2566 Courses in Southampton

About this training course This 3-days training will provide a comprehensive review of integrity of wells exposed to carbon dioxide (CO2) in the context of Carbon Capture Utilization for enhanced oil recovery and Storage (CCUS). CO2 geological storage is a proven technology to reduce greenhouse gas emissions from sources such as coal power plants, cement kilns and steel mills. Wells are widely considered the most critical containment element, especially older wells that are not used to inject CO2 or monitor the plume evolution in the storage reservoir. The main reason for this perceived risk is the high corrosion rate of carbon steel when exposed to wet CO2, and the tendency of Portland cement to react with the gas. The training course advanced contents build on 15 years' experience in carbon storage, both in the development and deployment of technologies. First-hand, in-depth knowledge of the subject will allow us to debunk myths and focus on the real challenges of wells encountering CO2. Training Objectives After the completion of this training course, participants will be able to: Explain the CCUS market drivers Examine the behavior of CO2, on surface and in the reservoir Diagnose cement defects and design repairs Understand the limits of Portland cement Assess the benefits of different technologies and materials Realize why geology is a dominant factor in cement performance Critically choose the most appropriate monitoring techniques Classify aging processes of cement, steel, and rock when exposed to CO2 Assess the risk of existing wells if they encounter the CO2 plume Examine recent advances in real-time approaches to the production monitoring and lift management Target Audience This training course is suitable and will greatly benefit: All surface technical personnel such as process engineers & technologists Facility engineers, production engineers & technologists Drilling engineers and Well engineers Design engineers and Integrity engineers P&A engineers and Cementing engineers Geologists Senior management executives will benefit from this training as covers an overview of the technical and commercial details of CO2 capture technologies and risks involved. Course Level Intermediate Training Methods The training instructor relies on a highly interactive training method to enhance the learning process. This method ensures that all participants gain a complete understanding of all the topics covered. The training environment is highly stimulating, challenging, and effective because the participants will learn by case studies which will allow them to apply the material taught in their own organization. Course Duration: 3 days in total (21 hours). Training Schedule 0830 - Registration 0900 - Start of training 1030 - Morning Break 1045 - Training recommences 1230 - Lunch Break 1330 - Training recommences 1515 - Evening break 1530 - Training recommences 1700 - End of Training The maximum number of participants allowed for this training course is 20. This course is also available through our Virtual Instructor Led Training (VILT) format. Trainer Your expert course leader is an engineer with a passion for well integrity and possesses 28 years of international experience in field operations, technology development and management in the oil & gas and carbon storage sectors. Since 2018 he is program chair of the Well Integrity Technical Section of the Society of Petroleum Engineers (SPE). He is also author or co-author of 31 technical papers, a book chapter on CO2 geological storage and 7 patent applications. He delivers training on well integrity, plug and abandonment, asset integrity, risk management and QHSE across the Eastern Hemisphere, and carries out active research on harnessing geological barriers, modeling leaks through cement, and quantifying methane emissions from oil & gas wells. He has extensive expertise in: Well integrity, cementing, corrosion, upstream oil & gas (drilling, completion), carbon capture and storage, mathematical modeling, risk management, reliability, HSSE (health/safety/security/environment), asset integrity, management systems, sustainable development, project management, portfolio management, training, and technology development and innovation. He has personally worked on CCS projects in Europe (France, Germany, Netherlands, Norway), Algeria, Japan and USA. Partial list of companies that have benefited from the trainer's expertise: Vermilion Energy Geostock Aker BP Shell Statoil ENI TNO Geogreen Wintershall Archer INA and many more Recent CCS consulting track record: Schlumberger Total Oxand TNO THREE60 Energy and others POST TRAINING COACHING SUPPORT (OPTIONAL) To further optimise your learning experience from our courses, we also offer individualized 'One to One' coaching support for 2 hours post training. We can help improve your competence in your chosen area of interest, based on your learning needs and available hours. This is a great opportunity to improve your capability and confidence in a particular area of expertise. It will be delivered over a secure video conference call by one of our senior trainers. They will work with you to create a tailor-made coaching program that will help you achieve your goals faster. Request for further information post training support and fees applicable

Total QoS training course description An advanced technical hands on course focusing on Quality of Service issues in IP networks. What will you learn Explain the difference between Integrated services and differentiated services. Explain how DiffServ works. Explain how RSVP works. Design networks supporting QoS. Total QoS training course details Who will benefit: Network administrators. Network operators. Prerequisites: TCP/IP Foundation for engineers Duration 3 days Total QoS training course contents What is QoS QoS and CoS, throwing bandwidth at the problem, Best effort services, Differentiated services, Integrated services, guarantees, the need for QoS, IETF working groups. Application issues Video, Voice, other applications, Jitter, delay, packet loss. Flows, per flow and per aggregate QoS, Stateful vs. stateless QoS, applications vs. network QoS. 'Traditional' IP QoS The TOS field and precedence, the obsolete OSPF use of the TOS field, TCP congestion avoidance. Queuing Where to use queuing, FIFO, Priority queuing, Custom queuing, Weighted Fair Queuing, CBWFQ, PQWFQ, LLQ, RED and WRED. DiffServ Architecture, DSCP, CU, packet classification and marking, meters and conditioners, Bandwidth brokers and COPS, Per Hop Behaviours, best effort PHB, Assured Forwarding PHB, Expedited forwarding PHB, Network Based Application Recognition (NBAR). Layer 2 issues Fragmentation and interleaving, compression (codecs, MPEG formats, header compression…), 802.1p, Subnet bandwidth management, Bandwidth allocators and requestor modules, the use of MPLS, traffic engineering, traffic shaping. RSVP What is RSVP? architectures, paths, path messages, reservations, traffic specifications, tear downs, guaranteed and controlled load, token buckets, Call Admission Control in voice networks, gatekeepers. Other issues Policy based routing, the Resource Allocation Protocol, QoS management tools, baselining networks, design issues, QoS in IPv6, QoS and multicasts.

LTE Architecture and Protocols course description This course provides a comprehensive tour of the LTE architecture along with services provided and the protocols used. What will you learn Describe the overall architecture of LTE. Explain the information flows through LTE. Describe the LTE security. Describe LTE mobility management. Recognise the next steps for LTE. LTE Architecture and Protocols course details Who will benefit: Anyone working with LTE. Prerequisites: Mobile communications demystified Duration 3 days LTE Architecture and Protocols course contents Introduction History, LTE key features. The 4G ITU process. The LTE 3GPP specifications. Specifications. System Architecture LTE hardware architecture. UE architecture and capabilities. E-UTRAN and eNB. EPC, MME functions, SGW, PGW and PCRF. System interfaces and protocol stacks. Example information flows. Dedicated and default bearers. EMM, ECM, RRC state diagrams. Radio transmission and reception OFDMA, SC-FDMA, MIMO antennas. Air interface protocol stack. Logical, transport and physical channels. Frame and slot structure, the resource grid. Resource element mapping of the physical channels and signals. Cell acquisition, data transmission and random access. MAC, RLC, PDCP protocols. LTE spectrum allocation. Power-on procedures Network and cell selection. RRC connection establishment. Attach procedure, including IP address allocation and default bearer activation. LTE detach procedure. Security in LTE networks LTE security features, identity confidentiality, ciphering and integrity protection. Architecture of network access security in LTE. Secure key hierarchy. Authentication and key agreement procedure. Security mode command procedure. Network domain security architecture. Security associations using IKE and IPSec. Mobility management RRC_IDLE, RRC_CONNECTED. Cell reselection, tracking area updates. Measurement reporting. X2 and S1 based handovers. Interoperation with UMTS, GSM and non-3GPP technologies such as cdma2000. QoS, policy control and charging QoS in LTE, EPS bearers, service data flows and packet flows. The architecture and signalling procedures for policy and charging control. Data transport using GPRS, differentiated services and MPLS. Offline and online charging in LTE. Delivery of voice and text messages over LTE Difficulties and solutions for Voice over LTE. Architecture and call setup procedures for circuit switched fallback. Architecture, protocols and call setup procedures in IP multimedia subsystem. Enhancements in release 9 LTE location services. Multimedia broadcast / multicast service and MBSFN. Cell selection, commercial mobile alert service. LTE Advanced and release 10 Impact of carrier aggregation on LTE air interface. Enhanced MIMO processing on uplink and downlink. Relaying. Release 11 and beyond. OAM and self organising networks Operation, administration, maintenance and provisioning for LTE. Self-configuration of base station parameters. Fractional frequency re-use, inter-cell interference co-ordination. Self-optimisation of base station procedures. Self-healing to detect and recover from faults.

SIP training course description A hands on course covering IP telephony with SIP. The course starts with a brief review of knowledge students should already possess including RTP and RTCP. The main focus is on SIP though, progressing from what SIP is through SIP signalling, call processing and architectures, moving onto more advanced issues including security, multimedia, and interoperability. Hands-on practicals follow each major theory session. What will you learn Explain how SIP works. Analyse SIP packets. Deploy SIP IP telephony solutions. Integrate SIP with other telephony solutions. SIP training course details Who will benefit: Technical staff working with SIP. Prerequisites: Definitive VoIP for engineers Duration 3 days SIP training course contents VoIP review What is VoIP? Brief review of IP, Brief review of telephones and voice. RTP, RTCP, mixers and translators. Hands on Analysing RTP packets. What is SIP? Why SIP? SIP history, SIP standards, SIP capabilities, key services, how SIP works, and a basic SIP call. Hands on Peer to peer SIP. SIP messages SIP sessions, SIP flows, Message structure, INVITE, ACK, BYE, CANCEL, OPTIONS, REGISTER. Extension methods. Response codes. SIP call flows. Hands on Analysing SIP packets. SIP architectures UA client, UA server, Proxy servers, Redirect servers, registrars. SIP phones, gateways, application servers, and other products. Stateful and stateless servers. Various call scenarios. Hands on SIP proxies. SIP addressing URLs, SIP addresses, registration, Location and Directory servers. Address tracking. Hands on SIP and DNS. Supplementary services SIP signalling, signalling compression, Call hold, Call forwarding, Home and away scenarios, transfers, conferences, call control. Hands on Analysing SIP supplementary services. SDP What is SDP? Multimedia, multimedia session announcement, invitation and others. Relationship with SIP. Hands on Video conferencing with SIP. SIP security Access control, Authentication, encryption, firewalls. Hands on SIP authentication. Interoperability Inter working with PSTN, ISUP to SIP mapping, SIP and 3G, SIP-T, SIP and SIGTRAN. SIP and H323. Hands on SIP and gateways. SIP mobility Terminal mobility, service mobility, personal mobility, Mobile IP, SIP signalling flows in 3G.

Windows clustering training course description This course covers high availability and disaster recovery technologies such as live migration, storage migration and Hyper-V Replica, as well as providing indepth coverage of failover clustering including a detailed implementation of failover clustering of Hyper- V using SoFS. The course also covers System Center Virtual Machine Manager and implementing Network Load Balancing (NLB) and load balancing clusters. What will you learn Plan and implement a failover cluster. Describe managing server roles and clustering resources. Implement and manage virtual machines. Use System Center Virtual Machine Manager. Describe cloud-based storage and high availability solutions. Implement a Network Load Balancing (NLB) cluster. Windows clustering training course details Who will benefit: Technical staff working with Microsoft clusters. Prerequisites: Supporting Microsoft Windows server Duration 3 days Windows clustering training course contents High Availability in Windows Server Defining levels of availability, High Availability and disaster recovery solutions with Hyper-V Virtual Machines, High Availability with failover clustering in Windows Server. Hands on Configuring High Availability and Disaster Recovery. Implementing failover clustering Planning a failover cluster, creating a new failover cluster. Hands on Creating and Administering a Cluster. Server roles and clustering resources Configuring highly available applications and services on a failover cluster, managing and maintaining a failover cluster, troubleshooting a failover cluster, implementing site high availability with multisite failover clusters. Hands on Managing server roles and clustering resources. Failover clustering with Hyper-V Overview of integrating Hyper-V with failover clustering, implementing Hyper-V with failover clustering, managing and maintaining Hyper-V Virtual Machines on failover clusters. Hands on Implementing failover clustering by using Hyper-V Storage Infrastructure Management with Virtual Machine Manager Virtual Machine Manager, managing storage infrastructure with Virtual Machine Manager, provisioning failover clustering in Virtual Machine Manager. Hands on Managing storage infrastructure. Cloud-Based storage and High Availability Azure storage solutions and infrastructure, cloud integrated storage with StorSimple, disaster recovery with Azure Site Recovery. Hands on Managing cloud-based storage and high availability Network Load Balancing Clusters Overview of NLB, configuring an NLB cluster, planning NLB. Hands on Implementing a Network Load Balancing Cluster

MPLS training course description A hands-on introduction to MPLS covering the basics of what MPLS is and how to configure it, through to more advanced concepts such as MPLS VPNs and traffic engineering with MPLS. What will you learn Describe MPLS Explain how MPLS works Describe the interaction between OSPF/IS-IS/BGP and MPLS Describe MPLS traffic engineering MPLS training course details Who will benefit: Anyone working with MPLS. Prerequisites: IP Routing BGP Duration 3 days MPLS training course contents What is MPLS? What does MPLS stand for? What is MPLS? Core MPLS, MPLS and the 7 layer model, MPLS is a protocol, MPLS is a standard, MPLS runs on routers, MPLS history, Why MPLS? For service providers, For enterprises. MPLS Architecture Label Switch Routers, two types of LSR, PE and P router roles, FEC, swapping labels, MPLS packet format, Loops, TTL control. Hands on: Building the base network. Enabling MPLS. Simple testing and troubleshooting of MPLS. Label distribution Label review, label switch path, label distribution methods, piggybacking, Label distribution Protocols, LDP, LDP operation, LDP packets, discovery messages, session messages, advertisement messages, notification message, Label Information Base, routing tables, the LFIB, MPLS forwarding, penultimate hop popping, handling labels, LSP control modes, when to distribute labels, how long to keep labels, aggregation, label merging. Hands on: LDP traffic analysis. MPLS TE and QoS What is MPLS TE? Why TE? TE versus shorted path, how MPLS TE works, CR-LDP, OSPF-TE, IS-IS-TE, TE with BGP, RSVP-TE, MPLS Fast reroute, MPLS QoS. Hands on: Enabling MPLS-TE. BFD BFD, hello the BFD protocol. MPLS VPN What is a VPN? MPLS VPN types, MPLS VPN comparison, MPLS L3 VPN, VRFs, MBGP, MPLS VPN architecture, VRF RD, VRF RT, the label stack, L2 VPNs, VPWS, AToM, VPLS. Hands on: MPLS L3 VPN setup, troubleshooting.

Definitive VPNs training course description A hands on course covering VPNs from the basics of benefits and Internet vs. Intranet VPNs through to detailed analysis of the technologies involved in VPNs. All the major VPN protocols are covered including PPPoE, L2TP, SSL, IPsec and dynamic VPNs. MPLS L3 VPNs are also covered. What will you learn Describe what a VPN is and explain the difference between different VPN types. Recognise the design and implementation issues involved in implementing a VPN. Explain how the various technologies involved in a VPN work. Describe and implement: L2TP, IPsec, SSL, MPLS L3 VPNs. Evaluate VPN technologies. Definitive VPNs training course details Who will benefit: Network personnel. Prerequisites: IP Security foundation for engineers. Duration 3 days Definitive VPNs training course contents VPN overview What is a VPN? What is an IP VPN? VPNs vs. Private Data Networks, Internet VPNs, Intranet VPNs, Remote access VPNs, Site to site VPNs, VPN benefits and disadvantages. VPN Tunnelling VPN components, VPN tunnels, tunnel sources, tunnel end points, hardware based VPNs, Firewall based VPNs, software based VPNs, tunnelling topologies, tunnelling protocols, which tunnelling protocol should you use? requirements of tunnels. VPN security components Critical VPN security requirements, Encryption and authentication, Diffie Hellman, DES, 3DES, RSA, PKI, Ca server types, pre shared keys versus certificates, Enrolling with a CA, RADIUS in VPNs. PPP Encapsulation, operation, authentication. Hands on Setting up PPPoE and analysing PPP packets. PPTP Overview, Components, How it works, control and data connections, GRE. Hands on Building a PPTP VPN. L2TP Overview, components, how it works, security, packet authentication, L2TP/IPSec, L2TP/PPP, Layer 2 versus layer 3 tunnelling. Hands on Implementing a L2TP tunnel. IPSec AH, HMAC, ESP, transport and tunnel modes, Security Association, use of encryption and authentication algorithms, manual vs automated key exchange, NAT and other issues. Hands on Implementing an IPSec VPN. Intranet VPNs Headers, architecture, label switching, LDP, MPLS VPNs. VPN products and services PE and CPE, management, various VPN products. VPN issues and architectures VPN architectures: terminate VPN before/on/ after/in parallel with firewall, resilience issues, VRRP, performance issues, QoS and VPNs. documentation.

Asterisk training course description This 3 day hands on Asterisk training course covers all the ground for you to get an Asterisk PBX installed and configured. After installation the course progresses from a simple first configuration onto VoIP and PSTN integration along with the provision of PBX features such as ACD and IVR. Practical sessions follow each major section to reinforce the theory. What will you learn Install and configure Asterisk. Connect Asterisk to the Internet and PSTN. Integrate VoIP and the PSTN. Configure Asterisk for PBX features such as voicemail, ACD and IVR. Asterisk training course details Who will benefit: Technical staff working with or evaluating Asterisk. Prerequisites: None although hands on experience of UNIX systems would be beneficial, as would knowledge of VoIP. Duration 3 days Asterisk training course contents What is Asterisk? PBXs, what Asterisk does, Asterisk features, Asterisk VoIP support, Asterisk and the Internet, Asterisk and the PSTN, hosted VoIP systems. Asterisk installation Linux installation, Asterisk package compilation and installation. Timing sources. Hands on Installing Asterisk Managing Asterisk Starting/stopping Asterisk, command arguments, Asterisk commands, log files, logger.conf, remote management. Hands on Controlling Asterisk. First Asterisk configuration The role of SIP, IP phones, DHCP, IP addressing, sip.conf, extensions.conf. Hands on Simple SIP configuration Asterisk architecture Server hardware, interfaces, channels, Zaptel, Digium, Asterisk filesystem, connections. The configuration files, syntax, asterisk.conf. Hands on Adding hardware for Asterisk, exploring the configuration files. DAHDI configuration Digium hardware, DAHDI architecture, DAHDI installation, DAHDI configuration, system.conf, FXS, FXO, E1, chan_dahdi.conf, dahdi_cfg, DAHDI tools. Hands on Connecting Asterisk to the PSTN. Dial plans extensions.conf detail, contexts, priorities. Hands on Configuring dial plans. SIP configuration sip.conf in detail, defining SIP channels, incoming SIP channels, outgoing SIP channels, SIP variables, Asterisk as a SIP client and SIP server. Hands on SIP configuration. IAX configuration What is IAX, IAX server, IAX client, IAX channels, iax.conf, IAX syntax in extensions.conf, IAX trunking. Hands on Linking Asterisk systems. Implementing PBX functions Voicemail, voicemail trees, voicemail passwords, Music on hold, meetme conferencing, call parking. ACD, IVR, fax. Hands on Configuring PBX features.

5G training course description This course is designed to give the delegate an understanding of the technologies and interworking requirements of the next generation of cellular communications. It is not a definitive set of descriptions but a possibility of the final deployment. During the course we will investigate the 10 pillars for 5G, which will include various Radio Access Technologies that are required to interwork smoothly. Hence we will look at the 4G Pro features and other RATs. What will you learn List the ten pillars of 5G deployment. Explain the 5G Internet and Software Distributed Networks (SDN). Explain carrier aggregation, the mobile cloud and RAT virtualisation. Explain an overall picture of 5G architecture. 5G training course details Who will benefit: Anyone who is looking to work with next generation networks. Prerequisites: Mobile communications demystified Duration 3 days 5G training course contents Drivers for 5G 5G Road Map, 10 Pillars of 5G, evolving RATs, small cell, o SON, MTCm, mm-wave, backhaul, EE, new spectrum, spectrum sharing, RAN virtualisation. 4G LTE advanced features *MIMO, Downlink & uplink MIMO R8, MIMO technology in LTE advanced, Downlink 8-layer SU-MIMO, Downlink MU-MIMO, Uplink MU-MIMO, Uplink transmit diversity, Coordinated multi-point operation (CoMP), Independent eNB & remote base station configurations, Downlink CoMP, * Uplink Multi-Cell Reception. ICIC & eICIC ICIC, Homogeneous to heterogeneous network, eICIC, Macro-pico scenario, Macro-femto scenario, Time orthogonal frequencies. Almost Blank Subframe (ABS). Carrier aggregation Component carriers (CC), * CC aggregation, Intra-band contiguous solutions, Intra-band non-contiguous solutions, Inter-band non-contiguous solutions, CA bandwidth classes, Aggregated transmission bandwidth configurations (ATBC), Possible carrier aggregation configurations (Rel 9, 10 & 12). Enhanced Interference Mitigation & Traffic Adaptation (eIMTA) TDD UL-DL reconfiguration for traffic adaptation, Reconfiguration mechanisms, Interference mitigation schemes, Dynamic & flexible resource allocation. 5G architectures 5G in Europe, horizon 2020 framework, 5G infrastructure PPP, METIS project, innovation centre, 5G in North America, research, company R & D, 5G specifications. The 5G internet Cloud services, IoT & context awareness, network reconfiguration & virtualization support, hypervisors, SDN, the controller, service-oriented API, OpenFlow switches, SDN operation, SDN control for traffic flow redirection, OpenFlow controllers, how SDN works, application, control and infrastructure layers, a programmable network, how SDN & NFV tie together, SDN's downside, SDN orchestration, Mobility, architectures for distributed mobility management, MEDIEVAL & MEDIVO projects, a clean slate approach, mobility first architecture, network virtualization (VNet), INM, NetInf, ForMux, MEEM, GP & AM, QoS support, network resource provisioning, IntServ, RSVP, DiffServ, CoS, aggregated resource provisioning, SICAP, MARA, Emerging approach for resource over-provisioning, example use case architecture for the 5G internet, integrating SDN/NFV for efficient resource control, control information repository, service admission control policies, network resource provisioning, control enforcement functions, network configurations, network operations. Small cells for 5G Average spectral efficiency evolution, What are small cells? WiFi & Femto cells as candidate small-cell technologies, Capacity limits & achievable gains with densifications, gains with multi-antenna techniques, gains with small cells, Mobile data demand, approach & methodology, subscriber density projections, traffic demand projections, global mobile data traffic increase modelling, country level backhaul traffic projections, 2020 average spectrum requirement, Small cell challenges, backhaul, spectrum, automation. Cooperation for next generation wireless networks Cooperative diversity & relaying strategies, Cooperative ARQ & MAC protocols, NCCARQ & PRCSMA packet exchange, Physical layer impact on MAC protocol, NCCARQ overview, PHY layer impact, Performance evaluation, simulation scenario and results. Mobile clouds; technology & services for future communications platforms Mobile cloud, software, hardware and networking resources, Mobile cloud enablers, mobile user domain, wireless technologies, WWAN WLAN and WPAN range, Bluetooth, IEEE.802.15.4, software stacks, infrared, near field communications (NFC), store & forward vs compute & forward, random/linear network coding. Security for 5G communications Potential 5G architectures, Security issues & challenges in 5G, user equipment, mobile malware attacks, 5G mobile botnets, attacks on 4G networks, C-RNTI & packet sequence numbers based UE location tracking, false buffer status reports attacks, message insertion attacks, HeNB attacks, physical attacks, attacks on mobile operator's network, user data & identity attacks, DDoS attacks, amplification, HSS saturation, external IP networks.

IPsec training course description This hands on course focuses on IPsec VPNs. Rather than focusing on one implementation this course concentrates on the technologies and protocols of IPsec. Starting with an overview of the complete IPsec architecture the course then moves onto ESP packet analysis along with encryption and authentication provided. IKEv1 and IKEv2 are both covered in detail. Having covered IPsec with pre shared keys the course then moves onto IPsec with certificates followed by IPsec issues. The course is vendor neutral with hands on with both Cisco and Microsoft implementations. What will you learn Explain how IPsec works. Explain the role of AH, ESP and IKE. Configure IPsec. Troubleshoot IPsec. IPsec training course details Who will benefit: Technical staff working with IPsec. Prerequisites: Definitive IP VPNs for engineers. Duration 3 days IPsec training course contents What is IPsec? How to spell IPsec, IPsec is IP security, confidentiality, integrity, authenticity, replay protection, what is a VPN? Network layer security, IPsec and IPv4, IPsec and IPv6, the suite of protocols, the standard, IPsec RFCs, IPsec history. Hands on Analysis of 'normal' IP packets. IPsec architecture The IPsec protocols, AH vs ESP, Why two headers? transport mode, tunnel mode, Remote access VPNs, site to site VPNs, security associations, SA database, Security Parameters Index, implementations: Host tack, Bump in the Stack, Bump in the Wire. Hands on Configuring IPsec. AH What AH does, the stack, The AH header, What is authenticated? Device authentication. AH in transport mode, AH in tunnel mode. Hands on AH packet analysis. ESP What ESP does, the ESP header, ESP in transport mode, ESP in tunnel mode, ESP and SA, ESP and SPI. Hands on ESP packet analysis, policy configuration. IPsec encryption IPsec is a framework, standard algorithms, ESP keys, the role of IKE, key lifetimes, how IKE generates the keys, DES, 3DES, AES, cipher block chaining, counter mode, other encryption. Hands on Encryption configuration. IPsec authentication Authentication types, IPsec authentication, Authentication algorithms: MD5, keyed SHA-1, HMAC-MD5, HMAC-SHA-1, HMAC-RIPEMD, other authentication algorithms. Hands on Authentication configuration. IKE Internet Key Exchange, IKE and the SAD, the two phase negotiation, ISAKMP, ISAKMP header, pre shared keys, digital signatures, public key encryption, Diffie Hellman, proposals, counter proposals, nonces, identities, phase 1 negotiation: main mode, aggressive mode, base mode. Phase 2 negotiation: quick mode, new group mode. Hands on IKE packet analysis. More IKE PFS, IKE and dynamic addresses, XAUTH, hybrid authentication, CRACK, ULA, PIC. User level authentication. IKE renegotiation, heartbeats. Hands on Troubleshooting IPsec. IKEv2 The IKEv2 exchange, IKE_SA_INIT, IKE_AUTH, CREATE_CHILD_SA, IKEv2 packets, the informational exchange. Comparing IKev1 vs IKE v2. Hands on IKEv2 configuration and analysis. PKI What is PKI?, Digital certificates, Certificate authorities, CA servers, RA, VA, certificates, CA hierarchy, CRLs, certificate formats. Hands on installing and configuring certificate servers. IPsec issues NAT, IPsec overhead and fragmentation. Summary IPsec strengths and weaknesses. Where to get further information.