499 Policy courses in Cardiff delivered Live Online

Duration 5 Days 30 CPD hours This course is intended for This course is designed for technical professionals who need to know how to deploy and manage a Cisco Firepower NGIPS in their network environment. Security administrators Security consultants Network administrators System engineers Technical support personnel Channel partners and resellers Overview After taking this course, you should be able to: Describe the components of Cisco Firepower Threat Defense and the managed device registration process Detail Next-Generation Firewalls (NGFW) traffic control and configure the Cisco Firepower system for network discovery Implement access control policies and describe access control policy advanced features Configure security intelligences features and the Advanced Malware Protection (AMP) for Networks implementation procedure for file control and advanced malware protection Implement and manage intrusion and network analysis policies for NGIPS inspection Describe and demonstrate the detailed analysis techniques and reporting features provided by the Cisco Firepower Management Center Integrate the Cisco Firepower Management Center with an external logging destination Describe and demonstrate the external alerting options available to Cisco Firepower Management Center and configure a correlation policy Describe key Cisco Firepower Management Center software update and user account management features Identify commonly misconfigured settings within the Cisco Firepower Management Center and use basic commands to troubleshoot a Cisco Firepower Threat Defense device This course shows you how to deploy and use Cisco Firepower© Next-Generation Intrusion Prevention System (NGIPS). This hands-on course gives you the knowledge and skills to use the platform features and includes firewall security concepts, platform architecture and key features; in-depth event analysis including detection of network-based malware and file type, NGIPS tuning and configuration including application control, security intelligence, firewall, and network-based malware and file controls; Snort© rules language; file and malware inspection, security intelligence, and network analysis policy configuration designed to detect traffic patterns; configuration and deployment of correlation policies to take action based on events detected; troubleshooting; system and user administration tasks, and more. This course helps you prepare to take the exam, Securing Networks with Cisco Firepower (300-710 SNCF), which leads to CCNP Security and Cisco Certified Specialist ? Network Security Firepower certifications. The 300-710 SNCF exam has a second preparation course as well, Cisco© Securing Networks with Cisco© Firepower Next Generation Firewall (SSNGFW). You can take these courses in any order. Course Outline Cisco Firepower Threat Defense Overview Cisco Firepower NGFW Device Configuration Cisco Firepower NGFW Traffic Control Cisco Firepower Discovery Implementing Access Control Policies Security Intelligence File Control and Advanced Malware Protection Next-Generation Intrusion Prevention Systems Network Analysis Policies Detailed Analysis Techniques Cisco Firepower Platform Integration Alerting and Correlation Policies Performing System Administration Troubleshooting Cisco Firepower

Duration 2 Days 12 CPD hours This course is intended for This course is intended for network operators, network administrators, network engineers, network architects, security administrators, and security architects responsible for installation, setup, configuration, and administration of the BIG-IP AFM system. This course uses lectures and hands-on exercises to give participants real-time experience in setting up and configuring the BIG-IP Advanced Firewall Manager (AFM) system. Students are introduced to the AFM user interface, stepping through various options that demonstrate how AFM is configured to build a network firewall and to detect and protect against DoS (Denial of Service) attacks. Reporting and log facilities are also explained and used in the course labs. Further Firewall functionality and additional DoS facilities for DNS and SIP traffic are discussed. Module 1: Setting Up the BIG-IP System Introducing the BIG-IP System Initially Setting Up the BIG-IP System Archiving the BIG-IP System Configuration Leveraging F5 Support Resources and Tools Module 2: AFM Overview AFM Overview AFM Availability AFM and the BIG-IP Security Menu Packet Processing Rules and Direction Rules Contexts and Processing Inline Rule Editor Module 3: Network Firewall AFM Firewalls Contexts Modes Packet Processing Rules and Direction Rules Contexts and Processing Inline Rule Editor Configuring Network Firewall Network Firewall Rules and Policies Network Firewall Rule Creation Identifying Traffic by Region with Geolocation Identifying Redundant and Conflicting Rules Identifying Stale Rules Prebuilding Firewall Rules with Lists and Schedules Rule Lists Address Lists Port Lists Schedules Network Firewall Policies Policy Status and Management Other Rule Actions Redirecting Traffic with Send to Virtual Checking Rule Processing with Packet Tester Examining Connections with Flow Inspector Module 4: Logs Event Logs Logging Profiles Limiting Log Messages with Log Throttling Enabling Logging in Firewall Rules BIG-IP Logging Mechanisms Log Publisher Log Destination Filtering Logs with the Custom Search Facility Logging Global Rule Events Log Configuration Changes QKView and Log Files SNMP MIB SNMP Traps Module 5: IP Intelligence Overview Feature 1 Dynamic White and Black Lists Black List Categories Feed Lists IP Intelligence Policies IP Intelligence Log Profile IP Intelligence Reporting Troubleshooting IP Intelligence Lists Feature 2 IP Intelligence Database Licensing Installation Configuration Troubleshooting IP Intelligence iRule Module 6: DoS Protection Denial of Service and DoS Protection Overview Device DoS Protection Configuring Device DoS Protection Variant 1 DoS Vectors Variant 2 DoS Vectors Automatic Threshold Configuration Variant 3 DoS Vectors Device DoS Profiles DoS Protection Profile Dynamic Signatures Dynamic Signatures Configuration DoS iRules Module 7: Reports AFM Reporting Facilities Overview Examining the Status of Particular AFM Features Exporting the Data Managing the Reporting Settings Scheduling Reports Examining AFM Status at High Level Mini Reporting Windows (Widgets) Building Custom Widgets Deleting and Restoring Widgets Dashboards Module 8: DoS White Lists Bypassing DoS Checks with White Lists Configuring DoS White Lists tmsh options Per Profile Whitelist Address List Module 9: DoS Sweep Flood Protection Isolating Bad Clients with Sweep Flood Configuring Sweep Flood Module 10: IP Intelligence Shun Overview Manual Configuration Dynamic Configuration IP Intelligence Policy tmsh options Extending the Shun Feature Route this Traffic to Nowhere - Remotely Triggered Black Hole Route this Traffic for Further Processing - Scrubber Module 11: DNS Firewall Filtering DNS Traffic with DNS Firewall Configuring DNS Firewall DNS Query Types DNS Opcode Types Logging DNS Firewall Events Troubleshooting Module 12: DNS DoS Overview DNS DoS Configuring DNS DoS DoS Protection Profile Device DoS and DNS Module 13: SIP DoS Session Initiation Protocol (SIP) Transactions and Dialogs SIP DoS Configuration DoS Protection Profile Device DoS and SIP Module 14: Port Misuse Overview Port Misuse and Service Policies Building a Port Misuse Policy Attaching a Service Policy Creating a Log Profile Module 15: Network Firewall iRules Overview iRule Events Configuration When to use iRules More Information Module 16: Recap BIG-IP Architecture and Traffic Flow AFM Packet Processing Overview

Duration 3 Days 18 CPD hours This course is intended for This course is for network managers, resellers, systems administrators, client security administrators, systems professionals, and consultants who are charged with the installation, configuration, and day-to-day management of Symantec Endpoint Protection in a variety of network environments, and who are responsible for troubleshooting and tuning the performance of this product in the enterprise environment. Overview At the completion of the course, you will be able to: Describe Symantec Endpoint Protection products, components, dependencies, and system hierarchy. Install and configure Symantec Endpoint Protection management and client components. Deploy Symantec Endpoint Protection Windows, Windows Embedded, Mac and Linux clients. Manage the client user interface. Manage content updates for Windows, Mac, and Linux. Perform server and database management. Configure replication and load balancing. Design a Symantec Endpoint Protection environment. This course is designed for the network, IT security, and systems administration professional tasked with architecting and implementing Symantec Endpoint Protection. Introduction Course overview The classroom lab environment Symantec Endpoint Protection Product Solution Why use Symantec Endpoint Protection? Symantec Endpoint Protection technologies Symantec Endpoint Protection services Symantec Endpoint Protection components Symantec Endpoint Protection policies and concepts Extending Symantec Endpoint Protection Installing the Symantec Endpoint Protection Manager Identifying system requirements Preparing servers for installation Installing and configuring the Symantec Endpoint Protection Manager Describing Symantec Endpoint Protection upgrades and version compatibility Configuring the Symantec Endpoint Protection Environment Starting and navigating the SEPM Describing policy types and components Console authentication Licensing the SEP environment Deploying Windows and Windows Embedded Clients Planning the client deployment Configuring client deployment package Deploying packages to clients Maintaining the client environment Upgrading Symantec Endpoint Protection clients Deploying Mac and Linux Clients Linux prerequisites Linux deployment Mac prerequisites Mac deployment Client and Policy Management Describing SEPM and client communications Administering clients Configuring groups Configuring locations Active Directory integration with SEP 12.1 Client configuration modes Configuring domains General client settings and Tamper Protection Configuring Content Updates for Windows Clients Introducing LiveUpdate Configuring the SEPM for LiveUpdate Configuring the LiveUpdate Settings and Content policies Configuring multiple group update providers (GUPs) Manually updating virus definitions Configuring Content Updates for Mac and Linux Clients Describing content update methods Configuring the LiveUpdate policy Configuring the SEPM as a reverse proxy Monitoring updates Performing Server and Database Management Managing SEPM servers Maintaining server security Communicating with other servers Managing administrators Managing the database Disaster recovery techniques Configuring Replication and Failover and Load Balancing About sites and replication How replication works Symantec Endpoint Protection replication scenarios Configuring replication Failover and load balancing Designing a Symantec Endpoint Environment Architecture components Architecture constraints Component placement Content delivery Determining client to SEPM ratios SEPM and database sizing best practices

Duration 2 Days 12 CPD hours This course is intended for This course is intended for network engineers, network support personnel, and reseller support. Overview After successfully completing this course, you should be able to:Configure LAN-to-LAN IP Security (IPsec) VPNs in various configurations. Configure VPN redundancy. Configure dynamic routing using IPsec VPNs. Configure remote access IPsec connectivity including group Internet Key Exchange (IKE) and shared IKE. Configure generic routing encapsulation (GRE) tunnels. This intermediate-level course focuses on the wide range of options available when configuring virtual private networks (VPNs) using Juniper Networks firewall/VPN products. Students attending the course will learn these various deployments through detailed lectures and hands-on lab exercises. Chapter 1: Course IntroductionChapter 2: ScreenOS VPN Basics Review VPN Review Verifying Operations VPN Monitor Lab: VPN Review Chapter 3: VPN Variations Dynamic Peers Transparent Mode Overlapping Addresses Lab: VPN Variations Chapter 4: Hub-and-Spoke VPNs Concepts Policy-Based Hub-and-Spoke VPNs Route-Based Hub-and-Spoke VPNs with No Policy and NHTB Route-Based Hub-and_Spoke VPNS with Policy Centralized Control Hub-and-Spoke VPNs ACVPNs Lab: Hub-and-Spoke VPNs Chapter 5: Routing over VPNs Routing Overview Configuring RIP Configuring OSPF Case Studies Lab: Dynamic Routing Chapter 6: Using Certificates Concepts and Terminology Configuring Certificates and Certificate Support Configuring VPNs with Certificates Lab: Using Certificates Chapter 7: Redundant VPN Gateways (Optional) Redundant VPN Gateways Other Options Demonstration: Redundant VPN Gateways Chapter 8: Generic Routing Encapsulation (Optional) Configuring GRE Chapter 9: Dial-Up IPsec VPNs (Optional) Basic Dial-Up Configuration Group IKE ID XAUTH and Shared IKE ID Additional course details: Nexus Humans Advanced Juniper Networks VPN Implementations training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the Advanced Juniper Networks VPN Implementations course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Join us as we delve into the essential do's and don'ts of LinkedIn, uncovering the key tactics to optimize your profile, expand your network, and engage effectively with potential customers and collaborators.

Duration 2 Days 12 CPD hours This course is intended for Networking and security professionals involved in the design, implementation, and administration of a network infrastructure using FortiGate appliances. Overview Analyze a FortiGate's route table. Route packets using policy-based and static routes for multi-path and load balanced deployments. Configure SD-WAN to load balance traffic between multiple WAN links effectively. Inspect traffic transparently, forwarding as a Layer 2 device. Divide FortiGate into two or more virtual devices, each operating as an independent FortiGate, by configuring virtual domains (VDOMs). Establish an IPsec VPN tunnel between two FortiGate appliances. Compare policy-based to route-based IPsec VPN. Implement a meshed or partially redundant VPN. Diagnose failed IKE exchanges. Offer Fortinet Single Sign On (FSSO) access to network services, integrated with Microsoft Active Directory. Deploy FortiGate devices as an HA cluster for fault tolerance and high performance. Deploy implicit and explicit proxy with firewall policies, authentication, and caching. Diagnose and correct common problems. In this two-day course, you will learn how to use advanced FortiGate networking and security. Course Outline Module 1. Routing Module 2. Software-Defined WAN (SD-WAN) Module 3. Layer 2 Switching Module 4. Virtual Domains Module 5. Site-to-Site IPsec VPN Module 6. Fortinet Single Sign-On (FSSO) Module 7. High Availability (HA) Module 8. Web Proxy Module 9. Diagnostics

Duration 3 Days 18 CPD hours This course is intended for This course is designed for integration developers who configure service policies on IBM© DataPower Gateways. Overview After completing this course, you should be able to: Describe how DataPower gateways are configured Create and configure cryptographic objects Configure Secure Sockets Layer (SSL) to and from DataPower gateways Configure a multi-protocol gateway (MPGW) to handle multiple protocols from a single service Configure a service level monitoring (SLM) policy to control message traffic Use logs and probes to troubleshoot services Use patterns to define and deploy new services Configure message transformation and routing by using style sheets (XSL) and GatewayScripts Handle errors in service policies This course teaches you the essential skills that are required to configure, implement, and troubleshoot services that are developed on the IBM© DataPower Gateways (IDG) with firmware version 7.5.0, regardless of use case. The DataPower Gateways allow an enterprise to simplify, accelerate, and enhance the security capabilities of its XML and web services deployments, and extend the capabilities of its service-oriented architecture (SOA) infrastructure. The gateways also extend these capabilities into the JSON, REST, and Mobile application areas. Through a combination of instructor-led lectures and hands-on lab exercises, you learn how to develop and debug services that are implemented on the DataPower gateways. These skills include WebGUI and Blueprint Console navigation, service type selection, basic multi-protocol gateway configuration, creating and using cryptographic objects, and configuring SSL connections. You also learn how to use various problem determination tools such as logs, monitors, and probes, and techniques for testing DataPower services and handling errors. Hands-on exercises give you experience working directly with a DataPower Gateway. The exercises focus on skills such as creating multi-protocol gateways, working with cryptographic and SSL objects, configuring service level monitoring, troubleshooting services, handling errors in a service policy, and deploying a service from a pattern. Course introductionQuick introduction to developing on DataPowerExercise: First exposure to the DataPower developer environmentServices overviewStructure of a serviceExercise: Creating a BookingService gatewayMulti-protocol gateway serviceProblem determination toolsExercise: Enhancing the BookingService gatewayHandling errors in a service policyExercise: Adding error handling to a service policyDataPower cryptographic tools and SSL setupExercise: Creating cryptographic objects and configuring SSLService level monitoringExercise: Implementing a service level monitor in a multi-protocol gatewayPatterns for service configurationExercise: Using a DataPower pattern to deploy a serviceCourse summary

Duration 5 Days 30 CPD hours This course is intended for This course is targeted towards the information technology (IT) professional that has a minimum 1 year IT Security and Networking experience. This course would be ideal for Information System Owners, Security Officers, Ethical Hackers, Information Owners, Penetration Testers, System Owner and Managers as well as Cyber Security Engineers. Overview Upon completion, the Certified Professional Ethical Hacker candidate will be able to competently take the CPEH exam. The CPEH certification training enables students to understand the importance of vulnerability assessments and how to implement counter response along with preventative measures when it comes to a network hack. Security Fundamentals Overview The Growth of Environments and Security Our Motivation? The Goal: Protecting Information! CIA Triad in Detail Approach Security Holistically Security Definitions Definitions Relationships Method: Ping The TCP/IP Stack Which Services Use Which Ports? TCP 3-Way Handshake TCP Flags Malware Types of Malware Types of Malware Cont... Types of Viruses More Malware: Spyware Trojan Horses Back Doors DoS DDoS Packet Sniffers Passive Sniffing Active Sniffing Firewalls, IDS and IPS Firewall ? First Line of Defense IDS ? Second Line of Defense IPS ? Last Line of Defense? Firewalls Firewall Types: (1) Packet Filtering Firewall Types: (2) Proxy Firewalls Firewall Types ? Circuit-Level Proxy Firewall Type of Circuit- Level Proxy ? SOCKS Firewall Types ? Application-Layer Proxy Firewall Types: (3) Stateful Firewall Types: (4) Dynamic Packet-Filtering Firewall Types: (5) Kernel Proxies Firewall Placement Firewall Architecture Types ? Screened Host Multi- or Dual-Homed Screened Subnet Wi-Fi Network Types Wi-Fi Network Types Widely Deployed Standards Standards Comparison 802.11n - MIMO Overview of Database Server Review Access Controls Overview Role of Access Control Definitions More Definitions Categories of Access Controls Physical Controls Logical Controls ?Soft? Controls Security Roles Steps to Granting Access Access Criteria Physical Access Control Mechanisms Biometric System Types Synchronous Token Asynchronous Token Device Memory Cards Smart Card Cryptographic Keys Logical Access Controls OS Access Controls Linux Access Controls Accounts and Groups Password & Shadow File Formats Accounts and Groups Linux and UNIX Permissions Set UID Programs Trust Relationships Review Protocols Protocols Overview OSI ? Application Layer OSI ? Presentation Layer OSI ? Session Layer Transport Layer OSI ? Network Layer OSI ? Data Link OSI ? Physical Layer Protocols at Each OSI Model Layer TCP/IP Suite Port and Protocol Relationship Conceptual Use of Ports UDP versus TCP Protocols ? ARP Protocols ? ICMP Network Service ? DNS SSH Security Protocol SSH Protocols ? SNMP Protocols ? SMTP Packet Sniffers Example Packet Sniffers Review Cryptography Overview Introduction Encryption Cryptographic Definitions Encryption Algorithm Implementation Symmetric Encryption Symmetric Downfalls Symmetric Algorithms Crack Times Asymmetric Encryption Public Key Cryptography Advantages Asymmetric Algorithm Disadvantages Asymmetric Algorithm Examples Key Exchange Symmetric versus Asymmetric Using the Algorithm Types Together Instructor Demonstration Hashing Common Hash Algorithms Birthday Attack Example of a Birthday Attack Generic Hash Demo Instructor Demonstration Security Issues in Hashing Hash Collisions MD5 Collision Creates Rogue Certificate Authority Hybrid Encryption Digital Signatures SSL/TLS SSL Connection Setup SSL Hybrid Encryption SSH IPSec - Network Layer Protection IPSec IPSec Public Key Infrastructure Quantum Cryptography Attack Vectors Network Attacks More Attacks (Cryptanalysis) Review Why Vulnerability Assessments? Overview What is a Vulnerability Assessment? Vulnerability Assessment Benefits of a Vulnerability Assessment What are Vulnerabilities? Security Vulnerability Life Cycle Compliance and Project Scoping The Project Overview Statement Project Overview Statement Assessing Current Network Concerns Vulnerabilities in Networks More Concerns Network Vulnerability Assessment Methodology Network Vulnerability Assessment Methodology Phase I: Data Collection Phase II: Interviews, Information Reviews, and Hands-On Investigation Phase III: Analysis Analysis cont. Risk Management Why Is Risk Management Difficult? Risk Analysis Objectives Putting Together the Team and Components What Is the Value of an Asset? Examples of Some Vulnerabilities that Are Not Always Obvious Categorizing Risks Some Examples of Types of Losses Different Approaches to Analysis Who Uses What? Qualitative Analysis Steps Quantitative Analysis ALE Values Uses ALE Example ARO Values and Their Meaning ALE Calculation Can a Purely Quantitative Analysis Be Accomplished? Comparing Cost and Benefit Countermeasure Criteria Calculating Cost/Benefit Cost of a Countermeasure Can You Get Rid of All Risk? Management?s Response to Identified Risks Liability of Actions Policy Review (Top-Down) Methodology Definitions Policy Types Policies with Different Goals Industry Best Practice Standards Components that Support the Security Policy Policy Contents When Critiquing a Policy Technical (Bottom-Up) Methodology Review Vulnerability Tools of the Trade Vulnerability Scanners Nessus SAINT ? Sample Report Tool: Retina Qualys Guard http://www.qualys.com/products/overview/ Tool: LANguard Microsoft Baseline Analyzer MBSA Scan Report Dealing with Assessment Results Patch Management Options Review Output Analysis and Reports Overview Staying Abreast: Security Alerts Vulnerability Research Sites Nessus SAINT SAINT Reports GFI Languard GFI Reports MBSA MBSA Reports Review Reconnaissance, Enumeration & Scanning Reconnaissance Overview Step One in the Hacking ?Life-Cycle? What Information is Gathered by the Hacker? Passive vs. Active Reconnaissance Footprinting Defined Social Access Social Engineering Techniques Social Networking Sites People Search Engines Internet Archive: The WayBack Machine Footprinting Tools Overview Maltego GUI Johnny.Ihackstuff.com Google (cont.) Domain Name Registration WHOIS Output DNS Databases Using Nslookup Traceroute Operation Web Server Info Tool: Netcraft Introduction to Port Scanning Which Services use Which Ports? Port Scan Tips Port Scans Shou

In this series we invite globally respected studios to walk us through the processes and methods they employ when working with clients.

Duration 2 Days 12 CPD hours This course is intended for This course is recommended for technical professionals who need to install, configure, and manage multiple security domains within their network security environment. Overview Discuss challenges associated with securing large-scale business organizations with distributed network environments. Describe the Check Point Multi-Domain Security Management solution and its benefits. Understand the components of MDSM and how they work together to help administrators manage multiple network security environments within a single management framework. Understand how to install and configure the Multi-Domain Security Management environment. Describe how to implement Management High Availability within the MDSM environment. Discuss the two types of log server options used to store logs in the Multi-Domain Security Management environment, and how they differ. Understand how to manage and view Multi-Domain activity logs in SmartConsole. Understand how to configure and implement Global Policy to manage rules for multiple domains. Identify various MDSM command line tools commonly used to retrieve information and perform configuration changes on a MDSM Server. Describe troubleshooting tools to use for addressing MDSM Server issues. Understand how VSX works and how to integrate the technology within the MDSM environment. This course provides a comprehensive understanding of the Check Point Multi-Domain Security Management solution and describes how to deploy it within the corporate network environment. Course Outline Multi-Domain Security Management MDSM Installation and Configuration MDSM Log Management Global Policy Management MDSM Troubleshooting Incorporating VSX