1412 Network courses delivered Live Online

Duration 5 Days 30 CPD hours This course is intended for Students who need to know how to implement and manage Cisco ASA 5500-X. Overview Upon successful completion of this course, students should be able to do the following:? Technology and features of the Cisco ASA? Cisco ASA product family? How ASAs protect network devices from attacks? Bootstrap the security appliance? Prepare the security appliance for configuration via the Cisco Adaptive Security Device Manager (ASDM)? Launch and navigate ASDM? Essential security appliance configuration using ASDM and the command-line interface (CLI)? Configure dynamic and static address translations? Configure access policy based on ACLs? Use object groups to simplify ACL complexity and maintenance? Use the Modular Policy Framework to provide unique policies to specific data flows? Handle advanced protocols with application inspection? Troubleshoot with syslog and tcp ping? Configure the ASA to work with Cisco Secure ACS 5.2 for RADIUS-based AAA of VPNs? Implement site-to-site IPsec VPN? Implement remote access IPsec and SSL VPNs using the Cisco AnyConnect 3.0 Secure Mobility Client? Work with the 5.x Legacy Cisco IPsec VPN client and Anyconnect VPN client? Deploy clientless SSL VPN access, including smart tunnels, plug-ins, and web-type ACLs? Configure access control policies to implement your security policy across all classes of VPN? Configure Active/Standby failover for both firewall and VPN high availability Student will gain the essential skills required to configure, maintain, and operate Cisco ASA 5500-X Series Adaptive Security Appliances based on ASA Software v9.x. Cisco ASA Essentials ? Lesson 1: Evaluating Cisco ASA Technologies ? Lesson 2: Identifying Cisco ASA Families Basic Connectivity and Device Management ? Lesson 1: Preparing the Cisco ASA for Network Integration ? Lesson 2: Managing Basic Cisco ASA Network Settings ? Lesson 3: Configuring Cisco ASA Device Management Features Network Integration ? Lesson 1: Configuring Cisco ASA NAT Features ? Lesson 2: Configuring Cisco ASA Basic Access Control Features Cisco ASA Policy Control ? Lesson 1: Cisco ASA Modular Policy Framework ? Lesson 2: Configuring Cisco ASA Connection Policy Cisco ASA VPN Architecture and Common Components ? Lesson 1: Implementing Profiles, Group Policies, and User Policies ? Lesson 2: Implementing PKI Services Cisco ASA Clientless Remote Access SSL VPN Solutions ? Lesson 1: Deploying Basic Clientless VPN Solutions ? Lesson 2: Deploying Advanced Application Access for Clientless SSL VPNs Cisco AnyConnect Remote Access SSL Solutions ? Lesson 1: Deploying a Basic Cisco AnyConnect Full-Tunnel SSL VPN Solution Cisco ASA Remote Access IPsec VPNs ? Lesson 1: Deploying Cisco Remote Access VPN Clients ? Lesson 2: Deploying Basic Cisco Remote Access IPsec VPN Solutions Cisco ASA Site-to-Site IPsec VPN Solutions ? Lesson 1: Deploying Basic Site-to-Site IPsec VPNs ? Lesson 2: Deploying Advanced Site-to-Site IPsec VPNs Cisco ASA High Availability and Virtualization ? Lesson 1: Configuring Cisco ASA Active/Standby High Availability Labs Lab 1: Prepare the ASA for Administration Lab 2: Fundamental ASA Configuration Lab 3: Network Address Translation (NAT) Lab 4: Basic Access Control Lab 5: Basic Protocol Inspection Lab 6: Licensing, ACS, and Public CA Lab 7: Basic Clientless SSL VPN Lab 8: Clientless SSL VPN - Thin Apps Lab 9: Basic AnyConnect Full Tunnel SSL VPN Lab 10: Remote Access IPSec VPN Lab 11: IPSec Site-to-Site VPN Lab 12: Active/Standby Failover

Duration 5 Days 30 CPD hours This course is intended for Ideal candidates include network professionals who are looking to build their foundational knowledge of the ClearPass product portfolio. Overview After you successfully complete this course, expect to be able to: Ability to setup ClearPass as a AAA server Demonstrate Configuration Guest, OnGurad, Onboard and Profiling features Integrate with External AD Server Understand Monitoring and Reporting Demonstrate Scaling and deployment of best practices Configure AAA services for both wired and wireless networks Demonstrate the configuration of Aruba Downloadable User Roles. Demonstrate the configuration of Dynamic Segmentation with Aruba switches. This course prepares participants with foundational skills in Network Access Control using the ClearPass product portfolio. This 5-day classroom session includes both instructional modules and labs to teach participants about the major features of the ClearPass portfolio. Participants will learn how to setup ClearPass as an AAA server, and configure the Policy Manager, Guest, OnGuard and Onboard feature sets. In addition, this course covers integration with external Active Directory servers, Monitoring and Reporting, as well as deployment best practices. The student will gain insight into configuring authentication with ClearPass on both wired and wireless networks. Intro to ClearPass BYOD High Level Overview Posture and Profiling Guest and Onboard ClearPass for AAA Policy Service Rules Authentication Authorization and Roles Enforcement Policy and Profiles Authentication and Security Concepts Authentication Types Servers Radius COA Active Directory Certificates Intro to NAD NAD Devices Adding NAD to ClearPass Network Device Groups Network Device Attributes Aruba Controller as NAD Aruba Switch Aruba Instant Monitoring and Troubleshooting Monitoring Troubleshooting Logging Policy Simulation ClearPass Insight Insight Dashboard Insight Reports Insight Alerts Insight Search Insight Administration Insight Replication Active Directory Adding AD as Auth Source Joining AD domain Using AD services External Authentication Multiple AD domains LDAP Static Host Lists SQL Database External Radius Server Guest Guest Account creation Web Login pages Guest Service configuration Self-registration pages Configuring NADS for Guest Guest Manager Deep Dive Web Login Deep Dive Sponsor Approval MAC Caching Onboard Intro to Onboard Basic Onboard Setup Onboard Deepdive Single SSID Onboarding Dual SSID Onboarding Profiling Intro to Profiling Endpoint Analysis Deep Dive Posture Intro to Posture Posture Deployment Options OnGuard Agent Health Collection OnGuard workflow 802.1x with Posture using Persistent/dissolvable agent OnGuard web Login Monitoring and Updates Operation and Admin Users Operations Admin Users Clustering and Redundancy Clustering Redundancy LAB Licensing ClearPass Licensing Base License Applications ClearPass Exchange Intro Examples General HTTP Palo Alto Firewall Configuration Case Study Objectives Discussion Advanced Labs Overview Wired Port Authentication 802.1X for access layer switch ports Profiling on Wired Network Configuration of Dynamic Segmentation Aruba Downloadable User Roles Downloadable User Role Enforcement in ClearPass Aruba Controller/Gateway configuration Aruba Switch configuration Troubleshooting

Duration 5 Days 30 CPD hours Overview By the end of the course, you should be able to meet the following objectives: Describe the architecture and main components of NSX Explain the features and benefits of NSX Deploy the NSX Management cluster and VMware NSX Edge™ nodes Prepare VMware ESXi™ hosts to participate in NSX networking Create and configure segments for layer 2 forwarding Create and configure Tier-0 and Tier-1 gateways for logical routing Use distributed and gateway firewall policies to filter east-west and north-south traffic in NSX Configure Advanced Threat Prevention features Configure network services on NSX Edge nodes Use VMware Identity Manager™ and LDAP to manage users and access Explain the use cases, importance, and architecture of Federation This five-day, fast-paced course provides comprehensive training to install, configure, and manage a VMware NSX© environment. This course covers key features and functionality offered in the NSX 4.0.0.1 and NSX 4.0.1 releases, including the overall infrastructure, logical switching, logical routing, networking and security services, firewalls and advanced threat prevention, and more. Course Introduction Introductions and course logistics Course objectives VMware Virtual Cloud Network and VMware NSX Introduce the VMware Virtual Cloud Network vision Describe the NSX product portfolio Discuss NSX features, use cases, and benefits Explain NSX architecture and components Explain the management, control, data, and consumption planes and their functions. Preparing the NSX Infrastructure Deploy VMware NSX© ManagerTM nodes on ESXi hypervisors Navigate through the NSX UI Explain data plane components such as N-VDS/VDS, transport nodes, transport zones, profiles, and more Perform transport node preparation and configure the data plane infrastructure Verify transport node status and connectivity Explain DPU-based acceleration in NSX Install NSX using DPUs NSX Logical Switching Introduce key components and terminology in logical switching Describe the function and types of L2 segments Explain tunneling and the Geneve encapsulation Configure logical segments and attach hosts using NSX UI Describe the function and types of segment profiles Create segment profiles and apply them to segments and ports Explain the function of MAC, ARP, and TEP tables used in packet forwarding Demonstrate L2 unicast packet flow Explain ARP suppression and BUM traffic handling NSX Logical Routing Describe the logical routing function and use cases Introduce the two-tier routing architecture, topologies, and components Explain the Tier-0 and Tier-1 gateway functions Describe the logical router components: Service Router and Distributed Router Discuss the architecture and function of NSX Edge nodes Discuss deployment options of NSX Edge nodes Configure NSX Edge nodes and create NSX Edge clusters Configure Tier-0 and Tier-1 gateways Examine single-tier and multitier packet flows Configure static routing and dynamic routing, including BGP and OSPF Enable ECMP on a Tier-0 gateway Describe NSX Edge HA, failure detection, and failback modes Configure VRF Lite NSX Bridging Describe the function of logical bridging Discuss the logical bridging use cases Compare routing and bridging solutions Explain the components of logical bridging Create bridge clusters and bridge profiles NSX Firewalls Describe NSX segmentation Identify the steps to enforce Zero-Trust with NSX segmentation Describe the Distributed Firewall architecture, components, and function Configure Distributed Firewall sections and rules Configure the Distributed Firewall on VDS Describe the Gateway Firewall architecture, components, and function Configure Gateway Firewall sections and rules NSX Advanced Threat Prevention Explain NSX IDS/IPS and its use cases Configure NSX IDS/IPS Deploy NSX Application Platform Identify the components and architecture of NSX Malware Prevention Configure NSX Malware Prevention for east-west and north-south traffic Describe the use cases and architecture of VMware NSX© Intelligence? Identify the components and architecture of VMware NSX© Network Detection and Response? Use NSX Network Detection and Response to analyze network traffic events. NSX Services Explain and configure Network Address Translation (NAT) Explain and configure DNS and DHCP services Describe VMware NSX© Advanced Load Balancer? architecture, components, topologies, and use cases. Configure NSX Advanced Load Balancer Discuss the IPSec VPN and L2 VPN function and use cases Configure IPSec VPN and L2 VPN using the NSX UI NSX User and Role Management Describe the function and benefits of VMware Identity Manager? in NSX Integrate VMware Identity Manager with NSX Integrate LDAP with NSX Identify the various types of users, authentication policies, and permissions Use role-based access control to restrict user access Explain object-based access control in NSX NSX Federation Introduce the NSX Federation key concepts, terminology, and use cases. Explain the onboarding process of NSX Federation Describe the NSX Federation switching and routing functions. Describe the NSX Federation security concepts.

Duration 5 Days 30 CPD hours This course is intended for This course is targeted towards the information technology (IT) professional that has a minimum 1 year IT Security and Networking experience. This course would be ideal for Information System Owners, Security Officers, Ethical Hackers, Information Owners, Penetration Testers, System Owner and Managers as well as Cyber Security Engineers. Overview Upon completion, the Certified Professional Ethical Hacker candidate will be able to competently take the CPEH exam. The CPEH certification training enables students to understand the importance of vulnerability assessments and how to implement counter response along with preventative measures when it comes to a network hack. Security Fundamentals Overview The Growth of Environments and Security Our Motivation? The Goal: Protecting Information! CIA Triad in Detail Approach Security Holistically Security Definitions Definitions Relationships Method: Ping The TCP/IP Stack Which Services Use Which Ports? TCP 3-Way Handshake TCP Flags Malware Types of Malware Types of Malware Cont... Types of Viruses More Malware: Spyware Trojan Horses Back Doors DoS DDoS Packet Sniffers Passive Sniffing Active Sniffing Firewalls, IDS and IPS Firewall ? First Line of Defense IDS ? Second Line of Defense IPS ? Last Line of Defense? Firewalls Firewall Types: (1) Packet Filtering Firewall Types: (2) Proxy Firewalls Firewall Types ? Circuit-Level Proxy Firewall Type of Circuit- Level Proxy ? SOCKS Firewall Types ? Application-Layer Proxy Firewall Types: (3) Stateful Firewall Types: (4) Dynamic Packet-Filtering Firewall Types: (5) Kernel Proxies Firewall Placement Firewall Architecture Types ? Screened Host Multi- or Dual-Homed Screened Subnet Wi-Fi Network Types Wi-Fi Network Types Widely Deployed Standards Standards Comparison 802.11n - MIMO Overview of Database Server Review Access Controls Overview Role of Access Control Definitions More Definitions Categories of Access Controls Physical Controls Logical Controls ?Soft? Controls Security Roles Steps to Granting Access Access Criteria Physical Access Control Mechanisms Biometric System Types Synchronous Token Asynchronous Token Device Memory Cards Smart Card Cryptographic Keys Logical Access Controls OS Access Controls Linux Access Controls Accounts and Groups Password & Shadow File Formats Accounts and Groups Linux and UNIX Permissions Set UID Programs Trust Relationships Review Protocols Protocols Overview OSI ? Application Layer OSI ? Presentation Layer OSI ? Session Layer Transport Layer OSI ? Network Layer OSI ? Data Link OSI ? Physical Layer Protocols at Each OSI Model Layer TCP/IP Suite Port and Protocol Relationship Conceptual Use of Ports UDP versus TCP Protocols ? ARP Protocols ? ICMP Network Service ? DNS SSH Security Protocol SSH Protocols ? SNMP Protocols ? SMTP Packet Sniffers Example Packet Sniffers Review Cryptography Overview Introduction Encryption Cryptographic Definitions Encryption Algorithm Implementation Symmetric Encryption Symmetric Downfalls Symmetric Algorithms Crack Times Asymmetric Encryption Public Key Cryptography Advantages Asymmetric Algorithm Disadvantages Asymmetric Algorithm Examples Key Exchange Symmetric versus Asymmetric Using the Algorithm Types Together Instructor Demonstration Hashing Common Hash Algorithms Birthday Attack Example of a Birthday Attack Generic Hash Demo Instructor Demonstration Security Issues in Hashing Hash Collisions MD5 Collision Creates Rogue Certificate Authority Hybrid Encryption Digital Signatures SSL/TLS SSL Connection Setup SSL Hybrid Encryption SSH IPSec - Network Layer Protection IPSec IPSec Public Key Infrastructure Quantum Cryptography Attack Vectors Network Attacks More Attacks (Cryptanalysis) Review Why Vulnerability Assessments? Overview What is a Vulnerability Assessment? Vulnerability Assessment Benefits of a Vulnerability Assessment What are Vulnerabilities? Security Vulnerability Life Cycle Compliance and Project Scoping The Project Overview Statement Project Overview Statement Assessing Current Network Concerns Vulnerabilities in Networks More Concerns Network Vulnerability Assessment Methodology Network Vulnerability Assessment Methodology Phase I: Data Collection Phase II: Interviews, Information Reviews, and Hands-On Investigation Phase III: Analysis Analysis cont. Risk Management Why Is Risk Management Difficult? Risk Analysis Objectives Putting Together the Team and Components What Is the Value of an Asset? Examples of Some Vulnerabilities that Are Not Always Obvious Categorizing Risks Some Examples of Types of Losses Different Approaches to Analysis Who Uses What? Qualitative Analysis Steps Quantitative Analysis ALE Values Uses ALE Example ARO Values and Their Meaning ALE Calculation Can a Purely Quantitative Analysis Be Accomplished? Comparing Cost and Benefit Countermeasure Criteria Calculating Cost/Benefit Cost of a Countermeasure Can You Get Rid of All Risk? Management?s Response to Identified Risks Liability of Actions Policy Review (Top-Down) Methodology Definitions Policy Types Policies with Different Goals Industry Best Practice Standards Components that Support the Security Policy Policy Contents When Critiquing a Policy Technical (Bottom-Up) Methodology Review Vulnerability Tools of the Trade Vulnerability Scanners Nessus SAINT ? Sample Report Tool: Retina Qualys Guard http://www.qualys.com/products/overview/ Tool: LANguard Microsoft Baseline Analyzer MBSA Scan Report Dealing with Assessment Results Patch Management Options Review Output Analysis and Reports Overview Staying Abreast: Security Alerts Vulnerability Research Sites Nessus SAINT SAINT Reports GFI Languard GFI Reports MBSA MBSA Reports Review Reconnaissance, Enumeration & Scanning Reconnaissance Overview Step One in the Hacking ?Life-Cycle? What Information is Gathered by the Hacker? Passive vs. Active Reconnaissance Footprinting Defined Social Access Social Engineering Techniques Social Networking Sites People Search Engines Internet Archive: The WayBack Machine Footprinting Tools Overview Maltego GUI Johnny.Ihackstuff.com Google (cont.) Domain Name Registration WHOIS Output DNS Databases Using Nslookup Traceroute Operation Web Server Info Tool: Netcraft Introduction to Port Scanning Which Services use Which Ports? Port Scan Tips Port Scans Shou

STP alternatives training course description The Spanning Tree Protocol (STP) dates from 1985. This course explores the technologies that can be used as an alternative to STP, including FabricPath, SPB and TRILL. What will you learn Explain how STP and RSTP work. Explain how TRILL works. Explain how SPB works. Explain how FabricPath works. STP alternatives training course details Who will benefit: Technical network staff. Prerequisites: Definitive Ethernet switching for engineers Duration 1 day STP alternatives training course contents Introduction Layer 2 versus Layer 3, STP problems: One path, convergence, MAC explosion, STP alternatives. STP 802.1D, how STP works, root bridge, convergence times, single path. RSTP 802.1w, Improvements, convergence times. Link aggregation 802.3ad, Multi system Link aggregation. IS-IS Concepts, Discovery, topology exchange, flooding. Changes for TRILL, FabricPath and SPB. FabricPath Overview, architecture, control plane protocols, DRAP, STP interactions, packet forwarding, configuration. TRILL Concepts, RBridge, TRILL frames, control plane, data plane, learning MAC addresses. SPB 802.1aq, Node ID, Backbone Edge Bridges, Backbone MAC address, customer MACs, I-SID, forwarding database.

Duration 3 Days 18 CPD hours This course is intended for This course is recommended for technical professionals who support, install, deploy or administer Check Point products. Overview Know how to perform periodic administrator tasks. Describe the basic functions of the Gaia operating system. Recognize SmartConsole features, functions, and tools. Understand how SmartConsole is used by administrators to give user access. Learn how Check Point security solutions and products work and how they protect networks. Understand licensing and contract requirements for Check Point security products. Describe the essential elements of a Security Policy. Understand the Check Point policy layer concept. Understand how to enable the Application Control and URL Filtering software. Blades to block access to various applications. Describe how to configure manual and automatic NAT. Identify tools designed to monitor data, determine threats and recognize opportunities for performance improvements. Describe different Check Point Threat Prevention solutions for network attacks. Articulate how the Intrusion Prevention System is configured, maintained and tuned. Understand the Infinity Threat Prevention system. Knowledge about Check Point's IoT Protect. Learn basic concepts and develop skills necessary to administer IT security fundamental tasks. Course Outline Configure the Security Management Server. Use the WebUI to run the First Time Wizard. Install the Smart Console. Install the Alpha Gateway using the network detailed in the course topology. Demonstrate how the Security Management Server and Gateway communicate. Test SIC Status. Create multiple administrators and apply different roles and permissions for simultaneous administration. Validate existing licenses for products installed on the network. Create and configure host, network and group objects. Create a simplified Security Policy. Demonstrate how to use Security Zones in policy. Demonstrate how to share a layer between Security Polices. Configure Network Address Translation for server and network objects. Enable Identity Awareness. Deploy user access roles for more granular control of the security Policy. Generate network Traffic and use traffic visibility tools to monitor the data. Use SmartConsole and SmartView Monitor to view status, alerts, and block suspicious traffic.

Wireshark 101 training course description Wireshark is a free network protocol analyser. This hands-on course focuses on troubleshooting networks using the Wireshark protocol analyser. The course concentrates on the product and students will gain from the most from this course only if they already have a sound knowledge of the TCP/IP protocols What will you learn Download and install Wireshark. Capture and analyse packets with Wireshark. Configure capture and display filters. Customise Wireshark. Troubleshoot networks using Wireshark. Wireshark 101 training course details Who will benefit: Technical staff looking after networks. Prerequisites: TCP/IP Foundation for engineers Duration 2 days Wireshark 101 training course contents What is Wireshark? Protocol analysers, Wireshark features, versions, troubleshooting techniques with Wireshark. Installing Wireshark Downloading Wireshark, UNIX issues, Microsoft issues, the role of winpcap, promiscuous mode, installing Wireshark. Wireshark documentation and help. Hands on Downloading and installing Wireshark. Capturing traffic Starting and stopping basic packet captures, the packet list pane, packet details pane, packet bytes pane, interfaces, using Wireshark in a switched architecture. Hands on Capturing packets with Wireshark. Troubleshooting networks with Wireshark Common packet flows. Hands on Analysing a variety of problems with Wireshark. Capture filters Capture filter expressions, capture filter examples (host, port, network, protocol), primitives, combining primitives, payload matching. Hands on Configuring capture filters. Working with captured packets Live packet capture, saving to a file, capture file formats, reading capture files from other analysers, merging capture files, finding packets, going to a specific packet, display filters, display filter expressions. Hands on Saving captured data, configuring display filters. Analysis and statistics with Wireshark Enabling/disabling protocols, user specified decodes, following TCP streams, protocol statistics, conversation lists, endpoint lists, I/O graphs, protocol specific statistics. Hands on Using the analysis and statistics menus. Command line tools Tshark, capinfos, editcap, mergecap, text2pcap, idl2eth. Hands on Using tshark. Advanced issues 802.11 issues, management frames, monitor mode, packet reassembling, name resolution, customising Wireshark. Hands on Customising name resolution.

Duration 2 Days 12 CPD hours This course is intended for System installers System integrators System administrators Network administrators Overview After taking this course, you should be able to: Describe the Cisco SD-Branch solution and its architecture Explain the hardware components of the Cisco ENCS 5400 and Cisco Catalyst 8200 Series Edge Universal Customer Premises Equipment (uCPE) Install and access the Cisco Enterprise NFVIS on Cisco ENCS 5400 Understand the VNF Lifecycle management and its deployment Identify Cisco Enterprise NFVIS Security considerations Explain the Cisco SD-WAN solution and its components Describe the Cisco ENCS orchestrations systems and Representational State Transfer (REST) APIs Deploy the Cisco ENCS using orchestrators Monitor and troubleshoot Cisco ENFV components using Cisco vManage The Implementing Cisco Enterprise SD-Branch (ENSDBI) v1.0 course is designed to teach you to understand the Cisco© Software-Defined (SD)-Branch architecture and Cisco Enterprise Network Functions Virtualization (ENFV) solution. Through a series of in-person or e-learning lectures and labs, you will learn about the supported hardware platforms with a focus on the components, installation, and upgraded workflows of the Cisco Enterprise Network Compute System (ENCS) 5400 series. Additionally, this course will help you build your skills on Virtual Network Functions (VNF) deployment and orchestration solutions on Cisco ENCS. Course Outline Introducing Cisco SD-Branch Architecture and Cisco ENFV Solution Preparing Cisco ENCS Device for Deployment Deploying VNFs on Cisco ENCS Working with Cisco ENCS Orchestration Monitoring and Managing Cisco ENFV Components Additional course details: Nexus Humans Cisco Implementing Cisco Enterprise SD-Branch v1.0 (ENSDBI) training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the Cisco Implementing Cisco Enterprise SD-Branch v1.0 (ENSDBI) course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Definitive 802.1X training course description A hands-on training course concentrating solely on 802.1X. Hands on sessions follow major chapters to reinforce the theory. What will you learn Describe 802.1X. Explain how 802.1X works Configure 802.1X Troubleshoot 802.1X. Definitive 802.1X training course details Who will benefit: Technical network staff. Technical security staff. Prerequisites: SIP for engineers Duration 2 days Definitive 802.1X training course contents Introduction What is 802.1X? Authentication access, 802.3, 802.11. IEEE, 802, 802.1X-2001, 802.1X-2010. Architecture Supplicant, Authenticator, Authentication server, EAP, EAPOL, RADIUS, Diameter. Port configuration 802.1X in a switch environment. Hands on Configuring 802.1X. How it works Controlled ports, uncontrolled ports. Authentication flow chart, Initialisation, initiation, negotiation, authentication. Hands on 802.1X packet analysis. 802.1X and 802.11 WiFi, WiFi security. Hands on 802.1X WiFi port access. EAP Extensible Authentication Protocol, RFC 3748, RFC 5247. EAP methods: Weak, MD5, LEAP, Strong: TTLS, TLS, FAST. Encapsulation: 802.1X, PEAP, RADIUS, Diameter, PPP. 802.1X accounting RADIUS, accounting messages, 802.1X accounting AV pairs. 8021.X and VLANS VLANs, Guest VLAN, restricted VLAN, voice VLAN. Hands on VLAN assignments with 802.1X.

Duration 2 Days 12 CPD hours This course is intended for Networking and security professionals involved in the design, implementation, and administration of a network infrastructure using FortiGate appliances. Overview Analyze a FortiGate's route table. Route packets using policy-based and static routes for multi-path and load balanced deployments. Configure SD-WAN to load balance traffic between multiple WAN links effectively. Inspect traffic transparently, forwarding as a Layer 2 device. Divide FortiGate into two or more virtual devices, each operating as an independent FortiGate, by configuring virtual domains (VDOMs). Establish an IPsec VPN tunnel between two FortiGate appliances. Compare policy-based to route-based IPsec VPN. Implement a meshed or partially redundant VPN. Diagnose failed IKE exchanges. Offer Fortinet Single Sign On (FSSO) access to network services, integrated with Microsoft Active Directory. Deploy FortiGate devices as an HA cluster for fault tolerance and high performance. Deploy implicit and explicit proxy with firewall policies, authentication, and caching. Diagnose and correct common problems. In this two-day course, you will learn how to use advanced FortiGate networking and security. Course Outline Module 1. Routing Module 2. Software-Defined WAN (SD-WAN) Module 3. Layer 2 Switching Module 4. Virtual Domains Module 5. Site-to-Site IPsec VPN Module 6. Fortinet Single Sign-On (FSSO) Module 7. High Availability (HA) Module 8. Web Proxy Module 9. Diagnostics