Network fundamentals training course description An intensive hands on IP foundation leading to LINX Accredited Internet Technician stage 1. The course focuses on all parts of TCP/IP including layers 4 to 7 on end stations as well as layer 3 on routers. The TCP/IP protocols are also studied to enable delegates to be able to troubleshoot TCP/IP using Wireshark. Hands on sessions are used to reinforce the theory rather than teach specific manufacturer equipment. A multiple choice exam, leading to the LAIT I certification, is available after the course. The exam consists of 40 questions and lasts 1.5 hours. What will you learn Use ping, traceroute and other tools to diagnose faults on a network. Configure IP on PCs and routers. Plan IP addresses and subnets. Analyse IP and TCP packets using an analyser. Troubleshoot TCP/IP. Network fundamentals training course details Who will benefit: Network engineers. Prerequisites: None Duration 5 days Network fundamentals training course contents What is TCP/IP? TCP and IP are protocols, 7 layer model, network layers, hardware/software layers, internetworking, protocols, What is IP? What is TCP? The internet, The IAB, RFCs. Ping and Wireshark Host configuration, IP addresses, subnet masks, default gateways, ping. Hands on Base configuration. Testing with ping. Analysing packets with Wireshark. Switches and Wireshark Switches versus hubs, layer 2 forwarding table, flooding, broadcasts. Hands on Building a switched based network. Configuring network devices Configuration options, console port, putty, telnet. Hands on Configuring switches, telnet. IP IP packet format, protocol field, TTL, DiffServ, fragments, ICMP. Hands on IP packet analysis. IP addressing 32 bits, dotted decimal, rules, networks, role of subnet masks, simple subnetting, prefix notation. Broadcasts, special use addresses. Hands on Planning and implementing addressing. IP and the lower layers ARP, media not supporting ARP. Hands on ARP. Routing What are routers? What routers do, default gateways, routing and addressing, routing tables, ways to update routing tables. Hands on Building a routed network, traceroute. Routing protocols IGPs and EGPs, RIP, RIPv2, Why not to use RIP, OSPF, OSPF metrics, convergence, distance vector protocols, link state protocols. Hands on OSPF, analysing routing tables, loopbacks. Network simulators Network simulators, EVE-NG, GNS3, CML. Hands on Using EVE-NG. Subnetting Subnetting to the bit level, ranges, how prefixes are used. Hands on Subnetting. VLANS and IP addressing What are VLANs, tagging, 802.1Q, Inter VLAN routing. Hands on Inter VLAN routing. TCP and UDP Layer 4, port numbers, client ports, broadcasts multicasts and layer 4, UDP header, TCP header, connections, ACK, sliding windows, options, connection states. Sockets. Hands on Analysing TCP packets. IPv4 address configuration Private addresses, NAT, NAPT, dynamic addressing, DHCP, link local addresses. Hands on DHCP, NAT. IPv6 What is IPv6, 128 bit addresses, address formats, IPv6 address allocation, header format, migration, dual stack, tunnelling, NAT64, DNS64. Hands on IPv6 setup troubleshooting. IPv6 address configuration Static addressing, EUI-64 addresses, IPv6 address order, SLAAC, DHCPv6. Hands on SLAAC. Applications Clients, servers, HTTP, Email, resource sharing, VoIP, video, terminal emulation, remote desktop. Network management and SNMP. Hands on Servers, TFTP, VoIP packet analysis. DNS Names and addresses, hosts file, how DNS works. FQDNs, DNS client configuration. Hands on Troubleshooting DNS. Security Firewalls, firewall architectures, DMZ, how firewalls work, proxy servers, filtering, ACLs, IDS, VPNs, authentication, encryption, tunnels, secure protocols. Hands on Firewalls, SSH Troubleshooting Methods, tools. Using the 7 layer model. Troubleshooting toolkits. Hands on Fixing the network.
Jenkins training course description An introduction to Continuous Integration and development (CI/CD) in network automation using Jenkins. The course focusses specifically on the network Devops case of using Jenkins. What will you learn Explain how Jenkins can help with network automation. Configure Jenkins for network Devops. Use Jenkins for network automation. Jenkins training course details Who will benefit: Network engineers. Prerequisites: TCP/IP Foundation Duration 1 day Jenkins training course contents What is Jenkins? DevOps, CI/CD, version control systems, git, automating execution of tasks, Jenkins job, Jenkins pipeline, Jenkins plugins, CI server. Hands on Installing Jenkins. Example pipeline for network automation YAML, GitHub, Jenkins, ansible, network devices. Hands on Investigating a workflow: Auto deploying network configurations. Configuring Jenkins Code repository, build triggers, gerrit and reviews, build environment. A Jenkins job, build step, post build actions, running a Jenkins job, build log, home directory. Hands on Configuring Jenkins. CI using Jenkins Branches, pipeline, git, the git plugin. Hands on A Jenkins job to poll, build and unit test network configurations.
WCNA training course description Wireshark is a free network protocol analyser. This hands-on course provides a comprehensive tour of using Wireshark to troubleshoot networks. The course concentrates on the information needed in order to pass the WCNA exam. Students will gain the most from this course only if they already have a sound knowledge of the TCP/IP protocols. What will you learn Analyse packets and protocols in detail. Troubleshoot networks using Wireshark. Find performance problems using Wireshark. Perform network forensics. WCNA training course details Who will benefit: Technical staff looking after networks. Prerequisites: TCP/IP Foundation for engineers Duration 5 days WCNA training course contents What is Wireshark? Network analysis, troubleshooting, network traffic flows. Hands on Download/install Wireshark. Wireshark introduction Capturing packets, libpcap, winpcap, airpcap. Dissectors and plugins. The menus. Right click. Hands on Using Wireshark. Capturing traffic Wireshark and switches and routers. Remote traffic capture. Hands on Capturing packets. Capture filters Applying, identifiers, qualifiers, protocols, addresses, byte values. File sets, ring buffers. Hands on Capture filters. Preferences Configuration folders. Global and personal configurations. Capture preferences, name resolution, protocol settings. Colouring traffic. Profiles. Hands on Customising Wireshark. Time Packet time, timestamps, packet arrival times, delays, traffic rates, packets sizes, overall bytes. Hands on Measuring high latency. Trace file statistics Protocols and applications, conversations, packet lengths, destinations, protocol usages, strams, flows. Hands on Wireshark statistics. Display filters Applying, clearing, expressions, right click, conversations, endpoints, protocols, combining filters, specific bytes, regex filters. Hands on Display traffic. Streams Traffic reassembly, UDP and TCP conversations, SSL. Hands on Recreating streams. Saving Filtered, marked and ranges. Hands on Export. TCP/IP Analysis The expert system. DNS, ARP, IPv4, IPv6, ICMP, UDP, TCP. Hands on Analysing traffic. IO rates and trends Basic graphs, Advanced IO graphs. Round Trip Time, throughput rates. Hands on Graphs. Application analysis DHCP, HTTP, FTP, SMTP. Hands on Analysing application traffic. WiFi Signal strength and interference, monitor mode and promiscuous mode. Data, management and control frames. Hands on WLAN traffic. VoIP Call flows, Jitter, packet loss. RTP, SIP. Hands on Playing back calls. Performance problems Baselining. High latency, arrival times, delta times. Hands on Identifying poor performance. Network forensics Host vs network forensics, unusual traffic patterns, detecting scans and sweeps, suspect traffic. Hands on Signatures. Command line tools Tshark, capinfos, editcap, mergecap, text2pcap, dumpcap. Hands on Command tools.
OpenView training course description A hands-on course focusing on network management using HP OpenView network node manager on Microsoft Windows or UNIX. What will you learn Recognise the benefits of ADSL. Describe the network management architecture. Use HP OpenView. Diagnose faults using HP OpenView. Recognise the MIB structure. OpenView training course details Who will benefit: Technical staff wanting to learn DNS. Prerequisites: TCP/IP Foundation Duration 2 days OpenView training course contents Network management What is network management?, Benefits, issues, demonstration. Getting started with HP OpenView Starting HP OpenView, IP discovery, IP monitoring, controlling IP discovery. Using HP OpenView Mapping devices, map layouts, maps and submaps, objects and symbols, object attributes, colour codings, polling. Agents Configuring Cisco devices for SNMP support, communities, traps, syslog. Parts of SNMP SNMP architecture, MIB's, The protocol. HP OpenView SNMP configuration HP OpenView alarm browser HP OpenView alarms, alarm categories, filtering alarms, alarm details window. MIB's MIB1, MIB2, The MIB2 groups, additional MIB's, MIB compilers, vendor MIB's. HP OpenView MIB loader and browser. Monitoring devices Polling, obtaining MIB information. Diagnostic tools Poll node, the ping window, protocol test, locate route HP OpenView fault management Alarms, polling, fault management, setting thresholds and configuring traps.
Sockets programming training course description A hands on course for programmers using Sockets. It is important to recognise that the course assumes that delegates are already familiar with TCP/IP and Python. Practical exercises follow all the major theory sessions. What will you learn Read Python programs which use Sockets. Write Python programs which use Sockets. Debug Python programs which use Sockets. Sockets programming training course details Who will benefit: Programmers working with network applications. Prerequisites: TCP/IP foundation for engineers Python for network engineers Duration 2 days Sockets programming training course contents What is a socket? Review of IP, ICMP, UDP vs TCP, IP addresses, protocol numbers, ports. API's, UNIX I/O, sockets. SOCK_STREAM, SOCK_DGRAM. Hands on Compile and run code. The systems calls Clients and servers, structs, socket(), bind(), connect(), listen(), accept(), send(), recv(), sendto (), recvfrom(), close(), shutdown(), getpeername(), gethostname(). Hands on Walk through of example client and server code. First code TCP connections, passive opens, active opens. Hands on Write a simple 'hello world' server and client. Application protocols User character stream, ASCII turn taking, binary protocols. Hands on Raw SMTP, Writing a mail client. Clients Concurrency, polling, threads, event driven programming. Hands on Conferencing application. Servers Concurrency, stateful, stateless. Forks and execs. inetd. Hands on Running servers with and without inetd, chroot jails, conferencing server modifications. Advanced techniques Blocking, select(), partial send(s). Raw sockets, example sockets using Java, Perl and PHP. Hands on A broadcast application.
Penetration testing training course description An advanced technical hands on course focusing on hacking and counter hacking. The course revolves around a series of exercises based on "hacking" into a network (pen testing the network) and then defending against the hacks. What will you learn Perform penetration tests. Explain the technical workings of various penetration tests. Produce reports on results of penetration tests. Defend against hackers. Penetration testing training course details Who will benefit: Technical support staff, auditors and security professionals. Staff who are responsible for network infrastructure integrity. Prerequisites: IP Security IP VPNs Duration 5 days Penetration testing training course contents Introduction Hacking concepts, phases, types of attacks, 'White hacking', What is penetration testing? Why use pen testing, black box vs. white box testing, equipment and tools, security lifecycles, counter hacking, pen testing reports, methodologies, legal issues. Physical security and social engineering Testing access controls, perimeter reviews, location reviews, alarm response testing. Request testing, guided suggestions, trust testing. Social engineering concepts, techniques, counter measures, Identity theft, Impersonation on social media, Footprints through social engineering Reconnaissance (discovery) Footprinting methodologies, concepts, threats and countermeasures, WHOIS footprinting, Gaining contacts and addresses, DNS queries, NIC queries, ICMP ping sweeping, system and server trails from the target network, information leaks, competitive intelligence. Scanning pen testing. Gaining access Getting past passwords, password grinding, spoofed tokens, replays, remaining anonymous. Scanning (enumeration) Gaining OS info, platform info, open port info, application info. Routes used, proxies, firewalking, Port scanning, stealth port scanning, vulnerability scanning, FIN scanning, Xmas tree scanning, Null scanning, spoofed scanning, Scanning beyond IDS. Enumeration concepts, counter measures and enumeration pen testing. Hacking Hacking webservers, web applications, Wireless networks and mobile platforms. Concepts, threats, methodology, hacking tools and countermeasures. Trojan, Backdoors, Sniffers, Viruses and Worms Detection, concepts, countermeasures, Pen testing Trojans, backdoors, sniffers and viruses. MAC attacks, DHCP attacks, ARP poisoning, DNS poisoning Anti-Trojan software, Malware analysis Sniffing tools. Exploiting (testing) vulnerabilities Buffer overflows,, simple exploits, brute force methods, UNIX based, Windows based, specific application vulnerabilities. DoS/DDoS Concepts, techniques, attack tools, Botnet, countermeasures, protection tools, DoS attack pen testing. SQL Injection Types and testing, Blind SQL Injection, Injection tools, evasion and countermeasures. Securing networks 'Hurdles', firewalls, DMZ, stopping port scans, IDS, Honeypots, Router testing, firewall testing, IDS testing, Buffer Overflow. Cryptography PKI, Encryption algorithms, tools, Email and Disk Encryption. Information security Document grinding, privacy.
Securing Linux systems training course description This course teaches you everything you need to know to build a safe Linux environment. The first section handles cryptography and authentication with certificates, openssl, mod_ssl, DNSSEC and filesystem encryption. Then Host security and hardening is covered with intrusion detection, and also user management and authentication. Filesystem Access control is then covered. Finally network security is covered with network hardening, packet filtering and VPNs. What will you learn Secure Linux accounts. Secure Linux file systems. Secure Linux access through the network. Securing Linux systems training course details Who will benefit: Linux technical staff needing to secure their systems. Prerequisites: Linux system administration (LPIC-1) Duration 5 days Securing Linux systems training course contents Cryptography Certificates and Public Key Infrastructures X.509 certificates, lifecycle, fields and certificate extensions. Trust chains and PKI. openssl. Public and private keys. Certification authority. Manage server and client certificates. Revoke certificates and CAs. Encryption, signing and authentication SSL, TLS, protocol versions. Transport layer security threats, e.g. MITM. Apache HTTPD with mod_ssl for HTTPS service, including SNI and HSTS. HTTPD with mod_ssl to authenticate users using certificates. HTTPD with mod_ssl to provide OCSP stapling. Use OpenSSL for SSL/TLS client and server tests. Encrypted File Systems Block device and file system encryption. dm-crypt with LUKS to encrypt block devices. eCryptfs to encrypt file systems, including home directories and, PAM integration, plain dm-crypt and EncFS. DNS and cryptography DNSSEC and DANE. BIND as an authoritative name server serving DNSSEC secured zones. BIND as an recursive name server that performs DNSSEC validation, KSK, ZSK, Key Tag, Key generation, key storage, key management and key rollover, Maintenance and resigning of zones, Use DANE. TSIG. Host Security Host Hardening BIOS and boot loader (GRUB 2) security. Disable useless software and services, sysctl for security related kernel configuration, particularly ASLR, Exec-Shield and IP / ICMP configuration, Exec-Shield and IP / ICMP configuration, Limit resource usage. Work with chroot environments, Security advantages of virtualization. Host Intrusion Detection The Linux Audit system, chkrootkit, rkhunter, including updates, Linux Malware Detect, Automate host scans using cron, AIDE, including rule management, OpenSCAP. User Management and Authentication NSS and PAM, Enforce password policies. Lock accounts automatically after failed login attempts, SSSD, Configure NSS and PAM for use with SSSD, SSSD authentication against Active Directory, IPA, LDAP, Kerberos and local domains, Kerberos and local domains, Kerberos tickets. FreeIPA Installation and Samba Integration FreeIPA, architecture and components. Install and manage a FreeIPA server and domain, Active Directory replication and Kerberos cross-realm trusts, sudo, autofs, SSH and SELinux integration in FreeIPA. Access Control Discretionary Access Control File ownership and permissions, SUID, SGID. Access control lists, extended attributes and attribute classes. Mandatory Access Control TE, RBAC, MAC, DAC. SELinux, AppArmor and Smack. etwork File Systems NFSv4 security issues and improvements, NFSv4 server and clients, NFSv4 authentication mechanisms (LIPKEY, SPKM, Kerberos), NFSv4 pseudo file system, NFSv4 ACLs. CIFS clients, CIFS Unix Extensions, CIFS security modes (NTLM, Kerberos), mapping and handling of CIFS ACLs and SIDs in a Linux system. Network Security Network Hardening FreeRADIUS, nmap, scan methods. Wireshark, filters and statistics. Rogue router advertisements and DHCP messages. Network Intrusion Detection ntop, Cacti, bandwidth usage monitoring, Snort, rule management, OpenVAS, NASL. Packet Filtering Firewall architectures, DMZ, netfilter, iptables and ip6tables, standard modules, tests and targets. IPv4 and IPv6 packet filtering. Connection tracking, NAT. IP sets and netfilter rules, nftables and nft. ebtables. conntrackd Virtual Private Networks OpenVPN server and clients for both bridged and routed VPN networks. IPsec server and clients for routed VPN networks using IPsec-Tools / racoon. L2TP.
CWSP training course description A hands-on training course concentrating solely on WiFi security with an emphasis on the delegates learning the necessary knowledge and skills to pass the CWSP exam. The course progresses from simple authentication, encryption and key management onto in depth coverage of 802.X and EAP along with many other security solutions such as access control, intrusion prevention and secure roaming. What will you learn Demonstrate the threats to WiFi networks. Secure WiFi networks. Configure: WPA2 RADIUS 802.1x EAP Pass the CWSP exam. CWSP training course details Who will benefit: Technical network staff. Technical security staff. Prerequisites: Certified Wireless Network Associate. Duration 5 days CWSP training course contents WLAN Security overview Standards, security basics, AAA, 802.11 security history. Hands on WLAN connectivity. Legacy 802.11 security Authentication: Open system, shared key. WEP. VPNs. MAC filters. SSID segmentation, SSID cloaking. Hands on Analysing 802.11 frame exchanges, viewing hidden SSIDs. Encryption Basics, AES, TKIP, CCMP, WPA, WPA2. Hands on Decrypting 802.11 data frames. 802.11 layer 2 authentication 802.1X: Supplicant, Authenticator, Authentication server. Credentials. Legacy authentication. EAP, Weak EAP protocols, Strong EAP protocols: EAP -PEAP, EAP-TTLS, EAP-TLS, EAP-FAST. Hands on Analysing 802.1X/EAP frames. 802.11 layer 2 dynamic key generation Robust Security Network. Hands on Authentication and key management. SOHO 802.11 security WPA/WPA2 personal, Preshared Keys, WiFi Protected Setup (WPS). Hands on PSK mapping. WLAN security infrastructure DS, Autonomous APs, WLAN controllers, split MAC, mesh, bridging, location based access control. Resilience. Wireless network management system. RADIUS/LDAP servers, PKI, RBAC. Hands on 802.1X/EAP configuration. RADIUS configuration. 802.11 Fast secure roaming History, RSNA, OKC, Fast BSS transition, 802.11k. Hands on Roaming. Wireless security risks Rogue devices, rogue prevention. Eavesdropping, DOS attacks. Public access and hotspots. Hands on Backtrack. WiFi security auditing Layer 1 audit, layer 2 audit, pen testing. WLAN security auditing tools. WiFi security monitoring Wireless Intrusion Detection and Prevention Systems. Device classification, WIDS/WIPS analysis. Monitoring. 802.11w. Hands on Laptop spectrum analysers. VPNs, remote access, guest access Role of VPNs in 802.11, remote access, hotspots, captive portal. Wireless security policies General policy, functional policy, recommendations.
3Com switches training course description A hands on course covering the product specifics of 3Com switches. Installation, configuration, maintenance and troubleshooting are all covered in a practical oriented way. What will you learn Install 3Com switches. Use the command line interface and the web based interface to manage 3Com switches. Configure and troubleshoot 3Com switches. Configure and troubleshoot 3Com switches. Perform software upgrades. 3Com switches training course details Who will benefit: Anyone working with 3Com switches. Particularly aimed at engineers and technicians supporting 3Com switches. Prerequisites: None. Duration 2 days 3Com switches training course content Introduction How Ethernet works with hubs, How Ethernet works with switches. Installing 3Com switches. Hands on Building a network with a hub, building a network with a 3Com switch. Basic troubleshooting The 3Com switch range, LEDs, cabling issues, system resets, default settings. Hands on Building a network with multiple 3Com switches. Configuration methods Managed vs. unmanaged switches, Console port access, telnet, web based access, SNMP, saving configurations, NVRAM, switch stacks. Hands on Accessing the switch using the console, IP address configuration, telnet. Console interface Default users, passwords, the menus, menu options, online help, CLI commands. Hands on Setting passwords, displaying the switch configuration. Web based interface Getting started, basic format. Hands on Configuring the switch using the web interface. Port configuration Common port configuration tasks, port aggregation, resilient links. Hands on Configuring ports. STP configuration What is STP? Configuring STP. Hands on Enabling and disabling STP, configuring STP. VLAN configuration What are VLANS? 802.1Q, tagged/untagged, creating VLANS, applying VLANS. Hands on Setting up VLANS, setting up 802.1Q, Inter VLAN traffic. Housekeeping TFTP, software upgrades Hands on Software upgrade. SNMP SNMP configuration, Transcend, other NMS's. Hands on Using SNMP to manage a 3Com switch, putting it all together: troubleshooting.
Firewalls training course description A technical hands on training course covering firewall technologies. This focuses on the whys and hows of firewall technology rather than looking at manufacturer specific issues. What will you learn Design secure firewall protected networks. Test firewalls. Evaluate firewalls Configure firewalls Firewalls training course details Who will benefit: Technical staff wanting to learn about Filrewalls including: Technical network staff. Technical security staff. Prerequisites: IP security foundation for engineers Duration 2 days Firewalls training course contents Firewall introduction Security review, what is a firewall? What do firewalls do? Firewall benefits, concepts. Hands on Configuring the network to be used in later labs, launching various attacks on a target. Firewall types Packet filtering, SPI, Proxy, Personal. Software firewalls, hardware firewalls, blade based firewalls, personal firewalls, which firewall should you use? Firewall products. Hands on Configuring a simple firewall. Packet filtering firewalls Things to filter in the IP header, stateless vs. stateful filtering. ACLs. Advantages of packet filtering. Hands on Configuring packet filtering firewalls. Stateful packet filtering Stateful algorithms, packet-by-packet inspection, application content filtering, tracks, special handling (fragments, IP options), sessions with TCP and UDP. Firewall hacking detection: SYN attacks, SSL, SSH interception. Hands on Stateful packet inspection firewalls. Proxy firewalls Circuit level, application level, SOCKS. Proxy firewall advantages and disadvantages. Hands on Proxy firewalls. Personal firewalls The role of personal firewalls, Windows XP, Zonealarm. Hands on Configuring a personal firewall. Firewall architectures Home based, small office, enterprise, service provider, what is a DMZ? DMZ architectures, bastion hosts, multi DMZ. Virtual firewalls, transparent firewalls. Dual firewall design, high availability, load balancing, VRRP. Hands on Resilient firewall architecture. Securing communications VPNs, IPsec. Firewall configuration of VPNs, integration of dedicated VPN devices and firewalls. Hands on IPSec VPN configuration. Testing firewalls Configuration checklist, testing procedure, monitoring firewalls, logging, syslog. Hands on Testing firewalls.