, What is RESTCONF? Tools including Postman. Comparison with NETCONF. Hands on Configuration with RESTCONF. Python network automation: configuration SSH issues. Using structured data. Jinja2. ncclient, requests, NAPALM, Nornir. Automated testing. Hands on Python network device configuration with nornir. Software Defined Networks and orchestration Classic SDN What is SDN? benefits. SDN architecture. SDN applications, SDN switches, SDN controllers, Network Operating Systems. Control plane, data plane. Northbound interfaces. SDN components. Southbound interfaces. OpenFlow. ONF, OpenFlow ports, Flow tables. Network virtualization Virtual networks, virtual switches, NfV. Service chaining. NfV and SDN. SDN implementations Classic SDN, Hybrid SDN, SDN via APIs, SDN via overlays. Data centre SDN, VXLAN, Service Provider SDN, SD WAN, Enterprise SDN, WiFi. SDN and open source OpenDaylight, OpenVSwitch, Open Networking Forum, Open Network Operating System. Hands onOpenStack. SD-WAN What is SD-WAN? Architecture: Edge, gateway, orchestrator, controller. Overlay and underlay. Use of MPLS, 4G/5G. Benefits and features. Secure Access Service Edge (SASE).
GPON and FTTx networks training course description Designed to benefit those requiring an in depth knowledge of the principles and applications of Ten Gigabit and Gigabit Passive Optical Networking and Fibre to the X in NG Networks applications and their associated equipment, its flexibility and function within a modern transmission network. Using an effective mix of 'hands on' equipment instruction and correlation to theory based learning the delegate will gain a complete understanding of the equipment and the tasks to be undertaken in a real life situation. What will you learn Compare PON/FTTx systems. Explain network elements and designs. Support applications and network interfaces. List circuit provisioning and bandwidth requirements. Understand upstream & downstream issues. Describe headend & network elements/OLT-ONT. Perform network testing with OTDR test sets. GPON and FTTx networks training course details Who will benefit: Anyone working with GPON and FTTx. Prerequisites: Introduction to data communications and networking. Duration 5 days GPON and FTTx training course contents FTTN, FTTC, FTTH SMF, MMF, Fibre safety and properties (dispersion/attenuation), Fibre reel cables and types, Fibre installation and air blown fibre, Transmitters and receivers - power budget/laser classes. Fibre to the home (FTTH), FTTC (Fibre to the Cabinet), FTTN (Fibre to the node) , FTTD (Fibre to the desk), FFTH topologies and wavelengths, Active or passive optical network. WDM equipment and GPON OSP design Wavelength considerations, WDM/DWDM/CWDM, EDFA optical amplification, AWG (Arrayed Waveguide Grating) splitters , Couplers (splitters) and losses, Optical splitters 1x2, 1x4, 1x8, 1x16, 1x32, 1x64, 2x64. PON variants Gigabit passive optical network (GPON), Gigabit Ethernet passive optical network (GEPON), Time division PON (TDM-PON), Wave Division Multiplexing PON (WDM-PON), 1Gbps, 10Gbps, 40Ggps, 100Gbps FSAN (Full Service Access Network) NGA (Next Generation Access), Strategies for TDM-PON to WDM-PON migration, Architecture of NG-PON (hybrid WDM/TDM PON), Additional services than triple play. GEPON design GPON OSP centralized and distributed design, GPON PON splitters x4 x8 x32, Fibre splice trays /cassette trays & enclosures, GPON field testing and installation verification, GPON physical layer testing, Optical time domain reflectometer (OTDR), Optical power source & meter, Optical return loss (ORL), APON/BPON/GPON/EPON comparisons. GPON ITU-T G.984.1 Reference model, terminology & architecture, Access network system management functions. ONT & OLT functional block examples. FTTx scenarios, 4 switching arrangements for external access network backup. GPON ITU-T G.984.2 Physical layer, Enhancement band, Bit rate and wavelengths, FEC and RAMAN. GPON ITU-T G.984.3 Frame structure, GPON encapsulation method (GEM), GTC adaptation and framing sublayer protocol stack, Status reporting & traffic monitoring DBA (SR-DBA & TM-DBA), Transmission container (T-CONT) types, Downstream & upstream multiplexing, GEM port identifier, Media access control and ONU registration, Extended bandwidth assignment model scheduling architecture, PLOAM & alarm messages, Downstream & Upstream FEC, Process order in a GTC transmit flow. GPON ITU-T G.984.4 and G.988 ONT management and control interface (OMCI) Management interface, Reference model, Typical ONT with SCTE 55-1 or SCTE 55-2 compliancy. GPON ITU-T G.984.5 enhancement band Band options, GPON NGA, Wavelength allocation. GPON ITU-T G.984.6 optical reach extension (G.984.re) Reach extension (RE), OA-based and OEO-based reach extenders, Protection, Reach extender with OTDR blocking filters (BF) and bypass (BYP) filters. GPON ITU-T G.984.7 long reach Quiet Window. 10-GPON ITU-T G.987.1 (XG-PON) Scenarios, reference access network architecture, XG-PON with G-PON through WDM1r, G-PON and XG-PON wavelength allocation, G-PON and XG-PON co-existence with video overlay option, RE migration scenarios. G.989 40Gbps XG-PON2 Functional reference architecture, NG-PON2 system coexistence with legacy systems, Definitions of legacy compatibility terminology. GPON issues and standards GPON components GPON OLT / GPON ONT, GPON management, Operational support systems (OSS), Network management systems (NMS), OMCI (ONT Management control interface), RG (Residential gateway), Data and prioritised voice channel product, GPON broadband-forum standards, Broadband-forum , TR-069 and TR-156, HPNA (home phone network alliance), Powerline carrier (PLC), GPON DLNI G.hn or G.9960, MOCA, FTTH council certification standard for network certification. Fibre-connected home badge, Ethernet in the first mile (EFM), GPON frame synchronization to network timing, Direct clock synchronization interface (BITS), Multiservice access platform (MSAP), Software planning tool, Superconnected cities / voucher scheme. Hands on practical assignments Single and multimode fibre recognition, Fibre Cleaning methods, Checking cleaning with an optical microscope, Optical light source and optical power meter referencing, PON splitter and fibre drum testing with an optical power meter, 6km classroom passive optical network testing with an OTDR at 1310/1550nm, Using decibels (dB's) and decibel milliwats (dBm's), Designing networks up to 20km long using vendor specifications (power budget), Fault finding with a visible fault locator.
About this Training Course This 5 full-day course is aimed at engineers and supervisors who already have a basic understanding of well construction methods but who would benefit from a more detailed knowledge of completion design. The course will concentrate on the important aspects of completion design and what makes a safe and efficient well. A common thread of practical examples will be used throughout the course in the form of a case study or 'red-thread' exercise. The case study is based around data all taken from a single field where those attending will work through all the basic issues of a completion design. The exercises associated with the case study is performed in the student's own time after each of the formal sessions. However, at the start of the next day, the case study is reviewed and discussed. The whole case study will continue through all sessions, with each element being reviewed at the start of the next session. There is no 'right' answer to the exercise - producing interesting discussions! The purpose of the course is not to go over specific equipment in detail. Teaching methods include presentations, videos, and animations and the case study. The course will cover: Types and configurations of completions The completion design process Inflow performance, skin and formation damage Perforating; selection, deployment and interface with rest of completion Stimulation and impact on completion and flow performance with coverage of modern horizontal multifrac tools Open hole, non-sand control completions including open hole packers and horizontal well clean up Sand control; when do you need it, basic types and selection guidelines. Includes standalone screens, ICDs, various gravel packing techniques, frac packs and expandable screens Tubing sizing, flow estimation and liquid loading Artificial lift; types and selection criteria, interface with drilling, reservoir and facilities. Design of gas lift and ESPs included Production chemistry impacts on completion, prevention and removal (scales, wax, asphaltene, hydrates, and souring) Metallurgy, corrosion, and erosion; metal types and selection of Elastomers and plastics; types and selection of Tubing stress analysis; picking the grade and weight of tubing, plus selection criteria for packers and expansion devices. Interface between tubing stress analysis and casing design Completion equipment; basic types of equipment, reliability and selection criteria for each (tree, safety valve, mandrel, packers, expansion devices etc) Completion installation; importance of wellbore clean-out, function and types of brines, pointers for efficient completion installation Non-conventional wells; types and when / where to use them (multilaterals, smart (intelligent) wells and also SAGD, CO2 sequestration, CBM, etc) Training Objectives By the end of this course, the participants should be able to: Have a good understanding of the completion design process and what makes a good completion design Understand the importance of the installation process (completion running) in the design process Have an appreciation of new and developing completion techniques (intelligent wells) Target Audience This course will benefit engineers and field-based personnel such as completion supervisors and production engineers. It is also suitable for completion vendors, specialists such as chemists and subsurface personnel including geologists, reservoir engineers and petrophysicists. Trainer Your expert course leader has 30 years of oil and gas industry experience. A first class degree in geophysics and a master degree in Petroleum Engineering was a prelude to seven years with BP as a petroleum engineer. He left BP and following a short spell in Camco, jointly founded ICE Energy. After six years of completions and petroleum engineering consultancy and training, ICE Energy merged with TRACS International, where he continued with petroleum and completion engineering studies, leading integrated teams, and developing / delivering training courses for a variety of different clients in diverse world-wide locations. In the last five years, he is independent again - focusing on technical consulting and course delivery. POST TRAINING COACHING SUPPORT (OPTIONAL) To further optimise your learning experience from our courses, we also offer individualized 'One to One' coaching support for 2 hours post training. We can help improve your competence in your chosen area of interest, based on your learning needs and available hours. This is a great opportunity to improve your capability and confidence in a particular area of expertise. It will be delivered over a secure video conference call by one of our senior trainers. They will work with you to create a tailor-made coaching program that will help you achieve your goals faster. Request for further information post training support and fees applicable Accreditions And Affliations
Overview This course is meant for legal professionals to enhance their skills in litigation and understand the core areas of the process so that they can deliver great services to their clients. The course will focus on updating the skills in civil procedure with recent case law and legislative reforms to everyday issues.
Networking Microsoft Systems course description A hands-on course covering the network aspects of Microsoft systems. The course progresses from basic TCP/IP tools and configuration settings through to advanced security considerations finishing with an overview of Exchange and IIS. Hands on sessions are based on a choice of Windows Server 2003 or Windows 2000 server and Windows XP or Windows 2000 professional. Customised versions with other Microsoft platforms are also available. What will you learn Design networks with consideration for Microsoft issues such as logons. Design, configure and troubleshoot TCP/IP, DNS, WINS and DHCP. Configure security features such as PKI and IPSec. Describe the Windows TCP/IP implementation details. Networking Microsoft Systems course details Who will benefit: Anyone working with Microsoft systems. Prerequisites: TCP/IP foundation for engineers Supporting Windows ( XP or 2000 or 2003) Duration 5 days Networking Microsoft Systems course contents Configuring network cards PnP, resources, Ethernet cards, wireless cards, dial up networking, other cards, Ethernet settings, layer 2 QoS. Configuring and supporting IP Basic IP settings, advanced IP settings, advanced TCP settings, DrTCP and registry settings, security DHCP DHCP server, authorising the DHCP service, DHCP client, DHCP relays, Address pools, options, lease duration's, Integrating with DNS. Microsoft networking overview Workgroups and domains, Domain controllers, the logon process in a network, the role of Active Directory, synchronisation, protocol stacks and bindings. Accessing file and print resources Shared folders, permissions, network printers, browsing, NetBIOS, SMB. WINS Servers, clients, Client registration, renewing and releasing of names. NetBIOS node types. DNS1 Overview, Primary and secondary servers, DDNS, zones, resource records. The browser service Master, backup and other browser roles, elections, announcements, recovery from failure, Inter subnet browsing. TCP/IP implementation details Dead gateway detection, Multi homing, multicasting, MTU path discovery, registry settings, QOS and RSVP, Windows as a router, performance implications of Microsoft services. Internet Access Options, NAT, Firewall capabilities and Proxy server, Internet Authentication Service. Remote Access Installing, RAS servers. RAS process, protocols Security: PKI PPTP, L2TP, What is IPSec, configuring IPSec. Security: VPNs PPTP, L2TP, What is IPSec, configuring IPSec. Other Microsoft networking services & tools Netmeeting, instant messaging, white boarding, document collaboration, video conferencing Microsoft Exchange, IIS, Directory replication, SNMP, Net Monitor, integration with other platforms.
Supporting Microsoft IIS training course description This course provides students with the fundamental knowledge and skills to configure and manage Internet Information Services. This course is intended to help provide pre-requisite skills supporting a broad range of Internet web applications, security, and knowledge to help support other products that use IIS such as Exchange and SharePoint. What will you learn Install IIS. Configure IIS. Secure websites. Maintain IIS. Supporting Microsoft IIS training course details Who will benefit: Technical staff working with Microsoft IIS. Prerequisites: TCP/IP foundation for engineerss Supporting Windows ( XP or 2000 or 2003) Duration 5 days Supporting Microsoft IIS course contents Overview and Installing IIS Web Server infrastructure, installing IIS. Hands on Default install of IIS, verify and test.. Configuring the default website Default website, IIS Manager, default IIS file structure, configuring DNS records for a website, creating virtual directories and Applications. Hands on Configuring the Default website for public access. Creating Virtual Directories and Applications. Application Pools Application Pool Architecture, Application Pool recycling. Hands on Creating and managing Application Pools. Creating additional websites Multiple websites on a single server, website bindings. Hands on Creating new websites. Website and Web application support Configuring Common features, adding support for web applications. Hands on Adding support for web applications. Securing Websites and applications Access control, sites, applications, authentication and permissions. URL authorization rules. Hands on Configuring Authentication and permissions. Securing Data Transmissions with SSL Certificates and SSL, creating certificates for a web server, adding a certificate to a website. Hands on Certificates and HTTPS. Using the Central Certificate Store The Central Certificate Store. Hands on Install and configure the Central Certificate Store. Configuring Remote Administration Installing and Configuring the Management Service. Connecting to remote web servers and websites. Delegating Management Access. Hands on Remote administration. Implementing FTP Implementing FTP, configuring an FTP site. Hands on Install and configure a secured FTP site. Monitoring IIS IMonitoring IIS logs with Log Parser. Hands on Analyze a set of IIS log files for possible issues using Log Parser. Analyze performance data for performance related problems using PerfMon. Backing up and Restoring IIS The IIS environment. Hands on Performing a backup and restore of a website. Building Load-Balanced Web Farms Load-balancing mechanisms, building a Load-Balanced Web Farm using ARR, sharing content to a Web Farm using a network share, Sharing content to a Web Farm using DFS-R, Sharing IIS Configurations in a Web Farm. Hands on Installing and configuring ARR, sharing content to a Web Farm using network share and DFS-R, sharing IIS Configurations in a Web Farm.
Securing Linux systems training course description This course teaches you everything you need to know to build a safe Linux environment. The first section handles cryptography and authentication with certificates, openssl, mod_ssl, DNSSEC and filesystem encryption. Then Host security and hardening is covered with intrusion detection, and also user management and authentication. Filesystem Access control is then covered. Finally network security is covered with network hardening, packet filtering and VPNs. What will you learn Secure Linux accounts. Secure Linux file systems. Secure Linux access through the network. Securing Linux systems training course details Who will benefit: Linux technical staff needing to secure their systems. Prerequisites: Linux system administration (LPIC-1) Duration 5 days Securing Linux systems training course contents Cryptography Certificates and Public Key Infrastructures X.509 certificates, lifecycle, fields and certificate extensions. Trust chains and PKI. openssl. Public and private keys. Certification authority. Manage server and client certificates. Revoke certificates and CAs. Encryption, signing and authentication SSL, TLS, protocol versions. Transport layer security threats, e.g. MITM. Apache HTTPD with mod_ssl for HTTPS service, including SNI and HSTS. HTTPD with mod_ssl to authenticate users using certificates. HTTPD with mod_ssl to provide OCSP stapling. Use OpenSSL for SSL/TLS client and server tests. Encrypted File Systems Block device and file system encryption. dm-crypt with LUKS to encrypt block devices. eCryptfs to encrypt file systems, including home directories and, PAM integration, plain dm-crypt and EncFS. DNS and cryptography DNSSEC and DANE. BIND as an authoritative name server serving DNSSEC secured zones. BIND as an recursive name server that performs DNSSEC validation, KSK, ZSK, Key Tag, Key generation, key storage, key management and key rollover, Maintenance and resigning of zones, Use DANE. TSIG. Host Security Host Hardening BIOS and boot loader (GRUB 2) security. Disable useless software and services, sysctl for security related kernel configuration, particularly ASLR, Exec-Shield and IP / ICMP configuration, Exec-Shield and IP / ICMP configuration, Limit resource usage. Work with chroot environments, Security advantages of virtualization. Host Intrusion Detection The Linux Audit system, chkrootkit, rkhunter, including updates, Linux Malware Detect, Automate host scans using cron, AIDE, including rule management, OpenSCAP. User Management and Authentication NSS and PAM, Enforce password policies. Lock accounts automatically after failed login attempts, SSSD, Configure NSS and PAM for use with SSSD, SSSD authentication against Active Directory, IPA, LDAP, Kerberos and local domains, Kerberos and local domains, Kerberos tickets. FreeIPA Installation and Samba Integration FreeIPA, architecture and components. Install and manage a FreeIPA server and domain, Active Directory replication and Kerberos cross-realm trusts, sudo, autofs, SSH and SELinux integration in FreeIPA. Access Control Discretionary Access Control File ownership and permissions, SUID, SGID. Access control lists, extended attributes and attribute classes. Mandatory Access Control TE, RBAC, MAC, DAC. SELinux, AppArmor and Smack. etwork File Systems NFSv4 security issues and improvements, NFSv4 server and clients, NFSv4 authentication mechanisms (LIPKEY, SPKM, Kerberos), NFSv4 pseudo file system, NFSv4 ACLs. CIFS clients, CIFS Unix Extensions, CIFS security modes (NTLM, Kerberos), mapping and handling of CIFS ACLs and SIDs in a Linux system. Network Security Network Hardening FreeRADIUS, nmap, scan methods. Wireshark, filters and statistics. Rogue router advertisements and DHCP messages. Network Intrusion Detection ntop, Cacti, bandwidth usage monitoring, Snort, rule management, OpenVAS, NASL. Packet Filtering Firewall architectures, DMZ, netfilter, iptables and ip6tables, standard modules, tests and targets. IPv4 and IPv6 packet filtering. Connection tracking, NAT. IP sets and netfilter rules, nftables and nft. ebtables. conntrackd Virtual Private Networks OpenVPN server and clients for both bridged and routed VPN networks. IPsec server and clients for routed VPN networks using IPsec-Tools / racoon. L2TP.
Cyber security training course description This cyber security course focusses on the network side of security. Technologies rather than specific products are studied focussing around the protection of networks using firewalls and VPNs. What will you learn Describe: - Basic security attacks - RADIUS - SSL - VPNs Deploy firewalls and secure networks Explain how the various technologies involved in an IP VPN work. Describe and implement: - L2TP - IPsec - SSL - MPLS, L3, VPNs. Cyber security training course details Who will benefit: Anyone working in the security field. Prerequisites: TCP/IP foundation for engineers Duration 5 days Cyber security training course contents Security review Denial of service, DDOS, data manipulation, data theft, data destruction, security checklists, incident response. Security exploits IP spoofing, SYN attacks, hijacking, reflectors and amplification, keeping up to date with new threats. Hands on port scanning, use a 'hacking' tool. Client and Server security Windows, Linux, Log files, syslogd, accounts, data security. Hands on Server hardening. Firewall introduction What is a firewall? Firewall benefits, concepts. HAnds on launching various attacks on a target. Firewall types Packet filtering, SPI, Proxy, Personal. Software firewalls, hardware firewalls. Firewall products. Hands on Simple personal firewall configuration. Packet filtering firewalls Things to filter in the IP header, stateless vs. stateful filtering. ACLs. Advantages of packet filtering. Hands on Configuring packet filtering firewalls. Stateful packet filtering Stateful algorithms, packet-by-packet inspection, application content filtering, tracks, special handling (fragments, IP options), sessions with TCP and UDP. Firewall hacking detection: SYN attacks, SSL, SSH interception. Hands on SPI firewalls. Proxy firewalls Circuit level, application level, SOCKS. Proxy firewall plusses and minuses. Hands on Proxy firewalls. Firewall architectures Small office, enterprise, service provider, what is a DMZ? DMZ architectures, bastion hosts, multi DMZ. Virtual firewalls, transparent firewalls. Dual firewall design, high availability, load balancing, VRRP. Hands on Resilient firewall architecture. Testing firewalls Configuration checklist, testing procedure, monitoring firewalls, logging, syslog. Hands on Testing firewalls. Encryption Encryption keys, Encryption strengths, Secret key vs Public key, algorithms, systems, SSL, SSH, Public Key Infrastructures. Hands on Password cracking. Authentication Types of authentication, Securid, Biometrics, PGP, Digital certificates, X.509 v3, Certificate authorities, CRLs, RADIUS. Hands on Using certificates. VPN overview What is a VPN? What is an IP VPN? VPNs vs. Private Data Networks, Internet VPNs, Intranet VPNs, Remote access VPNs, Site to site VPNs, VPN benefits and disadvantages. VPN Tunnelling VPN components, VPN tunnels, tunnel sources, tunnel end points, tunnelling topologies, tunnelling protocols, which tunnelling protocol? Requirements of tunnels. L2TP Overview, components, how it works, security, packet authentication, L2TP/IPsec, L2TP/PPP, L2 vs L3 tunnelling. Hands on Implementing a L2TP tunnel. IPsec AH, HMAC, ESP, transport and tunnel modes, Security Association, encryption and authentication algorithms, manual vs automated key exchange, NAT and other issues. Hands on Implementing an IPsec VPN. SSL VPNs Layer 4 VPNs, advantages, disadvantages. SSL. TLS. TLS negotiation, TLS authentication. TLS and certificates. Hands on Implementing a SSL VPN. MPLS VPNs Introduction to MPLS, why use MPLS, Headers, architecture, label switching, LDP, MPLS VPNs, L2 versus L3 VPNs. Point to point versus multipoint MPLS VPNs. MBGP and VRFs and their use in MPLS VPNs. Hands on Implementing a MPLS L3 VPN. Penetration testing Hacking webservers, web applications, Wireless networks and mobile platforms. Concepts, threats, methodology. Hands on Hacking tools and countermeasures.
Integrating UNIX and Microsoft course description This course is designed for the enterprise-level UNIX professional and represents the highest level of professional, distribution-neutral UNIX certification within the industry. It covers administering UNIX enterprise-wide with an emphasis on mixed environments. What will you learn Configure and troubleshoot OpenLDAP. Use OpenLDAP as an authentication backend. Manage software packages. Use Samba - Share configuration - User and group management - Domain integration - Name services - with Linux and Windows clients Integrating UNIX and Microsoft course details Who will benefit: Enterprise-level UNIX professionals. Prerequisites: UNIX network administration. Duration 5 days Integrating UNIX and Microsoft course contents OPENLDAP CONFIGURATION OpenLDAP replication Replication concepts, OpenLDAP replication, replication log files, replica hubs, LDAP referrals, LDAP sync replication. Securing the Directory Securing the directory with SSL and TLS, Firewall considerations, Unauthenticated access methods, User/password authentication methods, Maintanence of SASL user DB, certificates. OpenLDAP Server Performance Tuning Measure OpenLDAP performance, Tune software configuration to increase performance, indexes. OPENLDAP AS AN AUTHENTICATION BACKEND LDAP Integration with PAM and NSS Configure PAM to use LDAP for authentication, NSS to retrieve information from LDAP and PAM modules in UNIX. Integrating LDAP with Active Directory and Kerberos Kerberos integration with LDAP, Cross platform authentication, Single sign-on concepts, Integration and compatibility limitations between OpenLDAP and Active Directory. SAMBA BASICS Samba Concepts and Architecture Samba daemons and components, key issues regarding heterogeneous network, Identify key TCP/UDP ports used with SMB/CIFS, Knowledge of Samba3 and Samba4 differences. Configure Samba Samba server configuration file structure, variables and configuration parameters, Troubleshoot and debug configuration problems. Regular Samba Maintenance Monitor and interact with running Samba daemons, Perform regular backups of Samba configuration and state data. Troubleshooting Samba Samba logging, Backup TDB files, Restore TDB files, Identify TDB file corruption, Edit / list TDB file content. Internationalization Internationalization character codes and code pages, differences in the name space between Windows and Linux/Unix with respect to share, names, user/group/computer naming in a non-English environment. SAMBA SHARE CONFIGURATION Linux File System and Share/Service Permissions File / directory permission control, Samba interaction with Linux file system permissions and ACLs, Use Samba VFS to store Windows ACLs. Print Services Printer sharing, integration between Samba and CUPS, Manage Windows print drivers and configure downloading of print drivers, security concerns with printer sharing. SAMBA USER AND GROUP MANAGEMENT Managing User Accounts and Groups User and group accounts, mappings, user account management tools, smbpasswd, file/directory ownership of objects. Authentication, Authorization and Winbind Local password database, password synchronization, passdb backends, Convert between passdb backends, Integrate Samba with LDAP, Winbind service, PAM and NSS. SAMBA DOMAIN INTEGRATION Samba as a PDC and BDC Domain membership and trust relationships, Create and maintain a PDC and BDC with Samba3/4, Add computers to an existing domain, logon scripts, roaming profiles, system policies. Samba4 as an AD compatible Domain Samba 4 as an AD DC, smbclient, how Samba integrates with AD services: DNS, Kerberos, NTP, LDAP. Configure Samba as a Domain Member Server Joining Samba to NT4 and AD domains, obtain a TGT from a KDC. SAMBA NAME SERVICES NetBIOS and WINS WINS concepts, NetBIOS concepts, local master browser, domain master browser, Samba as a WINS server, name resolution, WINS replication, NetBIOS browsing and browser elections, NETBIOS name types. Active Directory Name Resolution DNS for Samba4 as an AD Domain Controller, DNS forwarding with the internal DNS server of Samba4. WORKING WITH LINUX AND WINDOWS CLIENTS CIFS Integration SMB/CIFS concepts, remote CIFS shares from a Linux client, securely storing CIFS credentials, features and benefits of CIFS, permissions and file ownership of remote CIFS shares. Working with Windows Clients browse lists and SMB clients from Windows, Share file/print resources from Windows, the smbclient program, the Windows net utility.
Integrating Linux and Microsoft course description This course is designed for the enterprise-level Linux professional and represents the highest level of professional, distribution-neutral Linux certification within the industry. LPIC-3 300 covers administering Linux enterprise-wide with an emphasis on mixed environments. What will you learn Configure and troubleshoot OpenLDAP. Use OpenLDAP as an authentication backend. Manage software packages. Use Samba - Share configuration - User and group management - Domain integration - Name services - with Linux and Windows clients Integrating Linux and Microsoft course details Who will benefit: Enterprise-level Linux professionals. Prerequisites: Delegates must have an active LPIC-2 certification to receive LPIC-3 certification, but the LPIC-2 and LPIC-3 exams may be taken in any order. Duration 5 days Integrating UNIX and Microsoft course contents OPENLDAP CONFIGURATION OpenLDAP replication Replication concepts, OpenLDAP replication, replication log files, replica hubs, LDAP referrals, LDAP sync replication. Securing the Directory Securing the directory with SSL and TLS, Firewall considerations, Unauthenticated access methods, User/password authentication methods, Maintanence of SASL user DB, certificates. OpenLDAP Server Performance Tuning Measure OpenLDAP performance, Tune software configuration to increase performance, indexes. OPENLDAP AS AN AUTHENTICATION BACKEND LDAP Integration with PAM and NSS Configure PAM to use LDAP for authentication, NSS to retrieve information from LDAP and PAM modules in UNIX. Integrating LDAP with Active Directory and Kerberos Kerberos integration with LDAP, Cross platform authentication, Single sign-on concepts, Integration and compatibility limitations between OpenLDAP and Active Directory. SAMBA BASICS Samba Concepts and Architecture Samba daemons and components, key issues regarding heterogeneous network, Identify key TCP/UDP ports used with SMB/CIFS, Knowledge of Samba3 and Samba4 differences. Configure Samba Samba server configuration file structure, variables and configuration parameters, Troubleshoot and debug configuration problems. Regular Samba Maintenance Monitor and interact with running Samba daemons, Perform regular backups of Samba configuration and state data. Troubleshooting Samba Samba logging, Backup TDB files, Restore TDB files, Identify TDB file corruption, Edit / list TDB file content. Internationalization Internationalization character codes and code pages, differences in the name space between Windows and Linux/Unix with respect to share, names, user/group/computer naming in a non-English environment. SAMBA SHARE CONFIGURATION Linux File System and Share/Service Permissions File / directory permission control, Samba interaction with Linux file system permissions and ACLs, Use Samba VFS to store Windows ACLs. Print Services Printer sharing, integration between Samba and CUPS, Manage Windows print drivers and configure downloading of print drivers, security concerns with printer sharing. SAMBA USER AND GROUP MANAGEMENT Managing User Accounts and Groups User and group accounts, mappings, user account management tools, smbpasswd, file/directory ownership of objects. Authentication, Authorization and Winbind Local password database, password synchronization, passdb backends, Convert between passdb backends, Integrate Samba with LDAP, Winbind service, PAM and NSS. SAMBA DOMAIN INTEGRATION Samba as a PDC and BDC Domain membership and trust relationships, Create and maintain a PDC and BDC with Samba3/4, Add computers to an existing domain, logon scripts, roaming profiles, system policies. Samba4 as an AD compatible Domain Samba 4 as an AD DC, smbclient, how Samba integrates with AD services: DNS, Kerberos, NTP, LDAP. Configure Samba as a Domain Member Server Joining Samba to NT4 and AD domains, obtain a TGT from a KDC. SAMBA NAME SERVICES NetBIOS and WINS WINS concepts, NetBIOS concepts, local master browser, domain master browser, Samba as a WINS server, name resolution, WINS replication, NetBIOS browsing and browser elections, NETBIOS name types. Active Directory Name Resolution DNS for Samba4 as an AD Domain Controller, DNS forwarding with the internal DNS server of Samba4. WORKING WITH LINUX AND WINDOWS CLIENTS CIFS Integration SMB/CIFS concepts, remote CIFS shares from a Linux client, securely storing CIFS credentials, features and benefits of CIFS, permissions and file ownership of remote CIFS shares. Working with Windows Clients browse lists and SMB clients from Windows, Share file/print resources from Windows, the smbclient program, the Windows net utility.