2186 Spa courses in Cardiff delivered Live Online

Supporting Microsoft IIS training course description This course provides students with the fundamental knowledge and skills to configure and manage Internet Information Services. This course is intended to help provide pre-requisite skills supporting a broad range of Internet web applications, security, and knowledge to help support other products that use IIS such as Exchange and SharePoint. What will you learn Install IIS. Configure IIS. Secure websites. Maintain IIS. Supporting Microsoft IIS training course details Who will benefit: Technical staff working with Microsoft IIS. Prerequisites: TCP/IP foundation for engineerss Supporting Windows ( XP or 2000 or 2003) Duration 5 days Supporting Microsoft IIS course contents Overview and Installing IIS Web Server infrastructure, installing IIS. Hands on Default install of IIS, verify and test.. Configuring the default website Default website, IIS Manager, default IIS file structure, configuring DNS records for a website, creating virtual directories and Applications. Hands on Configuring the Default website for public access. Creating Virtual Directories and Applications. Application Pools Application Pool Architecture, Application Pool recycling. Hands on Creating and managing Application Pools. Creating additional websites Multiple websites on a single server, website bindings. Hands on Creating new websites. Website and Web application support Configuring Common features, adding support for web applications. Hands on Adding support for web applications. Securing Websites and applications Access control, sites, applications, authentication and permissions. URL authorization rules. Hands on Configuring Authentication and permissions. Securing Data Transmissions with SSL Certificates and SSL, creating certificates for a web server, adding a certificate to a website. Hands on Certificates and HTTPS. Using the Central Certificate Store The Central Certificate Store. Hands on Install and configure the Central Certificate Store. Configuring Remote Administration Installing and Configuring the Management Service. Connecting to remote web servers and websites. Delegating Management Access. Hands on Remote administration. Implementing FTP Implementing FTP, configuring an FTP site. Hands on Install and configure a secured FTP site. Monitoring IIS IMonitoring IIS logs with Log Parser. Hands on Analyze a set of IIS log files for possible issues using Log Parser. Analyze performance data for performance related problems using PerfMon. Backing up and Restoring IIS The IIS environment. Hands on Performing a backup and restore of a website. Building Load-Balanced Web Farms Load-balancing mechanisms, building a Load-Balanced Web Farm using ARR, sharing content to a Web Farm using a network share, Sharing content to a Web Farm using DFS-R, Sharing IIS Configurations in a Web Farm. Hands on Installing and configuring ARR, sharing content to a Web Farm using network share and DFS-R, sharing IIS Configurations in a Web Farm.

Complete C# programming training course description This training course teaches developers the programming skills that are required for developers to create Windows applications using the C# language. Students review the basics of C# program structure, language syntax, and implementation details, and then consolidate their knowledge throughout the week as they build an application that incorporates several features of the .NET Framework. What will you learn Use the syntax and features of C#. Create and call methods, catch and handle exceptions, and describe the monitoring requirements of large-scale applications. Implement a typical desktop application. Create class, define and implement interfaces, and create and generic collections. Read and write data to/from files. Build a GUI using XAML. Complete C# programming training course details Who will benefit: Programmers wishing to learn C#. Prerequisites: Developers attending this course should already have gained some limited experience using C# to complete basic programming tasks. Duration 5 days Complete C# programming training course contents Review of C# Syntax Overview of Writing Applications using C#, Datatypes, Operators, and Expressions. C# Programming Language Constructs. Hands on Developing the Class Enrolment Application. Methods, exceptions and monitoring apps Creating and Invoking Methods. Creating Overloaded Methods and Using Optional and Output Parameters. Handling Exceptions. Monitoring Applications. Hands on Extending the Class Enrolment Application Functionality. Developing a graphical application Implementing Structs and Enums. Organizing Data into Collections. Handling Events. Hands on Writing the Grades Prototype Application. Classes and Type-safe collections Creating Classes. Defining and Implementing Interfaces. Implementing Type-safe Collections. Hands on Adding Data Validation and Type-safety to the Grades Application. Class hierarchy using Inheritance Class hierarchies. Extending .NET framework classes. Creating generic types. Hands on Refactoring common functionality into the User Class. Reading and writing local data Reading and Writing Files. Serializing and Deserializing Data. Performing I/O Using Streams. Hands on Generating the Grades Report. Accessing a Database Creating and using entity data models. Querying and updating data by using LINQ. Hands on Retrieving and modifying grade data. Accessing remote data Accessing data across the web and in the cloud. Hands on Modifying grade data in the Cloud. Designing the UI for a graphical applicatione Using XAML to design a User Interface. Binding controls to data. Styling a UI. Hands on Customizing Student Photographs and Styling the Application. Improving performance and responsiveness Implementing Multitasking by using tasks and Lambda Expressions. Performing operations asynchronously. Synchronizing concurrent data access. Hands on Improving the responsiveness and performance of the application. Integrating with unmanaged code Creating and using dynamic objects. Managing the Lifetime of objects and controlling unmanaged resources. Hands on Upgrading the grades report. Creating reusable types and assemblies Examining Object Metadata. Creating and Using Custom Attributes. Generating Managed Code. Versioning, Signing and Deploying Assemblies. Hands on Specifying the Data to Include in the Grades Report. Encrypting and Decrypting Data Implementing Symmetric Encryption. Implementing Asymmetric Encryption. Hands on Encrypting and Decrypting Grades Reports.

Network DevOps course description This course is not a soft skills course covering the concepts of DevOps but instead concentrates on the technical side of tools and languages for network DevOps. Particular technologies focussed on are ansible, git and Python enabling delegates to leave the course ready to starting automating their network. Hands on sessions follow all major sections. More detailed courses on individual aspects of this course are available. What will you learn Evaluate network automation tools. Automate tasks with ansible. Use git for version control. Use Python to manage network devices. Use Python libraries for network devices. Network DevOps course details Who will benefit: Administrators automating tasks. Prerequisites: TCP/IP Foundation Duration 5 days Network DevOps course contents What is DevOps Programming and automating networks, networks and clouds, AWS, OpenStack, SDN, DevOps for network operations. Initial configuration Configuring SSH, ZTP, POAP. Hands on Initial lab configuration. Getting started with ansible The language, the engine, the framework. Uses of ansible, orchestration. The architecture, Controlling machines, nodes, Agentless, SSH, modules. Configuration management, inventories, playbooks, modules, roles. Hands on Installing ansible, running ad hoc commands. Ansible playbooks ansible-playbook, YAML, plays, tasks, handlers, modules. Playbook variables. Register module, debug module. Hands on Running playbooks. Ansible Inventories /etc/ansible/hosts, hosts, groups, static inventories, dynamic inventories. Inventory variables, external variables. Limiting hosts. Hands on Static inventories, variables in inventory files. Ansible modules for networking Built in modules, custom modules, return values. Core modules for network operations. Cisco and/or Juniper modules. ansible_connection. Ansible 2.6 CLI. Hands on Using modules. Ansible templating and roles aConfiguration management, full configurations, partial configurations. The template module, the assemble module, connection: local, Jinja2 templates, variables, if, for, roles. Hands on Generating multiple configurations from a template. Network programming and modules Why use Python? Why use ansible? alternatives, ansible tower, Linux network devices. Programming with Python Python programming Functions. Classes, objects and instances, modules, libraries, packages. Python strings, Python file handling, pip list, pip instal. Hands on Python programming with pyping. More Python programming Functions. Classes, objects and instances, modules, libraries, packages. Python strings, Python file handling, pip list, pip install. Hands on Python programming with pyping. Git Distributed version control, repositories, Git and GitHub, Alternatives to GitHub, Installing git, git workflows, creating repositories, adding and editing files, branching and merging, merge conflicts. Hands on working with Git. Python and networking APIs, Sockets, Telnetlib, pysnmp, ncclient, ciscoconfparse. Paramiko SSH and Netmiko Integrating Python and network devices using SSH. Netmiko, Netmiko methods. Hands on Netmiko. NAPALM What is NAPALM, NAPALM operations, getters, Replace, merge, compare, commit, discard. Hands on Configuration with NAPALM. Integrating ansible and NAPALM. Python and REST REST APIs, enabling the REST API. Accessing the REST API with a browser, cURL, Python and REST, the request library. Hands on Using a REST API with network devices.

Network automation course description This course is not a soft skills course covering the concepts of DevOps but instead concentrates on the technical side of tools and languages for network DevOps. Particular technologies focussed on are ansible, git and Python enabling delegates to leave the course ready to starting automating their network. Hands on sessions follow all major sections. More detailed courses on individual aspects of this course are available. What will you learn Evaluate network automation tools. Automate tasks with ansible. Use git for version control. Use Python to manage network devices. Use Python libraries for network devices. Network automation course details Who will benefit: Network engineers. Prerequisites: TCP/IP foundation for engineers. Duration 5 days Network automation course contents What is DevOps Programming and automating networks, networks and clouds, AWS, OpenStack, SDN, DevOps for network operations. Initial configuration Configuring SSH, ZTP, POAP. Hands on Initial lab configuration. Getting started with ansible The language, the engine, the framework. Uses of ansible, orchestration. The architecture, Controlling machines, nodes, Agentless, SSH, modules. Configuration management, inventories, playbooks, modules, roles. Hands on Installing ansible, running ad hoc commands. Ansible playbooks ansible-playbook, YAML, plays, tasks, handlers, modules. Playbook variables. Register module, debug module. Hands on Running playbooks. Ansible Inventories /etc/ansible/hosts, hosts, groups, static inventories, dynamic inventories. Inventory variables, external variables. Limiting hosts. Hands on Static inventories, variables in inventory files. Ansible modules for networking Built in modules, custom modules, return values. Core modules for network operations. Cisco and/ or Juniper modules. ansible_connection. Ansible 2.6 CLI. Hands on Using modules. Ansible templating and roles Configuration management, full configurations, partial configurations. The template module, the assemble module, connection: local, Jinja2 templates, variables, if, for, roles. Hands on Generating multiple configurations from a template. Network programming and modules Why use Python? Why use ansible? alternatives, ansible tower, Linux network devices. Programming with Python Scripting versus application development, Python interactive mode, Python scripts, Python 2.7 vs Python 3. A simple Python script. Variables, loops, control statements, operators. PEP style guide. Python IDEs. Hands on Simple Python programs. More Python programming Functions. Classes, objects and instances, modules, libraries, packages. Python strings, Python file handling, pip list, pip install, Hands on Python programming with pyping. Git Distributed version control, repositories, Git and GitHub, Alternatives to GitHub, Installing git, git workflows, creating repositories, adding and editing files, branching and merging, merge conflicts. Hands on working with Git. Python and networking APIs, Sockets, Telnetlib, pysnmp, ncclient, ciscoconfparse. Paramiko SSH and Netmiko Integrating Python and network devices using SSH. Netmiko, Netmiko methods. Hands on Netmiko. PyEZ Juniper, NETCONF, installing PyEZ, a first pyEZ script, pyEZ configuration management. Hands on Juniper configuration management with pyEZ. NAPALM What is NAPALM, NAPALM operations, getters, Replace, merge, compare, commit, discard. Hands on Configuration with NAPALM. Integrating ansible and NAPALM. Python and REST REST APIs, enabling the REST API. Accessing the REST API with a browser, cURL, Python and REST, the request library. Hands on Using a REST API with network devices.

Advanced Python training course description This course caters to network engineers aiming to enhance both their Python proficiency and network automation skills. Delving deeper into key areas such as netmiko, Nornir, and ncclient, we also focus on automating network testing and validation. Participants gain greater confidence working with Python functions, classes, objects, and error handling. The course additionally introduces more libraries like Scrapli, TTP, pyATS, Genie, pybatfish, and Suzieq, which cover parsing strategies, automation testing, validation, network analysis, observability, and telemetry. The curriculum also encompasses concurrency techniques. What will you learn Write Python modules and functions. Evaluate techniques to parse unstructured data. Use NETCONF filters. Handle Python errors effectively (try, assert…). Use postman. Automate testing and validation of the network. Use scrapli, Genie, batfish and Suzieq. Advanced Python training course details Who will benefit: Network engineers. Prerequisites: Python for network engineers Duration 5 days Advanced Python training course contents Review CLI, NETCONF, RESTCONF, structured versus unstructured data, gNMI and when to use which. PEP 8. Naming conventions. Packages, modules, Classes and methods. The scrapli library. Netmiko versus scrapli. Hands on: scrapli, Dictionaries versus Regular Expressions. Modules and Functions Writing your own modules, containers versus packages, virtual environments. Best practices, calling functions, writing your own functions. Parameters, arguments. Named arguments, dictionaries as arguments. Builtins. Docstrings. Main. __name__, __main__ . Program arguments. Hands on: Getting interfaces, showing interface status using Netmiko and functions. Using dictionaries as arguments. Writing your own modules. Parsing strategies Turning unstructured data into structured data. textfsm, PyATS Genie parser, NAPALM getters, Template Text Parser. Hands on: Genie parser, TTP. Accessing structured data with lists and dictionaries. Classes, objects and Python Python classes in Genie, PyEZ and others . Hands on: studying network automation classes, objects, methods and attributes. Configuration management - more nornir, ncclient, requests Nornir tasks. Nornir results, Nornir functions, Nornir plugins. Nornir processors. YANG, YANG models, pyang. NETCONF hello. Capabilities. Schemas. Filters. Subtrees. XPATH. Exploring available YANG data models. NETCONF and network wide transactions. Asserting NETCONF capabilities. Configuration types. Locking configurations, commits. NETCONF data stores. Netconf-console. RESTCONF differences from NETCONF. URI construction. Postman. More XML and JSON. Git and configuration versions. Hands on: Nornir and Jinja2. Exploring available models, NETCONF filters. Using postman. Python error handling and debugging Context handlers, try, assert, logging, pdb, pytest, unit testing, chatgpt. Hands on: Writing code with each of the error handling methods, investigating what happens on an error. Use chatgpt to debug your code. Python Automation Testing Testing and validation. pyATS, Genie. Testbed file. Genie parse, genie learn, genie diff. Genie conf, Genie ops, Genie SDK, Genie harness. Xpresso. Hands on: Using Genie for state comparisons of the network. Network analysis Batfish, pybatfish, configuration analysis, analysing routing, analysing ACLs. Pandas. Pandas dataframe. Filtering and selecting values of interest. Hands on: Use Batfish to analyse network snapshots, find network adjacencies, flow path analysis. Network observability Suzieq, using docker, using as a package. Sqpoller, suzieq-gui, suzieq-cli, sq-rest-server. Namespaces and seeing devices, network state and Asserts. Time based analysis, snapshots and changes. Hands on: Suzieq: Gathering data from the network, analysing data from the network. Network state assertion. Telemetry gRPC, gNMI. CAP, GET, SET. Subscriptions. Model Driven telemetry. Hands on: Analysing telemetry data with Python. Concurrency asyncio, threads, processes. Nornir concurrency. Scrapli and netmiko concurrency. Hands on: Multiple SSH connections to devices at same time. Scarpli asyncio.

Network management technologies course description A comprehensive tour of the available network management technologies available for todays networks. The course starts with basic tools such as syslog along with Python network automation. SNMP is then covered with the *flow technologies and streaming telemetry. Configuration management with ansible, Python, NETCONF and RESTCONF is then studied. The final part of the course looks at SDN. Hands on sessions are used throughout to reinforce the theory rather than teach specific manufacturer equipment. Note that sections are available as individual courses. What will you learn Evaluate network management technologies. Evaluate network management technologies. Recognise the weaknesses of SNMP versus NETCONF and streaming telemetry. Explain the role of NETCONF and RESTCONF. Compare & contrast *flow and streaming telemetry. Explain the role of SDN in network management. Automate network configuration with ansible and Python. Network management technologies course details Who will benefit: Those wishing to manage networks. (Previous Python experience is NOT needed) Prerequisites: Intro to data comms Duration 5 days Network management technologies course content Basic network management Network management What is network management? Benefits, issues. FCAPS model. Fault management, Configuration management, accounting, performance, security. What to manage, what not to manage. Managing network devices, managing servers. Monitoring networks Traditional network tools Ping..., SSH, syslog, TFTP for configurations. nmap. Wireshark. CLI. Web based management. Splunk. Nessus, snort, Kali. Hands on syslog, network inventories. Network automation using the CLI Programming and automating networks, netOps. Python, Git. Python network modules, SSH, paramiko, netmiko. EVE-NG. Hands onPython network modules. Structured versus unstructured data Problems with automation and unstructured data. XML, JSON, YAML. The role of YANG. Hands on Parsing data. SNMP SNMP architecture, SNMP MIBs, SMI, the SNMP protocol, polling security. Configuring SNMP. SNMPv1, v2, v3, SNMP security. Which version should you use? MIBs and MIB structure. mib-2, extra parts of mib-2, Private enterprise MIBs. Summary: What SNMP is good/bad at. Hands on Configuring agents and a NMS. MIB browsing. Server management Microsoft, Linux, application polling. WMI vs SNMP. Hands on: Application polling. Performance management *flow Polling, push vs pull, netflow, sflow, IPFIX, *flow. Flows. Where to monitor traffic. Comparing *flow with SNMP. Architecture: Generators and collectors. When flows are exported. NetFlow reporting products. SolarWinds. Hands on Netflow configuration. Collectors. Streaming telemetry Model driven telemetry, periodic/on change. Structured data. Telemetry protocol stack. gRPC and gNMI. Protobuf. gNMI operations. Telemetry architecture. Telegraf, databases, Grafana. Hands on Telemetry example. Configuration management Configuration management tools Chef, puppet, ansible, saltstack. Ansible architecture, controlling machines, nodes, agentless, SSH, modules. Inventories, playbooks, modules, network modules, jinja2 templates. Hands on Network configuration with ansible. NETCONF What is NETCONF? Protocol stack, Data stores, traffic flows, validating configurations, rollback. YANG data models and how YANG is used by NETCONF. XML. Explorers and other tools. Hands on anx, Python and NETCONF. RESTCONF The REST API, HTTP, What is RESTCONF? Tools including Postman. Comparison with NETCONF. Hands on Configuration with RESTCONF. Python network automation: configuration SSH issues. Using structured data. Jinja2. ncclient, requests, NAPALM, Nornir. Automated testing. Hands on Python network device configuration with nornir. Software Defined Networks and orchestration Classic SDN What is SDN? benefits. SDN architecture. SDN applications, SDN switches, SDN controllers, Network Operating Systems. Control plane, data plane. Northbound interfaces. SDN components. Southbound interfaces. OpenFlow. ONF, OpenFlow ports, Flow tables. Network virtualization Virtual networks, virtual switches, NfV. Service chaining. NfV and SDN. SDN implementations Classic SDN, Hybrid SDN, SDN via APIs, SDN via overlays. Data centre SDN, VXLAN, Service Provider SDN, SD WAN, Enterprise SDN, WiFi. SDN and open source OpenDaylight, OpenVSwitch, Open Networking Forum, Open Network Operating System. Hands onOpenStack. SD-WAN What is SD-WAN? Architecture: Edge, gateway, orchestrator, controller. Overlay and underlay. Use of MPLS, 4G/5G. Benefits and features. Secure Access Service Edge (SASE).

CWSP training course description A hands-on training course concentrating solely on WiFi security with an emphasis on the delegates learning the necessary knowledge and skills to pass the CWSP exam. The course progresses from simple authentication, encryption and key management onto in depth coverage of 802.X and EAP along with many other security solutions such as access control, intrusion prevention and secure roaming. What will you learn Demonstrate the threats to WiFi networks. Secure WiFi networks. Configure: WPA2 RADIUS 802.1x EAP Pass the CWSP exam. CWSP training course details Who will benefit: Technical network staff. Technical security staff. Prerequisites: Certified Wireless Network Associate. Duration 5 days CWSP training course contents WLAN Security overview Standards, security basics, AAA, 802.11 security history. Hands on WLAN connectivity. Legacy 802.11 security Authentication: Open system, shared key. WEP. VPNs. MAC filters. SSID segmentation, SSID cloaking. Hands on Analysing 802.11 frame exchanges, viewing hidden SSIDs. Encryption Basics, AES, TKIP, CCMP, WPA, WPA2. Hands on Decrypting 802.11 data frames. 802.11 layer 2 authentication 802.1X: Supplicant, Authenticator, Authentication server. Credentials. Legacy authentication. EAP, Weak EAP protocols, Strong EAP protocols: EAP -PEAP, EAP-TTLS, EAP-TLS, EAP-FAST. Hands on Analysing 802.1X/EAP frames. 802.11 layer 2 dynamic key generation Robust Security Network. Hands on Authentication and key management. SOHO 802.11 security WPA/WPA2 personal, Preshared Keys, WiFi Protected Setup (WPS). Hands on PSK mapping. WLAN security infrastructure DS, Autonomous APs, WLAN controllers, split MAC, mesh, bridging, location based access control. Resilience. Wireless network management system. RADIUS/LDAP servers, PKI, RBAC. Hands on 802.1X/EAP configuration. RADIUS configuration. 802.11 Fast secure roaming History, RSNA, OKC, Fast BSS transition, 802.11k. Hands on Roaming. Wireless security risks Rogue devices, rogue prevention. Eavesdropping, DOS attacks. Public access and hotspots. Hands on Backtrack. WiFi security auditing Layer 1 audit, layer 2 audit, pen testing. WLAN security auditing tools. WiFi security monitoring Wireless Intrusion Detection and Prevention Systems. Device classification, WIDS/WIPS analysis. Monitoring. 802.11w. Hands on Laptop spectrum analysers. VPNs, remote access, guest access Role of VPNs in 802.11, remote access, hotspots, captive portal. Wireless security policies General policy, functional policy, recommendations.

About this Training Course One of the main challenges for today's managers is effectively leading and successfully communicating vision that inspires employees to perform. Good leadership engages people and employees who feel both engaged and enabled contribute to higher levels of growth and productivity. They will remain longer with the organisation, perform better and ultimately deliver better service to your customers. This popular 3 full-day course will equip you with key skills that you can utilise to maximise your staff's performance in line with the company's objectives. This interactive course will also empower you with strategic approaches to overcome the people challenges that you may encounter while enabling you to optimise your business strategies successfully. An ILM Recognised programme. Training Objectives What are the benefits that you will gain from attending this course? * Enhance your personal effectiveness and decision-making * Learn how to boost your influencing capability * Inspire enthusiasm, motivation and commitment * Communicate effectively across a multi-cultural team * Nurture your relationships and strengthen your team * Develop an empowering partnership team culture Target Audience Who should attend this course? Anyone involved in leading a business unit or a project team can attend. It covers relationships with host governments, contractors, suppliers and local communities which constitute critical alliances for the development of a project. This course is essential for team leaders, supervisors or managers from the following functions: Project management engineers from various technical disciplines Ad-hoc or special project team leaders in legal, technical & financial disciplines Country managers or business development officers of contractors JV management executives or officers Government officials or industry liaison officers Procurement or contracts executives or officers   Trainer Your course leader is the author of Spirit IntelligenceTM and specialises in executive leadership facilitation and management development. He gained a first class honours degree in chemical engineering from Edinburgh University in Scotland and has undertaken postgraduate studies in psychology at Macquarie University in Sydney, Australia. Your course leader's corporate career spanned 14 years in Oil and Gas with BP, Amoco and AGL. Since 1993, he has worked across five continents with more than 170 clients including Rothschild, QBE, AT&T, Intel, Towers Perrin, Thomas Cook, Fujitsu, Nortel, Frank Russell, Electrolux, Arab Bank, Cable and Wireless, GSK, Merck, Sharpe and Dome, World Vision, Ericsson, IBM, Placer Dome Gold, Jim Beam, Ernst & Young and Commonwealth Bank of Australia. He focuses on what he calls tapping The Hidden Advantage to unleash the power of the whole person - the power of the body and mind, the passion of the emotions and the enthusiasm, motivation, commitment, initiative, creativity, resilience and persistence of the spirit in business. He is very experienced internationally in both skills enhancement and the strategic facilitation of tough and intractable client challenges. His approach is pragmatic. He provides his clients with a powerful range of practical tools and approaches to enable management to tap The Hidden Advantage latent in their staff and achieve optimum performance and results. A powerful and compelling speaker, he combines humour, energy and passion. He draws on a wealth of personal experience and thorough research. POST TRAINING COACHING SUPPORT (OPTIONAL) To further optimise your learning experience from our courses, we also offer individualized 'One to One' coaching support for 2 hours post training. We can help improve your competence in your chosen area of interest, based on your learning needs and available hours. This is a great opportunity to improve your capability and confidence in a particular area of expertise. It will be delivered over a secure video conference call by one of our senior trainers. They will work with you to create a tailor-made coaching program that will help you achieve your goals faster. Request for further information post training support and fees applicable Accreditions And Affliations

Securing Linux systems training course description This course teaches you everything you need to know to build a safe Linux environment. The first section handles cryptography and authentication with certificates, openssl, mod_ssl, DNSSEC and filesystem encryption. Then Host security and hardening is covered with intrusion detection, and also user management and authentication. Filesystem Access control is then covered. Finally network security is covered with network hardening, packet filtering and VPNs. What will you learn Secure Linux accounts. Secure Linux file systems. Secure Linux access through the network. Securing Linux systems training course details Who will benefit: Linux technical staff needing to secure their systems. Prerequisites: Linux system administration (LPIC-1) Duration 5 days Securing Linux systems training course contents Cryptography Certificates and Public Key Infrastructures X.509 certificates, lifecycle, fields and certificate extensions. Trust chains and PKI. openssl. Public and private keys. Certification authority. Manage server and client certificates. Revoke certificates and CAs. Encryption, signing and authentication SSL, TLS, protocol versions. Transport layer security threats, e.g. MITM. Apache HTTPD with mod_ssl for HTTPS service, including SNI and HSTS. HTTPD with mod_ssl to authenticate users using certificates. HTTPD with mod_ssl to provide OCSP stapling. Use OpenSSL for SSL/TLS client and server tests. Encrypted File Systems Block device and file system encryption. dm-crypt with LUKS to encrypt block devices. eCryptfs to encrypt file systems, including home directories and, PAM integration, plain dm-crypt and EncFS. DNS and cryptography DNSSEC and DANE. BIND as an authoritative name server serving DNSSEC secured zones. BIND as an recursive name server that performs DNSSEC validation, KSK, ZSK, Key Tag, Key generation, key storage, key management and key rollover, Maintenance and resigning of zones, Use DANE. TSIG. Host Security Host Hardening BIOS and boot loader (GRUB 2) security. Disable useless software and services, sysctl for security related kernel configuration, particularly ASLR, Exec-Shield and IP / ICMP configuration, Exec-Shield and IP / ICMP configuration, Limit resource usage. Work with chroot environments, Security advantages of virtualization. Host Intrusion Detection The Linux Audit system, chkrootkit, rkhunter, including updates, Linux Malware Detect, Automate host scans using cron, AIDE, including rule management, OpenSCAP. User Management and Authentication NSS and PAM, Enforce password policies. Lock accounts automatically after failed login attempts, SSSD, Configure NSS and PAM for use with SSSD, SSSD authentication against Active Directory, IPA, LDAP, Kerberos and local domains, Kerberos and local domains, Kerberos tickets. FreeIPA Installation and Samba Integration FreeIPA, architecture and components. Install and manage a FreeIPA server and domain, Active Directory replication and Kerberos cross-realm trusts, sudo, autofs, SSH and SELinux integration in FreeIPA. Access Control Discretionary Access Control File ownership and permissions, SUID, SGID. Access control lists, extended attributes and attribute classes. Mandatory Access Control TE, RBAC, MAC, DAC. SELinux, AppArmor and Smack. etwork File Systems NFSv4 security issues and improvements, NFSv4 server and clients, NFSv4 authentication mechanisms (LIPKEY, SPKM, Kerberos), NFSv4 pseudo file system, NFSv4 ACLs. CIFS clients, CIFS Unix Extensions, CIFS security modes (NTLM, Kerberos), mapping and handling of CIFS ACLs and SIDs in a Linux system. Network Security Network Hardening FreeRADIUS, nmap, scan methods. Wireshark, filters and statistics. Rogue router advertisements and DHCP messages. Network Intrusion Detection ntop, Cacti, bandwidth usage monitoring, Snort, rule management, OpenVAS, NASL. Packet Filtering Firewall architectures, DMZ, netfilter, iptables and ip6tables, standard modules, tests and targets. IPv4 and IPv6 packet filtering. Connection tracking, NAT. IP sets and netfilter rules, nftables and nft. ebtables. conntrackd Virtual Private Networks OpenVPN server and clients for both bridged and routed VPN networks. IPsec server and clients for routed VPN networks using IPsec-Tools / racoon. L2TP.

WAN training course description A hands on Introduction to Wide Area Networks for engineers. This course covers all current major WAN technologies from a perspective of design, evaluating technologies available as well as hands on to consolidate the theory What will you learn Describe the seven-layer model and realise how it applies to the real world. Evaluate and describe WAN technologies. Describe the architecture of WANs in the core. Use WANS to interconnect LANS. WAN training course details Who will benefit: Technical staff wishing to find out more about how their WAN works. Prerequisites: Intro to data communications & networking Duration 5 days WAN training course contents Introduction LANs, MANS and WANS, protocols, the OSI seven layer model, ITU-T, ETSI, DTE, DCE, and the overall picture. WAN architectures Service providers, core, access, DTE, DCE, CPE, dialup, circuit switched, packet switched, how to choose a WAN, common bandwidths, site to site, remote access. Topologies: Star, Full mesh, partial mesh. History of WANs Before IP was ubiquitous, The PSTN, Dial up networks, modems, ISDN, Stat mux, TDM, 64k, N*64, E1, X25, Frame Relay The role of IP and routers The growth of IP, the role of routers, routing tables, routing protocols. Hands on: IP and routing. Layer 1 Physical Copper, Fibre, Wireless, Microwave, Phone lines, FTTC, FTTH, mobile networks. Service provider technologies The transport plane, SDH, SONET, DWDM. WAN access Phone lines, leased lines, xDSL, WiMax, satellite, the role of PPP. Broadband adband xDSL, ADSL, SDSL, local loops, DSLAM, DSL architecture. ATM Cell switching principles, ATM switching, Virtual paths, QOS, CBR, VBR, ABR, UBR, AAL1 to AAL5, MPOA, LANE, Voice over ATM. The Internet VPNs, IPSEC, QOS. What is MPLS? Core MPLS, MPLS and the 7 layer model, MPLS protocol, MPLS standard, MPLS runs on routers, MPLS history, Why MPLS? MPLS architecture LSRs, PE and P router roles, FEC, swapping labels, MPLS packet format, Loops, TTL control. Ethernet What is Ethernet? LANs, MANs, WANs, Ethernet and switches in the LAN. Traditional LAN/WAN integration, routers. The Ethernet interface for the WAN. Standards: Transporting carrier Ethernet.