SIP in IMS training course description The IP Multimedia Core Network Subsystem (IMS) is defined by 3GPP as a new mobile infrastructure. This advanced course looks at the use of SIP in the IMS. What will you learn Describe the role of SIP in the IMS. Explain how SIP works in the IMS Describe the SIP architecture in the IMS. Explain how SIP and SDP are used in basic IMS procedures. SIP in IMS training course details Who will benefit: Technical telecommunications staff. Prerequisites: SIP for engineers. Duration 2 days SIP in IMS training course contents Introduction SIP review, SIP elements, Simple SIP call flow, What is IMS? Why IMS? Why SIP in the IMS? SIP and IMS relationship. Standards 3GPP, IETF, 3GPPr5, 3GPPr6, 3GPP SIP extensions. SIP and IMS IMS architecture, SIP interfaces. Server functions Registration, home and away, location and directory services, stateful and stateless servers. SIP servers P-CSCF, I-CSCF, S-CSCF, PSTN gateways SIP registration in the IMS SIP REGISTER, IMS identities, registration process, P-CSCF discovery, S-CSCF assignment, IMS subscriber and IMS registrar signalling flow. IMS routing in the registration process. Re and De-registration. SIP sessions in the IMS SIP INVITE, Establishing IMS SIP sessions, User at home network, user roaming, IMS offer answer architecture, SIP preconditions, QoS, reserving resources, IMS bearer network interactions, IMS subscriber and IMS service signalling flow. Typical call flows. SIP services in the IMS IMS specifications, IMS service procedures, call scenarios, call services. IMS multimedia related procedures. IMS presence, IMS messaging, IMS conferencing, IMS PoC. SIP-T SIP and the PSTN, URIs and ENUM, NAPTR, SRV, ISUP numbers and URI mapping, IAM and INVITE, SIP to PSTN/ISUP mapping, PSTN/ISUP to SIP mapping, PSTN to PSTN over SIP. MIME media types for ISUP, DTMF transmission, CLIP and CLIR in SIP, ring tone, split gateways SIP-I ISO standards, translation versus tunnelling. IMS SIP extensions Security (RFC 3310, 3329), Resource reservation (RFC 3312), Media authorisation (RFC 3313), SigComp (RFC 3320), P Headers (RFC 3325, 3455), Mobile registration (RFC 3327, 3608), Reg event (RFC 3680), Preconditions (RFC 4032) Security IMS security architecture, identities, HTTP digest, TLS. Affect of security on SIP media sessions.
Securing Kubernetes training course description This course introduces concepts, procedures, and best practices to harden Kubernetes based systems and container-based applications against security threats. It deals with the main areas of cloud-native security: Kubernetes cluster setup, Kubernetes cluster hardening, hardening the underlying operating system and networks, minimizing microservices vulnerabilities, obtaining supply chain security as well as monitoring, logging, and runtime security. What will you learn Harden Kubernetes systems and clusters. Harden containers. Configure and use Kubernetes audit logs. Securing Kubernetes training course details Who will benefit: Technical staff working with Kubernetes Prerequisites: Kubernetes_for_engineers_course.htm Definitive Docker for engineers Duration 2 days Securing Kubernetes training course contents This course does not only deal with the daily security administration of Kubernetes-based systems but also prepares delegates for the official Certified Kubernetes Security Specialist (CKS) exams of the Cloud Native Computing Foundation (CNCF). Structure: 50% theory 50% hands on lab exercise Module 1: User and authorization management Users and service accounts in Kubernetes Authenticating users Managing authorizations with RBAC Module 2: Supply chain security Vulnerabilit checking for images Image validation in Kubernetes Reducing image footprint Secure image registries Module 3: Validating cluster setup and penetration testing Use CIS benchmark to review the security configuration of Kubernetes components. Modify the cluster components' configuration to match the CIS Benchmark. Penetration testing Kubernetes for known vulnerabilities. Module 4: System hardening Use kernel hardening tools Setup appropriate OS level security domains Container runtime sandboxes Limit network access Module 5: Monitoring and logging Configure Kubernetes audit logs Configure Audit Policies Monitor applications behaviour with Falco
WiMax training course description Broadband wireless access is an emerging technology area. This course looks at WiMAX, where it can be used, how it works and the alternative technologies. What will you learn Describe WiMAX. Explain how WiMAX works. Compare and contrast WiMAX with alternative broadband wireless access technologies. WiMax training course details Who will benefit: Anyone wishing to know more about WiMAX. Prerequisites: None. Duration 2 days WiMax training course contents Introduction What is WiMAX? WiMAX applications, The Internet, Internet access choices, wireless broadband access, WiMAX benefits. WiMAX overview Spectrums, LOS vs. non-LOS, bit rates, modulation, mobility, channel bandwidth, cell radius. WiMAX standards The WiMAX forum, IEEE, ETSI, HIPERACCESS, HIPERMAN, 802.16, 802.16-2004, 802.16a, 802.16e, 802.16f. WiMAX architecture Subscriber Stations (SS), Indoors, outdoors, antennas, Radio Base Stations (BS), LOS, Non LOS BackHaul, Point to multipoint, mesh support. Physical layer 10 - 66GHz, TDMA, TDD, FDD, 2 -11 GHz, SC2, OFDM, OFDMA, QPSK, QAM, Radio Link Control (RLC), uplink, downlink. MAC layer Traffic types (continuous, bursty), QoS, service types. MAC operations, connection oriented, frame structure, addressing. Convergence sublayers, service specific, common part, profiles (IP, ATM). Bandwidth request-grant, ARQ, Management messages. Security MAC privacy sublayer, network access authentication, AAA, 802.1x, key exchange and privacy. WiMAX alternatives WiMAX vs. 3G, WiMAX vs. 802.20.
Intro to containers training course description This course looks at the technologies of containers and microservices. The course starts with a look at what containers are, moving onto working with containers. Networking containers and container orchestration is then studied. The course finishes with monitoring containers with Prometheus and other systems. Hands on sessions are used to reinforce the theory rather than teach specific products, although Docker and Kubernetes are used. What will you learn Use containers. Build containers. Orchestrate containers. Evaluate container technologies. Intro to containers training course details Who will benefit: Those wishing to work with containers. Prerequisites: Introduction to virtualization. Duration 2 days Intro to containers training course contents What are containers? Virtualization, VMs, What are containers? What are microservices? Machine containers, application containers. Benefits. Container runtime tools Docker, LXC, Windows containers. Architecture, components. Hands on Installing Docker client and server. Working with containers Docker workflow, Docker images, Docker containers, Dockerfile, Building, running, storing images. Creating containers. Starting, stopping and controlling containers. Public repositories, private registries. Hands on Exploring containers. Microservices What are microservices? Modular architecture, IPC. Hands on Persistence and containers. Networking containers Linking, no networking, host, bridge. The container Network Interface. Hands on Container networking Container orchestration engines Docker swarm: Nodes, services, tasks. Apache Mesos: Mesos master, agents, frameworks. Kubernetes: Kubectl, master node, worker nodes. Openstack: Architecture, containers in OpenStack. Amazon ECS: Architecture, how it works. Hands on Setup and access a Kubernetes cluster. Managing containers Monitoring, logging, collecting metrics, cluster monitoring tools: Heapster. Hands on Using Prometheus with Kubernetes.
Definitive Puppet training course description Puppet is a framework and toolset for configuration management. This course covers Puppet to enable delegates to manage configurations. Hands on sessions follow all the major sections. What will you learn Deploy Puppet. Manage configurations with Puppet. Build hosts with Puppet. Produce reports with Puppet. Definitive Puppet training course details Who will benefit: Anyone working with Puppet. Prerequisites: Linux fundamentals. Duration 2 days Definitive Puppet training course contents Getting started with Puppet What is Puppet, Selecting the right version of Puppet, Installing Puppet, Configuring Puppet. Developing and deploying Puppet The puppet apply command and modes of operation, Foreground Puppet master, Developing Puppet with Vagrant, Environments, Making changes to the development environment, Testing the new environments with the Puppet agent, Environment branching and merging, Dynamic Puppet environments with Git branches, Summary, Resources. Scaling Puppet Identifying the challenges, Running the Puppet master with Apache and Passenger, Testing the Puppet master in Apache, Load balancing multiple Puppet masters, Scaling further, Load balancing alternatives. Measuring performance, Splay time, Summary, Going further, Resources. Externalizing Puppet configuration External node classification, Storing node configuration in LDAP, Summary, Resources. Exporting and storing configuration Virtual resources, Getting started with exported and stored configurations, Using exported resources, Expiring state resources, Summary, Resources. Puppet consoles The foreman, Puppet enterprise console, Puppetboard, Summary, Resources. Tools and integration Puppet forge and the module tool, Searching and installing a module from the forge, Generating a module, Managing module dependencies, Testing the modules, Developing Puppet modules with Geppetto, Summary, Resources. Reporting with Puppet Getting started, Configuring reporting, Report processors, Custom reporting, Other Puppet reporters, Summary, Resources. Extending Facter and Puppet Writing and distributing custom facts, Developing custom types, providers and functions, Summary, Resources, Complex data structures, Additional backends, Hiera functions in depth, Module data bindings, Hiera examples. Jiera-2, Summary, Resources. Mcollective Installing and configuring Mcollective, testing, Mcollective plugins, accessing hosts with Metadata. Hiera Lists, initial Hiera configuration, Hiera command line utility, complex data structures, additional backends, Hiera functions in depth, module data bindings. Hiera-2.
LTE training course description This course is designed to give the delegate an understanding of the technologies used within a 3G UMTS mobile network. During the course we will investigate the UMTS air interface and the use of Wideband-Code Division Multiple Access (WCDMA) to facilitate high speed data access, together with HSPA to offer mobile broadband services. We will describe the use of soft handover rather than hard handover procedures and soft capacity sharing. The course includes a brief exploration of the UMTS protocol stack and the use of PDP Context and QoS support features. What will you learn Explain the 3G UMTS architecture. Describe the role of a Drifting & Serving RNC. Explain the use of ARQ & HARQ for mobile broadband. Describe how IMS integrates into the architecture. Describe the use of Media Gateway Controllers. Identify the temporary identities used within 3G UMTS. LTE training course details Who will benefit: Anyone working within the telecommunications area, especially within the mobile environment. Prerequisites: Mobile communications demystified Telecommunications Introduction Duration 2 days LTE training course contents LTE Introduction The path to LTE, 3GPP. LTE to LTE advanced. LTE Architecture The core, Access, roaming. Protocols: User plane, Control plane. Example information flows. Bearer management. Spectrum allocation. LTE technologies Transmission, reception, OFDMA, multiple antenna, MIMO. LTE Air interface Air interface protocol stack. Channels, Resource Grid, cell acquisition. Up and downlink controls. Layer 2 protocols. Cell acquisition Power on, selecting networks and cells. RRC connection. Attach procedure. Mobility management Roaming, RRC_IDLE, RRC_CONNECTED, cell reselection, handover, interoperation with UMTS and GSM networks. Voice and text IMS, QoS, policy and charging.
Definitive Salt training course description Salt is a remote execution framework and configuration management system. This course covers Salt from the basics. After a quick first taste the course moves onto execution modules, salt states, minion and master data, jinja, Salt extensions and then topology and configuration options. Hands on sessions are used to reinforce the theory rather than teach specific manufacturer equipment. What will you learn Install and use Salt. Describe the architecture of Salt. Manage configurations with Salt. Extend Salt. Definitive Salt training course details Who will benefit: Anyone working with Salt. Prerequisites: Linux fundamentals. Duration 2 days Definitive Salt training course contents Introduction What is Salt? High- level architecture, Some quick examples, system management, configuration management, A brief history, Topology options, Extending Salt. Quick start: First taste of Salt Single-master setup, from packages, bootstrap scripts, Starting up, Basic commands, salt: the main workhorse, salt-key: key management, salt-call: execution on the minion, salt-run: co-ordination of jobs on the master, summary of commands, Key management, viewing keys, accepting keys, rejecting keys, key files, Minion targeting, minion ID, list (-L), glob, regular expressions (-E), grains (-G), compound (-C), targeting summary, Additional remote execution details, Conclusion. Execution modules: The functional foundation sys: information and documentation about modules, sys.doc basic documentation, sys.list_modules, sys.list_functions: simple listings, cmd: execute via shell, cmd.run: run any command, pkg: manage packages, virtual modules, pkg.lists_pkgs: list all installed packages, pkg.available version: see what version will be installed, pkg.install: install packages, user: manage users, user.add: add users, user.list_users, user info: get user info, saltutil: access various Salt utilities, Summary. Configuration management: Salt states Salt files overview, SLS example: adding a user, working with the multi-layered state system, Highstate and the top file, the top file, State ordering, require: depend on another state, watch: run based on other changes, odds and ends, Summary. Minion data / master data Grains are minion data, performing basic grain operations, setting grains, targeting with grains in the top file, Pillars are data from the master, querying pillar data, querying other sources with external pillars, Renderers give data options. Extending Salt: part I Introduction to Jinja, Jinja basics, Templating with Jinja, filtering by grains, Custom execution module, Custom state modules, Custom grains, External pillars, Summary. More on the matter Runners, manage minions, manage jobs, The orchestrate runner, The event system, The reactor system, Summary. Extending Salt: part II Python client API, reading configuration data on a master and minion, using the master client (localclient) API, Using the caller client API, Custom runners, writing a custom runner, using the runnerclient API, Summary. Topology and configuration options Master configuration, directories and files, logging, access control, files server options, Topology variations, masterless minions, peer systems, syndication masters, multiple masters. Brief introduction to salt-cloud Overview, Setup AWS and salt-cloud, installing salt-cloud, cloud providers, cloud profiles, cloud maps, Introspection via salt cloud, Creating infrastructure, More information. Using vagrant to run Salt examples YAML.
Firewalls training course description A technical hands on training course covering firewall technologies. This focuses on the whys and hows of firewall technology rather than looking at manufacturer specific issues. What will you learn Design secure firewall protected networks. Test firewalls. Evaluate firewalls Configure firewalls Firewalls training course details Who will benefit: Technical staff wanting to learn about Filrewalls including: Technical network staff. Technical security staff. Prerequisites: IP security foundation for engineers Duration 2 days Firewalls training course contents Firewall introduction Security review, what is a firewall? What do firewalls do? Firewall benefits, concepts. Hands on Configuring the network to be used in later labs, launching various attacks on a target. Firewall types Packet filtering, SPI, Proxy, Personal. Software firewalls, hardware firewalls, blade based firewalls, personal firewalls, which firewall should you use? Firewall products. Hands on Configuring a simple firewall. Packet filtering firewalls Things to filter in the IP header, stateless vs. stateful filtering. ACLs. Advantages of packet filtering. Hands on Configuring packet filtering firewalls. Stateful packet filtering Stateful algorithms, packet-by-packet inspection, application content filtering, tracks, special handling (fragments, IP options), sessions with TCP and UDP. Firewall hacking detection: SYN attacks, SSL, SSH interception. Hands on Stateful packet inspection firewalls. Proxy firewalls Circuit level, application level, SOCKS. Proxy firewall advantages and disadvantages. Hands on Proxy firewalls. Personal firewalls The role of personal firewalls, Windows XP, Zonealarm. Hands on Configuring a personal firewall. Firewall architectures Home based, small office, enterprise, service provider, what is a DMZ? DMZ architectures, bastion hosts, multi DMZ. Virtual firewalls, transparent firewalls. Dual firewall design, high availability, load balancing, VRRP. Hands on Resilient firewall architecture. Securing communications VPNs, IPsec. Firewall configuration of VPNs, integration of dedicated VPN devices and firewalls. Hands on IPSec VPN configuration. Testing firewalls Configuration checklist, testing procedure, monitoring firewalls, logging, syslog. Hands on Testing firewalls.
SIP security training course description A hands-on course covering SIP security. It is assumed that delegates already know SIP as this course focuses purely on the security issues in SIP IP telephony networks. Hands-on practicals follow each major theory session and include use of various SIP security tools such as vomit, sipp, sipsak and sivus amongst others. What will you learn Secure SIP networks Use various SIP security tools SIP security training course details Who will benefit: Technical staff working with SIP. Technical security staff. Prerequisites: SIP for engineers Duration 2 days SIP security training course contents SIP review SIP infrastructure and entities, example SIP session. Hands on Simple SIP network with and without authentication. SIP security attacks DOS attacks, infrastructure attacks, eavesdropping, spoofing, replay, message integrity. Hands on Basic SIP packet capture, infrastructure attacks. SIP tools SIP packet creation: Sivus, SIPsak, PROTOS, SFTF, SIP bomber, SIPp, Seagull, Nastysip. SIP packet generators: SIPNess, NetDude. Monitoring: Wireshark, Cain & Abel, Vomit, Oreka, VoiPong. Scripts and tools: SIP-Fun, Skora.net, kphone-ddos, sip-scan, sip-kill, sip-redirectrtp. Health of different tools. Hands on Generating SIP packets, rebuilding conversations from captured packets, password cracking. VPNs and SIP IPSec, AH, ESP, transport mode, tunnel mode, Pre Shared Keys, Public keys. Hands on SIP calls over IPSec. Secure SIP signaling SIP relationship with HTTP, Deprecated HTTP 1.0 basic authentication, HTTP 1.1 Digest authentication, S/MIME, SIPS, SIPS URI, TLS, DTLS, PKI infrastructures. Hands on SIP with TLS. Secure media streams SRTP, features, packet format, default encryption, default authentication, key distribution. S/MIME, MIKEY, SDP security descriptions. SIP security agreements. Hands on Analysing SRTP packets. Firewalls NAT traversal. Impact of firewall on infrastructure attacks. TLS and firewalls. SIP specific firewalls. Hands on SIP calls through a firewall.
Essential OTN training course description An In-depth introduction to the terminology and technology that will comprise tomorrow's Optical Transport Networks. What will you learn Describe the problems with old technologies. Identify the purpose of new technologies. Describe the functionality of the various transmission mediums available Identify OTN features and functionality. Define the issues involved in equipment and application rollout. Essential OTN training course details Who will benefit: Anyone wishing to learn OTN. Prerequisites: SDH foundation or Essential DWDM Duration 2 days Essential OTN training course contents Scope, References Terms and definitions, Abbreviations and Conventions Optical transport network interface structure Multiplexing/mapping principles and bit rates Optical transport module (OTM-n.m, OTM-nr.m, OTM-0.m and OTN 0.mvn) Physical specification of the ONNI Optical channel (OCh) Optical channel transport unit (OTU) Optical channel data unit (ODU) Optical channel payload unit (OPU) OTM overhead signal (OOS) Overhead description and maintenance signals Mapping of client signals and concatenation Mapping ODUk signals into the ODTUjk signal Forward error correction using 16-byte interleaved RS (255,239) codecs ODUk tandem connection monitoring (TCM) overhead OPUk Multiplex Overhead Amendment 2 including: OTN Multiplexing and Mapping, Basic signal structure, ODTU12, ODTU13, ODTU23, OPUk Multiplex Overhead, OPUk Multiplex Structure Identifier (MSI). OPU2 Multiplex Structure Identifier (MSI), OPU3 Multiplex Structure Identifier (MSI), OPUk Payload Structure Identifier Reserved overhead (RES), ODU1 into ODU2 multiplexing, ODU2 into ODU3 multiplexing, ODU1 into ODU3 multiplexing Amendment 3 including: 40 Gbit/s ODU3/OTU3 and 100 Gbit/s ODU4/OTU4, Support of gigabit Ethernet services via ODU0, ODU2e, ODU3 and ODU4, ODU0 and ODUFlex, Multi-lane OTU3 and OTU4 interfaces, Support for InfiniBand Amendment 4 including: OTSn OTN synchronization messaging channel (OSMC) overhead, FC-1600 Amendment 5 Including: ODUk.ts, OTU0LL (OTU0 low latency), OTSiA (optical tributary signal assembly). OTSiG (optical tributary signal group), OTSiG-O (optical tributary signal overhead), CMEP (connection monitoring end- point), CMOH (connection monitoring overhead), MOTU (Multi-OUT), MOTUm (Multi-OTU with management), OTUCn-M (Optical Transport Unit-Cn, with n OxUC overhead instances and 5G tributary slots). SOTU (Single-OUT). SOTUm (Single-OTU with management). Modified bit rates and capacity for OTU1/2/3/4 OTM.nr.m, OTM.n.m, OTM.0.3v4, OTM 0.4v4 Mapping of CBR2G5, CBR10G, CBR10G3 and CBR40G signals into OPUk 64B/66B and 513B block code format PCS lane alignment marker for 40GBASE-R and 100GBASE-R PT=20/PT=21 and AMP/GMP options OTL 4.10 to OTL 4.4 gearbox ODU switching and Line protection Schemes 10 x 10 MSA Overview of current and future coherent and noncoherent technologies 40Gbit and 100Gbit compliant ROADM's Implementers Guide including replacement terms. Differing vendor's equipment and their implementations Individual and group planning exercises: Upgrade a customer STM-64/10G network to a 40G/ OTN network. Upgrade a customer old 16 Wavelength WDM network to be OTN compliant. Implement a new customer 40 wavelength OTU3 OTN compliant MSPP (DWDM) network. Design a cost-effective solution where we can hand over circuits using 'Optical Transport Lanes'.