632 Network & Security courses in Cudworth delivered Live Online

Duration 4 Days 24 CPD hours This course is intended for This course is designed for the aspiring or sitting upper-level manager striving to advance his or her career by learning to apply their existing deep technical knowledge to business problems. In this course, students will learn in-depth content in each of the 5 CCISO Domains Domain 01 - Governance Define, Implement, Manage, and Maintain an Information Security Governance Program Information Security Drivers Establishing an information security management structure Laws/Regulations/Standards as drivers of Organizational Policy/Standards/Procedures Managing an enterprise information security compliance program Risk Management Risk mitigation, risk treatment, and acceptable risk Risk management frameworks NIST Other Frameworks and Guidance (ISO 31000, TARA, OCTAVE, FAIR, COBIT, and ITIL) Risk management plan implementation Ongoing third-party risk management Risk management policies and processes Conclusion Domain 2 - Security Risk Management, Controls, & Audit Management INFORMATION SECURITY CONTROLS COMPLIANCE MANAGEMENT GUIDELINES, GOOD AND BEST PRACTICES AUDIT MANAGEMENT SUMMARY Domain 03 - Security Program Management and Operations PROGRAM MANAGEMENT OPERATIONS MANAGEMENT Summary Domain 04 - Information Security Core Concepts ACCESS CONTROL PHYSICAL SECURITY NETWORK SECURITY ENDPOINT PROTECTION APPLICATION SECURITY ENCRYPTION TECHNOLOGIES VIRTUALIZATION SECURITY CLOUD COMPUTING SECURITY TRANSFORMATIVE TECHNOLOGIES Summary Domain 05 - Strategic Planning, Finance, Procurement and Vendor Management STRATEGIC PLANNING Designing, Developing, and Maintaining an Enterprise Information Security Program Understanding the Enterprise Architecture (EA) FINANCE PROCUREMENT VENDOR MANAGEMENT Summary

Duration 5 Days 30 CPD hours This course is intended for Network Administrators Network security Administrators Network Security Engineer Network Defense Technicians CND Analyst Security Analyst Security Operator Anyone who involves in network operations Overview A dedicated focus on IoT security Network virtualization practices for the remote workforce Enhanced Cloud Security & IoT and Operational Technology (OT) Modules Introduction to threat intelligence In-depth Attack Surface Analysis Certified Network Defender (CND) is a vendor-neutral, hands-on, instructor-led comprehensive network security certification training program. It is a skills-based, lab intensive program based on the security education framework and work role task analysis presented by the National Infocomm Competency Framework (NICF) as well as a job-task analysis and cybersecurity education framework by the National Initiative of Cybersecurity Education (NICE). The course has also been mapped to global job roles and to the Department of Defense (DoD) job roles for system/network administrators. The program prepares network administrators how to identify what parts of an organization need to be reviewed and tested for security vulnerabilities and how to reduce, prevent, and mitigate risks in the network. CND covers the protect, detect, respond and predict approach to network security. Course Outline Network Attacks and Defense Strategies Administrative Network Security Technical Network Security Network Perimeter Security Endpoint Security-Windows Systems Endpoint Security-Linux Systems Endpoint Security- Mobile Devices Endpoint Security-IoT Devices Administrative Application Security Data Security Enterprise Virtual Network Security Enterprise Cloud Network Security Enterprise Wireless Network Security Network Traffic Monitoring and Analysis Network Logs Monitoring and Analysis Incident Response and Forensic Investigation Business Continuity and Disaster Recovery Risk Anticipation with Risk Management Threat Assessment with Attack Surface Analysis Threat Prediction with Cyber Threat Intelligence

Duration 2 Days 12 CPD hours This course is intended for Cloud Architects, Security Experts, and Network Administrators requiring in depth knowledge on CloudGuard Network Security products. Overview Discuss AWS Platform Components and their relationship to Check Point CloudGuard Network Security. Explain how to maintain a secure, efficient, and stable cloud environment. Describe the components and constraints of a hub and spoke security environment. Describe the function of the Cloud Management Extension. Explain the purpose of identity and access controls and constraints in different cloud platforms. Explain the steps required to configure Identity and Access controls in AWS. Describe the purpose and function of the CloudGuard Controller, its processes, and how it is tied to the Identity Awareness feature. Explain how to design and configure Cloud Adaptive Policies. Discuss the purpose and function of Data Center Objects. Describe the function and advantages of Cloud Service Provider (CSP) automation templates for instance and resource deployments. Explain how CSP templates can be used for maintenance tasks in the cloud environment. Discuss Third-Party Automation tools, how they can simplify deployment and maintenance tasks, and the constraints associated with them. Discuss Scaling Solutions and Options for Cloud Environments. Explain the Scaling Options in AWS. Describe the workflow for configuring scaling solutions in AWS. Discuss how ClusterXL operates and what elements work together to permit traffic failover. Explain how ClusterXL functions differently in a Cloud Environment. Describe how clusters are created and function in AWS. Discuss the elements involved in Hybrid Data Center deployments, the advantages of them, and the constraints involved. Explain the nature of a 'Greenfield' deployment, the advantages of it, and the constraints involved. Describe the components and constraint involved in deploying a Disaster Recovery Site in the cloud. Discuss the steps required for troubleshooting automation in AWS. Explain the steps required for troubleshooting Scaling Solution issues in AWS. Describe the steps required for troubleshooting clusters in AWS. Learn advanced concepts and develop skills needed to design and administer CloudGuard Network Security Environments. Course Outline Create an SSH Key Pair. Create a VPC. Deploy an SMS. Connect to SmartConsole. Review the IAM Role. Configure the Cloud Management Extension. Configure the Access Control Policy. Create the AWS Data Center Object. Create Access Control Policy with a Data Center Object. Create the AWS VPC Spokes. Deploy the Web Servers into the Spoke VPCs. Create the AWS Auto Scale Deployment. Create the External and Internal Load Balancers. Create the VPC for the Auto Scale Deployment. Create the VPC Peers. Deploy the CloudGuard Cluster Template. Create the AWS VPN Gateway. Configure the Tunnel Interfaces. Configure the Static Routes. Configure the Network Objects. Configure the VPN Community. Configure the Security Policy. Test the Traffic. Troubleshoot the CloudGuard Controller. Debug the CloudGuard Controller. Debug the Cloud Management Extension Additional course details: Nexus Humans CNSE-AWS Check Point Network Security Expert for AWS training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the CNSE-AWS Check Point Network Security Expert for AWS course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 5 Days 30 CPD hours This course is intended for This course is designed for IT professionals such as PC, desktop, and help desk technicians who have experience supporting PC hardware who wish to make the transition to become server hardware and support specialists. This course is also designed for existing server managers who are preparing to take the CompTIA Server+ Exam SKO-005. Overview Upon successful completion of this course, you will be able to perform the duties of a server administrator. In this course, you will: - Manage server hardware. - Install server hardware and operating systems. - Configure networking hardware and protocols. - Perform basic server configuration tasks. - Create a virtual server environment. - Administer servers. - Implement server storage solutions. - Secure the server. - Plan and test disaster recovery. - Troubleshoot server issues. This course can also benefit you if you are preparing to take the CompTIA Server+ examination (Exam SK0-004). This course builds on existing professional experience with personal computer hardware support to present the next tier of skills & concepts students will use on the job when administering any type of network server. 1 - Outline Lesson 1: Understanding Server Administration Concepts Lesson 2: Understanding Virtualization and Cloud Computing Lesson 3: Understanding Physical and Network Security Concepts Lesson 4: Managing Physical Assets Lesson 5: Managing Server Hardware Lesson 6: Configuring Storage Management Lesson 7: Installing and Configuring an Operating System Lesson 8: Troubleshooting OS, Application, and Network Configurations Lesson 9: Managing Post-Installation Administrative Tasks Lesson 10: Managing Data Security Lesson 11: Managing Service and Data Availability Lesson 12: Decommissioning Servers Additional course details: Nexus Humans CompTIA Server Plus Certification (Exam SKO-005) training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the CompTIA Server Plus Certification (Exam SKO-005) course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 3 Days 18 CPD hours This course is intended for This course is for Network Engineers looking to specialize in Azure networking solutions. An Azure Network engineer designs and implements core Azure networking infrastructure, hybrid networking connections, load balance traffic, network routing, private access to Azure services, network security and monitoring. The azure network engineer will manage networking solutions for optimal performance, resiliency, scale, and security. This course teaches Network Engineers how to design, implement, and maintain Azure networking solutions. This course covers the process of designing, implementing, and managing core Azure networking infrastructure, Hybrid Networking connections, load balancing traffic, network routing, private access to Azure services, network security and monitoring. Learn how to design and implement a secure, reliable, network infrastructure in Azure and how to establish hybrid connectivity, routing, private access to Azure services, and monitoring in Azure. Prerequisites Prerequisite courses (or equivalent knowledge and hands-on experience): AZ-104T00 - Microsoft Azure Administrator 1 - Introduction to Azure Virtual Networks Explore Azure Virtual Networks Configure public IP services Design name resolution for your virtual network Enable cross-virtual network connectivity with peering Implement virtual network traffic routing Configure internet access with Azure Virtual NAT 2 - Design and implement hybrid networking Design and implement Azure VPN Gateway Connect networks with Site-to-site VPN connections Connect devices to networks with Point-to-site VPN connections Connect remote resources by using Azure Virtual WANs Create a network virtual appliance (NVA) in a virtual hub 3 - Design and implement Azure ExpressRoute Explore Azure ExpressRoute Design an ExpressRoute deployment Configure peering for an ExpressRoute deployment Connect an ExpressRoute circuit to a virtual network Connect geographically dispersed networks with ExpressRoute global reach Improve data path performance between networks with ExpressRoute FastPath Troubleshoot ExpressRoute connection issues 4 - Load balance non-HTTP(S) traffic in Azure Explore load balancing Design and implement Azure load balancer using the Azure portal Explore Azure Traffic Manager 5 - Load balance HTTP(S) traffic in Azure Design Azure Application Gateway Configure Azure Application Gateway Design and configure Azure Front Door 6 - Design and implement network security Get network security recommendations with Microsoft Defender for Cloud Deploy Azure DDoS Protection by using the Azure portal Deploy Network Security Groups by using the Azure portal Design and implement Azure Firewall Secure your networks with Azure Firewall Manager Implement a Web Application Firewall on Azure Front Door 7 - Design and implement private access to Azure Services Explain virtual network service endpoints Define Private Link Service and private endpoint Integrate private endpoint with DNS Integrate your App Service with Azure virtual networks 8 - Design and implement network monitoring Monitor your networks using Azure monitor Monitor your networks using Azure network watcher

Microsoft security training course description A hands on training course focusing on security in the Microsoft environment. The course progresses from patch management onto the use of Microsoft security tools. Then server, desktop and network security are studied in the Microsoft environment. What will you learn Use Microsoft security tools. Secure Microsoft servers. Secure Microsoft desktops. Secure Microsoft networks. Microsoft security training course details Who will benefit: Technical server support staff. Technical desktop support staff. Technical network staff. Technical security staff. Prerequisites: Supporting Windows server 2016 Networking Microsoft systems. Duration 3 days Microsoft security training course contents Introduction Security threats, Microsoft defaults, admin accounts, security patches, patch management, patch tools. Hands on: Studying Microsoft defaults, applying security patches. Microsoft security tools Microsoft updates, WSUS, Inventory tool, baseline security analyser, URLscan, EventCombMT, Cipher security tool, Port reporter, PortQry. Tools hackers use. Hands on: Using Microsoft security tools. Server security Checklists, core server security, AD, Member server security, Domain controller security, Specific roles. Hands on Hardening Microsoft servers, security templates. Active Directory Admin authority in AD, group policy, trust and authentication. Desktop security Checklists, core client security, anti virus software, anti spyware software, firewalls, securing clients with AD, securing clients with group policy, software restriction policies. Hands on Securing Microsoft desktops. Network security Checklist, IP security, VPNs, PKI, certificate authorities, RAS, RRAS, IAS. Hands on: VPN configuration, IAS configuration. Monitoring Auditing, authorisation and logons, tracking, system monitoring, detecting attacks. Hands on: Monitoring Microsoft systems. Summary Microsoft security response centre, security advisories.

Duration 5 Days 30 CPD hours This course is intended for ECSS is designed for anyone who wants to enhance their skills and make a career in information security, network security, and computer forensics fields. It can be IT Specialists, Network Administrators, or System Administrators. Overview Upon successful completion of this course, students will learn: Key issues plaguing the information security, network security, and computer forensics. Fundamentals of networks and various components of the OSI and TCP/IP model. Various network security protocols. Various types of information security threats and attacks, and their countermeasures. Social engineering techniques, identify theft, and social engineering countermeasures. Different stages of the hacking cycle Identification, authentication, and authorization concepts Different types of cryptography ciphers, Public Key Infrastructure (PKI), cryptography attacks, and cryptanalysis tools. Fundamentals of firewall, techniques for bypassing firewall, and firewall technologies such as Bastion Host, DMZ, Proxy Servers, Network Address Translation, Virtual Private Network, and Honeypot. Fundamentals of IDS and IDS evasion techniques. Data backup techniques and VPN security. Wireless Encryption, wireless threats, wireless hacking tools, and Wi-Fi security. Different types of web server and web application attacks, and countermeasures. Fundamentals of ethical hacking and pen testing. Incident handling and response process. Cyber-crime and computer forensics investigation methodology. Different types of digital evidence and digital evidence examination process. Different type of file systems and their comparison (based on limit and features). Gathering volatile and non-volatile information from Windows and network forensics analysis mechanism. Steganography and its techniques. Different types of log capturing, time synchronization, and log capturing tools. E-mails tracking and e-mail crimes investigation. Writing investigation report. This is an entry-level security program covering the fundamental concepts and giving a holistic overview of the key components of information security, computer forensics, and network security. Course Outline Information Security Fundamentals Networking Fundamentals Secure Network Protocols Information Security Threats and Attacks Social Engineering Hacking Cycle Identification, Authentication, and Authorization Cryptography Firewalls Intrusion Detection System Data Backup Virtual Private Network Wireless Network Security Web Security Ethical Hacking and Pen Testing Incident Response Computer Forensics Fundamentals Digital Evidence Understanding File Systems Windows Forensics Network Forensics and Investigating Network Traffic Steganography Analyzing Logs E-mail Crime and Computer Forensics Writing Investigative Report Additional course details: Nexus Humans EC-Council Certified Security Specialist (ECSS) training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the EC-Council Certified Security Specialist (ECSS) course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Linux network administration 2 course description LPIC-2 is the second certification in LPI's multi level professional certification program. This course teaches the skills necessary to pass the LPI 202 exam; the second of two LPIC-2 exams. Specifically, the course covers the administration of Linux systems in small to medium sized mixed networks. What will you learn Install and configure fundamental network services. Linux network administration 2 course details Who will benefit: Linux administrators. Prerequisites: Linux engineer certification 1 (LPIC-2) Duration 5 days Linux network administration 2 course contents Part II The LPI 202 Exam Organizing Email Services The Linux Mail System, Mail Transfer Agent, Mail Delivery Agent, Mail User Agent, Email Protocols, SMTP, POP, IMAP, Using Email Servers, Sendmail, Postfix, Local Email Delivery, Procmail Basics, Sieve, Remote Email Delivery, Courier, Dovecot. DNS DNS and BIND, Configuring a DNS Server, Starting, Stopping, and Reloading BIND, Configuring BIND Logging, Creating and Maintaining DNS Zones, BIND Zone Files, Managing BIND Zones, Securing a DNS Server, ailing BIND, DNSSEC, TSIG, Employing DANE. Offering Web Services Web Servers, HTTP, The Apache Web Server, Installing and configuring Apache, Hosting Dynamic Web Applications, Secure Web Servers, Proxy Servers, Installing and configuring Squid, Configuring Clients, Nginx Server, Installing Nginx, Configuring Nginx. Sharing Files Samba, Configuring Samba, Troubleshooting Samba, NFS, Configuring NFS, Securing NFS, Troubleshooting NFS, FTP Servers, Configuring vsftpd, Configuring Pure-FTPd. Managing Network Clients Assigning Network Addresses, DHCP, Linux DHCP Software, Installing and configuring a DHCP Server and clients, Authentication Service, PAM Basics, Configuring PAM, PAM Application Files, Network Directories, LDAP Basics, OpenLDAP Server, LDAP Clients. Setting Up System Security Server Network Security, Port Scanning, Intrusion Detection Systems, External Network Security, iptables, Routing in Linux, Connecting Securely to a Server, OpenSSH, OpenVPN, Security Resources, US-CERT, SANS Institute, Bugtraq.

UNIX networking training course description A course covering the complete range of standard UNIX networking products from the basic TCP/IP configuration through DNS, NIS, NFS and Samba. Hands-on exercises follow most theory sessions. What will you learn Install and configure fundamental network services. Describe TCP/IP, Apache, DNS, NIS, NIS+, NFS, Samba and sendmail. Configure and administrate TCP/IP. Install and administrate a DNS server. Configure and administrate a NIS+ network. Administrate NFS. Setup a sendmail server. UNIX networking training course details Who will benefit: System Administrators. Network Administrators. Prerequisites: Linux engineer certification 1 (LPIC-2) Duration 5 days UNIX networking training course contents Organizing Email Services The UNIX Mail System, Mail Transfer Agent, Mail Delivery Agent, Mail User Agent, Email Protocols, SMTP, POP, IMAP, Using Email Servers, Sendmail, Postfix, Local Email Delivery, Procmail Basics, Sieve, Remote Email Delivery, Courier, Dovecot. DNS DNS and BIND, Configuring a DNS Server, Starting, Stopping, and Reloading BIND, Configuring BIND Logging, Creating and Maintaining DNS Zones, BIND Zone Files, Managing BIND Zones, Securing a DNS Server, ailing BIND, DNSSEC, TSIG, Employing DANE. Offering Web Services Web Servers, HTTP, The Apache Web Server, Installing and configuring Apache, Hosting Dynamic Web Applications, Secure Web Servers, Proxy Servers, Installing and configuring Squid, Configuring Clients, Nginx Server, Installing Nginx, Configuring Nginx. Sharing Files Samba, Configuring Samba, Troubleshooting Samba, NFS, Configuring NFS, Securing NFS, Troubleshooting NFS, FTP Servers, Configuring vsftpd, Configuring Pure-FTPd. Managing Network Clients Assigning Network Addresses, DHCP, UNIX DHCP Software, Installing and configuring a DHCP Server and clients, Authentication Service, PAM Basics, Configuring PAM, PAM Application Files, Network Directories, LDAP Basics, OpenLDAP Server, LDAP Clients. Setting Up System Security Server Network Security, Port Scanning, Intrusion Detection Systems, External Network Security, iptables, Routing in UNIX, Connecting Securely to a Server, OpenSSH, OpenVPN, Security Resources, US-CERT, SANS Institute, Bugtraq.

Network design training course description This course provides you with the knowledge needed to perform the design of a network infrastructure that supports desired network solutions to achieve effective performance, scalability, and availability. We recognise that the role of design does not normally require hands on skills but hands on sessions are used to reinforce the theory not to teach configuration or troubleshooting. What will you learn Create HA enterprise network designs. Develop optimum Layer 3 designs. Design effective modern WAN and data center networks. Develop effective migration approaches to IPv6. Create effective network security designs. Network design training course details Who will benefit: Anyone involved with network design. Prerequisites: TCP/IP Foundation for engineers Duration 5 days Network design training course contents Part I Reliable, resilient enterprise L2/3 network designOptimal Enterprise Campus Design:Enterprise campus design principles, hierarchy, modularity, flexibility, resiliency.EIGRP design:EIGRP Design, Should you use EIGRP?OSPF design: OSPF scalability designs, OSPF area design, OSPF Full-Mesh Design, OSPF Hub-and-Spoke Design, OSPF convergence design and optimization techniques. IS-IS Design:The protocol, IS-IS hierarchical architecture, IS-IS vs OSPF, IS-IS Deep Dive, IS-IS Design Considerations. BGP design:BGP overview, Designing Scalable iBGP Networks, BGP Route Reflector Design, Enhancing the Design of BGP Policies with BGP Communities, Case Study: Designing Enterprise wide BGP Policies Using BGP Communities, BGP Load-Sharing Design.Part II Enterprise IPv6 Design ConsiderationsIPv6 Design Considerations in the Enterprise: IPv6 Deployment and Design Considerations, Considerations for Migration to IPv6 Design, IPv6 Transition Mechanisms, Final Thoughts on IPv6 Transition Mechanisms. Challenges of the Transition to IPv6: IPv6 Services, Link Layer Security Considerations. Part III Modern Enterprise Wide-Area Networks DesignService Provider-Managed VPNs:Choosing Your WAN Connection, Layer 3 MPLS VPNs, Case Study: MPLS VPN Routing Propagation, Layer 2 MPLS VPN Services. Enterprise-Managed WANs: Enterprise-Managed VPNs, GRE, Multipoint GRE, Point-to-Point and Multipoint GRE, IPsec, IPsec and dynamic VTI, DMVPN, Case Study: EIGRP DMVPN, DMVPN and Redundancy, Case Study: MPLS/VPN over GRE/DMVPN, SSL VPN. Enterprise WAN Resiliency Design: WAN Remote-Site Overview, MPLS L3 WAN Design Models, Common L2 WAN Design Models, Common VPN WAN Design Models, 3G/4G VPN Design Models, Remote Site Using Local Internet, Remote-Site LAN, Case Study: Redundancy and Connectivity, NGWAN, SDWAN, and IWAN Solution Overview, IWAN Design Overview, Enterprise WAN and Access Management. Part IV Enterprise Data Center DesignsMultitier Data Center Designs: Case Study: Small Data Centers (Connecting Servers to an Enterprise LAN), Case Study: Two-Tier Data Center Network Architecture, Case Study: Three-Tier Data Center Network Architecture.Trends and Techniques to Design Modern Data Centers: The Need for a New Network Architecture, Limitations of Current Networking Technology, Modern Data Center Design Techniques and Architectures, Multitenant Data Center. SDN:SDN characteristics, How SDN addresses current Networking Limitations, SDN Architecture Components, SDN Network Virtualization overlays. Data Center Connections:Data Center Traffic Flows, The Need for DCI, IP Address Mobility, Case Study: Dark Fiber DCI, Pseudowire DCI. Part V Design QoS for Optimized User ExperienceQoS Overview:QoS Overview, IntServ versus DiffServ, Classification and Marking, Policers and Shapers, Policing Tools: Single-Rate Three-Color Marker, Policing Tools: TwoRate Three-Color Marker, Queuing Tools, Dropping Tools. QoS design principles and best practices: QoS overview, classification and marking design principles, policing and remarking design principles, queuing design principles, dropping design principles, Per-Hop behavior queue design principles, RFC 4594 QoS Recommendation, QoS Strategy Models. Campus QoS, WAN QoS, Data Center QoS.MPLS VPN QoS Design: The Need for QoS in MPLS VPN, Layer 2 Private WAN QoS Administration, Fully Meshed MPLS VPN QoS Administration, MPLS DiffServ Tunneling Modes, Sample MPLS VPN QoS Roles. IPsec VPN QoS Design: The Need for QoS in IPsec VPN, VPN Use Cases and Their QoS Models, IPsec Refresher, Encryption and Classification: Order of Operations, MTU Considerations, DMVPN QoS Considerations. Part VI IP Multicast DesignEnterprise IP Multicast Design: How Does IP Multicast Work? Multicast Protocols, Multicast Forwarding and RPF Check, Multicast Protocol Basics, PIM-SM Overview, Multicast Routing Table, Basic SSM Concepts, Bidirectional PIM. RP discovery, Anycast RP Features, MSDP. Part VII Designing Optimum Enterprise Network SecurityDesigning Security Services and Infrastructure Protection Network Security Zoning, Designing Infrastructure Protection.Designing firewall & IPS solutions: Firewall architectures, virtualized firewalls. Case Study: Application Tier separation, Case Study: Firewalls in a Data Center, Case Study: Firewall High Availability, IPS Architectures, Case Study: Secure Campus Edge Design (Internet and Extranet Connectivity). IP Multicast Security: Multicast Security Challenges, Multicast Network Security Considerations. Designing Network Access Control Solutions:IEEE 802.1X, EAP, 802.1X supplicants, 802.1X phased deployment, Case Study: Authorization Options. Part VIII Design scenariosDesign Case Studies: 1: Enterprise Connectivity, 2: Enterprise BGP with Internet Connectivity, 3: IPv6, 4: Data Center Connectivity, 5: Resilient Enterprise WAN, 6: Secure Enterprise Network, 7: QoS in the Enterprise Network.