<div id="course-pills-1">Duration<p>5 Days</p><p>30 CPD hours</p>This course is intended for<p>This course is designed for professionals in the following job roles:<br />Network security engineer<br />CCNP Security candidate<br />Channel Partner</p>Overview<p>After taking this course, you should be able to:<br />Introduce site-to-site VPN options available on Cisco router and firewalls<br />Introduce remote access VPN options available on Cisco router and firewalls<br />Review site-to-site and remote access VPN design options<br />Review troubleshooting processes for various VPN options available on Cisco router and firewalls</p><p>The Implementing Secure Solutions with Virtual Private Networks (SVPN) v1.0 course teaches you how to implement, configure, monitor, and support enterprise Virtual Private Network (VPN) solutions. Through a combination of lessons and hands-on experiences you will acquire the knowledge and skills to deploy and troubleshoot traditional Internet Protocol Security (IPsec), Dynamic Multipoint Virtual Private Network (DMVPN), FlexVPN, and remote access VPN to create secure and encrypted data, remote accessibility, and increased privacy.</p></div><div id="course-pills-2"><h4>Course Outline</h4><ul><li>Introducing VPN Technology Fundamentals</li><li>Implementing Site-to-Site VPN Solutions</li><li>Implementing Cisco Internetwork Operating System (Cisco IOSÂ©) Site-to-Site FlexVPN Solutions</li><li>Implement Cisco IOS Group Encrypted Transport (GET) VPN Solutions</li><li>Implementing Cisco AnyConnect VPNs</li><li>Implementing Clientless VPNs</li></ul><h4>Lab Outline</h4><ul><li>Explore IPsec Technologies</li><li>Implement and Verify Cisco IOS Point-to-Point VPN</li><li>Implement and Verify Cisco Adaptive Security Appliance (ASA) Point-to-Point VPN</li><li>Implement and Verify Cisco IOS Virtual Tunnel Interface (VTI) VPN</li><li>Implement and Verify Dynamic Multipoint VPN (DMVPN)</li><li>Troubleshoot DMVPN</li><li>Implement and Verify FlexVPN with Smart Defaults</li><li>Implement and Verify Point-to-Point FlexVPN</li><li>Implement and Verify Hub and Spoke FlexVPN</li><li>Implement and Verify Spoke-to-Spoke FlexVPN</li><li>Troubleshoot Cisco IOS FlexVPN</li><li>Implement and Verify AnyConnect Transport Layer Security (TLS) VPN on ASA</li><li>Implement and Verify Advanced Authentication, Authorization, and Accounting (AAA) on Cisco AnyConnect VPN</li><li>Implement and Verify Clientless VPN on ASA</li></ul></div>

Nexus Human

Cisco Certified Network Associate (CCNA)

Cisco Certified Network Professional certification (CCNP)

IPsec

Cisco Certified Internetwork Expert (CCIE)

Cissp

CompTIA Security+

Cisco Implementing Secure Solutions with Virtual Private Networks v1.0 (SVPN)

<div id="course-pills-1">Duration<p>2 Days</p><p>12 CPD hours</p>This course is intended for<p>Security professionals, System engineers, channel partners, service partners, and end users with 1+ years of experience in implementing IT security technologies (Network, Applications, and Systems) and are also SNSAcertified.</p>Overview<p>The students will learn how to monitor, investigate, analyze, and configure SonicWall Next-Gen firewalls running SonicOS to enable advanced functionality related to Secure and Remote Connectivity, Network Optimization, and Threat Prevention.  Upon successful completion of the SNSP program, the students will be able to demonstrate SonicWall product expertise and the application skill sets required to mount a proactive, effective defense against current and evolving network and cyber security threats.</p><p>A key issue affecting an organization?s business productivity and employee efficiency today is its ability to respond to dynamic changes in the cyber threat landscape. Coming up on the heels of the highly successful SNSA program launched earlier this year, SonicWall now presents the SonicWall Network Security Professional (SNSP) course, an expert-level training and certification program that builds on the enterprise security skills learned in the SNSA course. Previously known as the Network Security Advance Administration (NSAA) course, the revamped SNSP curriculum expands on the topics covered in SNSA and features advanced SonicWall firewall configuration and administration tasks aimed at helping enterprises adapt to dynamic security environments. Relevant changes to the curriculum include an enhanced and deeper scope of SonicOS 6.5.x features and functionality, as well as changes in the learning and delivery methodologies to better balance the professional needs of the students and the business requirements for network and cyber security.</p></div><div id="course-pills-2"><h4>Course Outline </h4><ul><li>Course Introduction and Overview</li><li>Configuring VPN Auto Provisioning</li><li>Configuring Advanced Routing</li><li>Configuring Advanced Interface Settings</li><li>Using SonicOS CLI</li><li>Configuring Capture Client</li><li>Capturing and Replaying Packets</li><li>Configuring DPI-SSL/TLS Server</li><li>Configuring DPI-SSH</li><li>Configuring App Rules</li><li>Configuring App Control</li><li>Configuring Advanced High Availability</li><li>Excluding Trusted Content</li><li>Resolving and Reporting False Positives</li><li>Configuring Content Filtering</li><li>Implementing Best Practices</li></ul></div>

Certified School Nurse (CSN)

Service Design Courses (SDC)

Network & Security

Certified Cloud Security Professional (CCSP)

Professional Skills Course (PSC)

SonicWall Network Security Professional Course - SNSP - NA

<div id="course-pills-1">Duration<p>3 Days</p><p>18 CPD hours</p>This course is intended for<p>This course is designed for the following roles:<br />Network engineers<br />Network security engineers<br />Network architects<br />Sales/presales engineers</p>Overview<p>After completing the course, you should be able to:<br />Describe Cisco SD-WAN security functions and deployment options<br />Understand how to deploy on-premises threat prevention<br />Describe content filtering options<br />Implement secure Direct Internet Access (DIA)<br />Explain and implement service chaining<br />Explore Secure Access Service Edge (SASE) and identify use cases<br />Describe Umbrella Secure Internet Gateway (SIG) and deployment options<br />Implement Cisco Umbrella SIG and DNS policies<br />Explore and implement Cloud Access Security Broker (CASB) and identify use cases (including Microsoft 365)<br />Discover how to use Cisco ThousandEyes to monitor cloud services<br />Configure Cisco ThousandEyes to monitor Microsoft 365 applications<br />Examine how to protect and optimize access to the software as a service (SaaS) application with Cisco SD-WAN Cloud OnRamp<br />Discover and deploy Cloud OnRamp for multi-cloud, including interconnect and collocation use cases<br />Examine Cisco SD-WAN monitoring capabilities and features with vManage and vAnalytics.</p><p>The Implementing Cisco SD-WAN Security and Cloud Solutions (SDWSCS) v1.1 course is an advanced training course focused on Cisco SD-WAN security and cloud services. Through a series of labs and lectures you will learn about on-box security services, including application aware enterprise firewall, intrusion prevention, URL filtering, malware protection, and TLS or SSL decryption. You will also learn about cloud integration with multiple cloud services providers and multiple use-cases. Additionally, the lab will allow you to configure and deploy local security services and cloud security services with the Cisco Umbrella Secure Internet Gateway (SIG), as well as integrate the Cisco SD-WAN fabric with a cloud service provider using the Cisco vManage automated workflows.</p></div><div id="course-pills-2"><h4>Course Outline </h4><ul><li>Introducing Cisco SD-WAN Security</li><li>Deploying On-Premises Threat Prevention</li><li>Examining Content Filtering</li><li>Exploring Cisco SD-WAN Dedicated Security Options</li><li>Examining Cisco SASE</li><li>Exploring Cisco Umbrella SIG</li><li>Securing Cloud Applications with Cisco Umbrella SIG</li><li>Exploring Cisco SD-Wan ThousandEyes</li><li>Optimizing SaaS Applications</li><li>Connecting Cisco SD-WAN to Public Cloud</li><li>Examining Cloud Interconnect Solutions</li><li>Exploring Cisco Cloud OnRamp for Colocation</li><li>Monitoring Cisco SD-WAN Cloud and Security Solutions</li></ul></div>

Certified in Cybersecurity (CC)

Certificate in Information Security Management Principles (CISMP)

Cyber Security

Cisco SD-WAN Security and Cloud Onboarding v1.1 (SDWSCS)

<div id="course-pills-1">Duration<p>3 Days</p><p>18 CPD hours</p>This course is intended for<p>The primary audience for this course is as follows:<br />Network Video Engineer<br />Voice/UC/Collaboration/Communications Engineer<br />Collaboration Tools Engineer<br />Collaboration Sales/Systems Engineer</p><p>In this 3 Day Cisco Course, students will learn how to deploy Voice Gateways/CUBE and setup Cisco Unified Communication Manager (CUCM) to deploy SIP Trunking. The course starts out with an overview of Cisco gateways and their uses. Next, students learn about MGCP and SIP and how to implement each protocol. Students will then learn how to use Cisco CUBE to connect CUCM, Gateways and Service Providers together. This course details how to connect a Cisco environment to a Service Provider using a Cisco CUBE.</p></div><div id="course-pills-2"><h4>Introduction to Voice Gateways</h4><ul><li>Cisco UC Networks and the Role of Gateways<br />Gateway Call Routing and Call Legs<br />Configuring Gateway Voice Ports<br />DSP Functionality, Codecs, and Codec Complexity<br />Router Requirements for CUBE<br />SIP Protocol Overview</li></ul><h4>Gateway Dial Plans</h4><ul><li>VoIP Call Legs<br />Dial Plan Implementation</li></ul><h4>Configuring (CUCM) Cisco Unified Communication Manager 12.5</h4><ul><li>Cisco UCM Audio Codec Preference  List<br />Cisco UCM Region Configuration<br />Device Pool Configuration<br />Annunciator Configuration<br />Conference Bridge Configuration<br />Media Termination Point Configuration<br />Music on Hold Server Configuration<br />Music on Hold Service (IP Voice Media Streaming App) Parameter Settings<br />Music on Hold Service (Duplex Streaming) Parameter Settings<br />Media Resource Group Configuration<br />Media Resource Group List Configuration<br />UC Service Configuration<br />Service Profile Configuration<br />End User Configuration<br />SIP Trunk Security Profile Configuration used by SIP trunk to Cisco UBE<br />SIP Profile Configuration used by SIP trunk to Cisco UBE<br />SIP Trunk to Cisco UBE Configuration<br />Route Pattern Configuration</li></ul><h4>Configuring Cisco Unified Border Element (CUBE)</h4><ul><li>Deploying Cisco VCUBE<br />CUCM to CUBE Integration Configuration<br />Steps to connecting to a SIP Trunk Provider<br />Interworking<br />Security and Call Admission Control<br />Media Manipulation, Enhancement &amp; Optimization<br />SIP UA<br />Translation Rules<br />VoIP Dial Peer<br />SIP Registration<br />SIP attributes of CUBE<br />Transcoding services<br />Creating and configuring Sip Trunks<br />CUBE Configuration<br />CUBE Call Flow<br />CUBE Dial-Peers Call Routing<br />CUBE Advanced Call Routing<br />Media Manipulation<br />External/PSTN Call Recording<br />Call Admission Control<br />Multiple Non-Authenticated SIP Trunks on a CUBE<br />Multiple Authenticated/Registered SIP Trunks on a CUBE</li></ul><h4>Configuring High Availability</h4><ul><li>High availability on ISR G2<br />High availability on ISR 4k<br />High availability on ASR</li></ul><h4>Cisco Unified Border Element (CUBE) Security</h4><ul><li>Five Layers of Security in CUBE<br />SIP TLS Support with SRTP</li></ul><h4>Monitoring and Troubleshooting Cisco CUBE</h4><ul><li>Dialed Number Analyzer (DNA) for CUBE<br />SIP Profile Test Tool<br />Troubleshooting<br />Serviceability</li></ul></div>

Cabin Crew Initial Training & Attestation (CCA)

Cisco Certified Entry Networking Technician (CCENT)

Cisco

ICCC-CT-Installing and Configuring Cisco Cube/Gateways

<div id="course-pills-1">Duration<p>3 Days</p><p>18 CPD hours</p>This course is intended for<p>This course is designed for the following roles:<br />Network engineers<br />Network security engineers<br />Network architects<br />Sales/presales engineers</p>Overview<p>After taking this course, you should be able to:<br />Describe Cisco SD-WAN security functions and deployment options<br />Understand how to deploy on-premises threat prevention<br />Describe content filtering options<br />Implement secure Direct Internet Access (DIA)<br />Explain and implement service chaining<br />Explore Secure Access Service Edge (SASE) and identify use cases<br />Describe Cisco Umbrella Secure Internet Gateway (SIG) and deployment options<br />Implement Cisco Umbrella SIG and Domain Name System (DNS) policies<br />Explore and implement Cloud Access Security Broker (CASB) and identify use cases (including Microsoft 365)<br />Describe how to use Cisco ThousandEyes to monitor cloud services<br />Configure Cisco ThousandEyes to monitor Microsoft 365 applications<br />Examine how to protect and optimize access to the Software as a Service (SaaS) application with Cisco SD-WAN Cloud OnRamp<br />Describe and deploy Cloud OnRamp for multi-cloud, including interconnect and colocation use cases<br />Examine Cisco SD-WAN monitoring capabilities and features with vManage and vAnalytics</p><p>The Implementing Cisco SD-WAN Security and Cloud Solutions (SDWSCS) v1.0 course is an advanced  training course focused on Cisco SD-WAN security and cloud services. Through a series of labs and lectures you will learn about on-box security services, including application-aware enterprise firewall, intrusion prevention, URL filtering, malware protection, and Transport Layer Security (TLS) or Secure Socket Layer (SSL) decryption. You will also learn about cloud integration with multiple cloud service providers across multiple use cases.<br />Additionally, the course labs will allow you to configure and deploy local security services and cloud security services with the Cisco Umbrella Secure Internet Gateway (SIG), as well as integrate the Cisco SD-WAN fabric with a cloud service provider using the Cisco vManage automated workflows.<br />The course lab environment is built using Cisco Catalyst 8000v IOS XE routers and Cisco SD-WAN 20.7 code, and it includes the integration of Cisco FirePOWER Threat Defense for network security and Cisco ThousandEyes for network monitoring.<br />The course will allow you to earn 24 Continuing Education (CE) credits toward recertification.</p></div><div id="course-pills-2"><h4>Course Outline </h4><ul><li>Introducing Cisco SD-WAN Security</li><li>Deploying On-Premises Threat Prevention</li><li>Examining Content Filtering</li><li>Exploring Cisco SD-WAN Dedicated Security Options</li><li>Examining Cisco SASE</li><li>Exploring Cisco Umbrella SIG</li><li>Securing Cloud Applications with Cisco Umbrella SIG</li><li>Exploring Cisco SD-Wan ThousandEyes</li><li>Optimizing SaaS Applications</li><li>Connecting Cisco SD-WAN to Public Cloud</li><li>Examining Cloud Interconnect Solutions</li><li>Exploring Cisco Cloud OnRamp for Colocation</li><li>Monitoring Cisco SD-WAN Cloud and Security Solutions</li></ul></div><div id="course-pills-3"><h4>Additional course details:</h4><br /><p>Nexus Humans Cisco SD-WAN Security and Cloud Onboarding v1.0 (SDWSCS) training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. </p><p></p> This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. <p></p>Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success.  <p></p>While we feel this is the best course for the Cisco SD-WAN Security and Cloud Onboarding v1.0 (SDWSCS) course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you.  <p></p>Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.<p></p></div>

Cisco SD-WAN Security and Cloud Onboarding v1.0 (SDWSCS)

<div id="course-pills-1">Duration<p>2 Days</p><p>12 CPD hours</p>This course is intended for<p>Security architects<br />System designers<br />Network administrators<br />Operations engineers<br />Network managers, network or security technicians, and security engineers and managers responsible for web security<br />Cisco integrators and partners</p>Overview<p>After taking this course, you should be able to:<br />Describe Cisco WSA<br />Deploy proxy services<br />Utilize authentication<br />Describe decryption policies to control HTTPS traffic<br />Understand differentiated traffic access policies and identification profiles<br />Enforce acceptable use control settings<br />Defend against malware<br />Describe data security and data loss prevention<br />Perform administration and troubleshooting</p><p>This course shows you how to implement, use, and maintain CiscoÂ© Web Security Appliance (WSA), powered by Cisco Talos, to provide advanced protection for business email and control against web security threats. Through a combination of expert instruction and hands-on practice, you?ll learn how to deploy proxy services, use authentication, implement policies to control HTTPS traffic and access, implement use control settings and policies, use the solution?s anti-malware features, implement data security and data loss prevention, perform administration of Cisco WSA solution, and more.This course helps you prepare to take the exam, Securing the Web with Cisco Web Security Appliance (300-725 SWSA).</p></div><div id="course-pills-2"><h4>Describing Cisco WSA</h4><ul><li>Technology Use Case</li><li>Cisco WSA Solution</li><li>Cisco WSA Features</li><li>Cisco WSA Architecture</li><li>Proxy Service</li><li>Integrated Layer 4 Traffic Monitor</li><li>Data Loss Prevention</li><li>Cisco Cognitive Intelligence</li><li>Management Tools</li><li>Cisco Advanced Web Security Reporting (AWSR) and Third-Party Integration</li><li>Cisco Content Security Management Appliance (SMA)</li></ul><h4>Deploying Proxy Services</h4><ul><li>Explicit Forward Mode vs. Transparent Mode</li><li>Transparent Mode Traffic Redirection</li><li>Web Cache Control Protocol</li><li>Web Cache Communication Protocol (WCCP) Upstream and Downstream Flow</li><li>Proxy Bypass</li><li>Proxy Caching</li><li>Proxy Auto-Config (PAC) Files</li><li>FTP Proxy</li><li>Socket Secure (SOCKS) Proxy</li><li>Proxy Access Log and HTTP Headers</li><li>Customizing Error Notifications with End User Notification (EUN) Pages</li></ul><h4>Utilizing Authentication</h4><ul><li>Authentication Protocols</li><li>Authentication Realms</li><li>Tracking User Credentials</li><li>Explicit (Forward) and Transparent Proxy Mode</li><li>Bypassing Authentication with Problematic Agents</li><li>Reporting and Authentication</li><li>Re-Authentication</li><li>FTP Proxy Authentication</li><li>Troubleshooting Joining Domains and Test Authentication</li><li>Integration with Cisco Identity Services Engine (ISE)</li></ul><h4>Creating Decryption Policies to Control HTTPS Traffic</h4><ul><li>Transport Layer Security (TLS)/Secure Sockets Layer (SSL) Inspection Overview</li><li>Certificate Overview</li><li>Overview of HTTPS Decryption Policies</li><li>Activating HTTPS Proxy Function</li><li>Access Control List (ACL) Tags for HTTPS Inspection</li><li>Access Log Examples</li></ul><h4>Understanding Differentiated Traffic Access Policies and Identification Profiles</h4><ul><li>Overview of Access Policies</li><li>Access Policy Groups</li><li>Overview of Identification Profiles</li><li>Identification Profiles and Authentication</li><li>Access Policy and Identification Profiles Processing Order</li><li>Other Policy Types</li><li>Access Log Examples</li><li>ACL Decision Tags and Policy Groups</li><li>Enforcing Time-Based and Traffic Volume Acceptable Use Policies, and End User Notifications</li></ul><h4>Defending Against Malware</h4><ul><li>Web Reputation Filters</li><li>Anti-Malware Scanning</li><li>Scanning Outbound Traffic</li><li>Anti-Malware and Reputation in Policies</li><li>File Reputation Filtering and File Analysis</li><li>Cisco Advanced Malware Protection</li><li>File Reputation and Analysis Features</li><li>Integration with Cisco Cognitive Intelligence</li></ul><h4>Enforcing Acceptable Use Control Settings</h4><ul><li>Controlling Web Usage</li><li>URL Filtering</li><li>URL Category Solutions</li><li>Dynamic Content Analysis Engine</li><li>Web Application Visibility and Control</li><li>Enforcing Media Bandwidth Limits</li><li>Software as a Service (SaaS) Access Control</li><li>Filtering Adult Content</li></ul><h4>Data Security and Data Loss Prevention</h4><ul><li>Data Security</li><li>Cisco Data Security Solution</li><li>Data Security Policy Definitions</li><li>Data Security Logs</li></ul><h4>Performing Administration and Troubleshooting</h4><ul><li>Monitor the Cisco Web Security Appliance</li><li>Cisco WSA Reports</li><li>Monitoring System Activity Through Logs</li><li>System Administration Tasks</li><li>Troubleshooting</li><li>Command Line Interface</li></ul></div>

IT Security

Security Awareness

AWS Certified Solutions Architect

Information Security Awareness

Cisco Securing the Web with Cisco Web Security Applicance v3.0 (SWSA)

<div id="course-pills-1">Duration<p>3 Days</p><p>18 CPD hours</p>This course is intended for<p>Experienced system administrators or network administrators, Network professionals who have experience working with VMware NSX Advanced Load Balancer and are responsible for designing or deploying Application Delivery Controllers solutions</p>Overview<p>By the end of the course, you should be able to meet the following objectives:<br />Describe the NSX Advanced Load Balancer components and main functions<br />Describe NSX Advanced Load Balancer Global Server Load Balancing architecture<br />Explain NSX Advanced Load Balancer key features and benefits<br />Understand and apply a Global Server Load Balancing design framework<br />Deploy and configure NSX Advanced Load Balancer Global Server Load Balancing infrastructure<br />Explain and Configure Global Server Load Balancing Application components such as Global Server Load Balancing Service, Global Server Load Balancing Pools and Health Monitors with related components<br />Gather relevant information and perform basic troubleshooting of Global Server Load Balancing applications leveraging built-in NSX Advanced Load Balancer tooling<br />Describe and Configure NSX Advanced Load Balancer application and infrastructure monitoring</p><p>This 3-day course prepares you to lead VMware NSX Advanced Load Balancer (Avi Networks) Global Server Load Balancing design and deployment projects by providing an understanding of general design processes, frameworks and configurations. You look at the design and deployment considerations for Global Server Load Balancing as part of an overall software-defined data center design. This course covers key NSX Advanced Load Balancer (Avi Networks) Global Server Load Balancing features and functionalities offered in the NSX Advanced Load Balancer 18.2 release. Access to a software-defined data center environment is provided through hands-on labs to reinforce the skills and concepts presented in the course.</p></div><div id="course-pills-2"><h4>Course Introduction</h4><ul><li>Introductions and course logistics</li><li>Course objectives</li></ul><h4>Introduction to NSX Advanced Load Balancer</h4><ul><li>Introduce NSX Advanced Load Balancer</li><li>Discuss NSX Advanced Load Balancer use cases and benefits</li><li>Explain NSX Advanced Load Balancer architecture and components</li><li>Explain the management, control, data, and consumption planes and functions</li></ul><h4>Virtual Services Configuration Concepts</h4><ul><li>Explain Virtual Service components</li><li>Explain Virtual Service types</li><li>Explain and configure basic virtual services components such as Application Profiles, Network Profiles, Pools and Health Monitors</li></ul><h4>DNS Foundations</h4><ul><li>Review, discuss and explain DNS fundamentals</li><li>Describe NSX Advanced Load Balancer DNS and IPAM providers</li></ul><h4>Global Server Load Balancing</h4><ul><li>Introduce Global Server Load Balancing concepts and benefits</li><li>Explain and configure NSX Advanced Load Balancer infrastructure</li><li>Explain and configure DNS Virtual Service components</li><li>Explain and configure GSLB Service Engine Group</li><li>Describe and configure GSLB Sites</li><li>Explain and configure basic GSLB Services, to include pools and health monitors</li><li>Describe GSLB Service Load Balancing algorithms</li><li>Explain and configure Data and Control Plane-based Health Monitors</li><li>Describe GSLB Health Monitor Proxy</li></ul><h4>Global Server Load Balancing Advanced Topics</h4><ul><li>Explain and configure advanced GSLB service properties such as different type of pool members, Host Header and TLS SNI extensions handling within GSLB Health Monitors</li><li>Describe EDNS Client Subnet</li><li>Describe Geo-aware Global Server Load Balancing</li><li>Design and configure Geo-aware Global Server Load Balancing</li><li>Describe and leverage DNS Policies to customize client experience</li><li>Explain and configure Topology-aware Global Server Load Balancing</li><li>Explain and configure GSLB 3rd party sites</li><li>Describe GSLB Health Monitor sharding</li><li>Describe GSLB Service Engine sizing implications</li></ul><h4>Troubleshooting NSX Advanced Load Balancer GSLB Solution</h4><ul><li>Introduce Infrastructure and Application troubleshooting Concepts</li><li>Describe Control Plane and Data Plane-based troubleshooting</li><li>Describe GSLB Infrastructure troubleshooting</li><li>Describe GSLB Services troubleshooting</li><li>Explain Health Monitors troubleshooting</li><li>Describe Geo-aware and Topology-based GSLB Services troubleshooting</li><li>Explain Application Analytics and Logs</li><li>Describe Client Logs analysis</li><li>Leverage CLI for advanced data plane troubleshooting</li></ul><h4>Monitoring NSX Advanced Load Balancer Solution</h4><ul><li>Describe NSX Advanced Load Balancer Events</li><li>Describe and configure NSX Advanced Load Balancer Alerts</li><li>Describe NSX Advanced Load Balancer monitoring capabilities leveraging SNMP, Syslog and Email</li></ul></div>

VMware Vsphere

VMware NSX Advanced Load Balancer: Global Server Load Balancing Design and Deploy

Packt

WooCommerce

Bash

WordPress

Linux

Programming

MySQL

Master the art of self-hosting WordPress on Linux with our comprehensive video course, designed to empower technical professionals to fully control their web presence.

Hands-on Linux - Self-Hosted WordPress for Linux Beginners

General Admission

<div id="course-pills-1">Duration<p>5 Days</p><p>30 CPD hours</p>This course is intended for<p>Developed for experienced IT Professionals working with Citrix Virtual Apps and Desktops 7.1x. Potential students include administrators, engineers, and architects responsible for the end user workspace, provisioning services environment, and overall health and performance of the solution.</p>Overview<p>How to configure Workspace Environment Management to improve the end user environment and virtual resource consumption<br />Understand Zones in Citrix Virtual Apps and Desktops 7.1x and how to account for user and desktop locations and optimal connection and registration<br />How to build and manage App Layers to minimize image sprawl with Citrix Virtual Apps and Desktops 7.1x<br />Understand and configure HDX channels and protocols for improved performance delivering multimedia and data over network connections</p><p>Get more value out of your Citrix Virtual Apps and Desktops 7.1x investment through the use of Workspace Environment Management, Provisioning Services, Application Layering, and advanced features. Students leave this course with a good understanding of how to manage more complex solutions such as multizone environments spanning multiple locations with configurations around StoreFront, the Delivery Controllers, and HDX. Students will gain the skills to improve logon times, user personalization, and resource performance through Workspace Environment Management. Also, learn to optimize management of your app and desktop images by building and combining App Layers. End the course by learning to install, configure, and manage Provisioning Services in accordance with leading practices.This course includes a voucher to take the related exam (1Y0-311 Citrix XenApp and XenDesktop 7.15 Advanced Administration) and earn your Citrix Certified Professional - Virtualization (CCP-V) certification.</p></div><div id="course-pills-2"><h4>Implementing Redundancy and Scalability</h4><ul><li>StoreFront and Citrix Gateway</li><li>Site Infrastructure</li><li>Machines Running the Virtual Delivery Agent</li></ul><h4>Managing a Virtual Apps and Desktops Environment with Multiple Locations Zones</h4><ul><li>VDA Registration in a Multi-Zone Environment</li><li>Zone Preference</li><li>Optimal Gateway Routing and Zones</li><li>Managing StoreFront Store Subscriptions in a Multi-</li><li>Location Environment</li><li>StoreFront and Citrix ADC Branding</li></ul><h4>Implementing Backups and Disaster Recovery</h4><ul><li>Backups</li><li>Disaster Recovery Considerations</li><li>Disaster Recovery Process</li></ul><h4>Implementing Advanced Authentication Methods</h4><ul><li>Multi-factor Authentication - RADIUS &amp; OTP</li><li>Multi-factor Authentication - Smart Card Authentication</li><li>Federated Authentication - ADFS, SAML, and FAS</li></ul><h4>Improving App and Data Security</h4><ul><li>Introduction to Application Security</li><li>Preventing Jailbreak Attacks</li><li>Minimizing the Impact of Attacks</li></ul><h4>Securing Machines Running the Virtual Delivery Agent</h4><ul><li>TLS to VDA Encryption</li><li>GPOs and Citrix Policies</li><li>Image Management</li></ul><h4>Introduction to Troubleshooting</h4><ul><li>Troubleshooting Methodology Process (Standard Slide)</li><li>Resource Tools and Utilities</li><li>Introduction to PowerShell</li></ul><h4>Troubleshooting Access Issues</h4><ul><li>Troubleshooting StoreFront</li><li>Troubleshooting Citrix Gateway</li></ul><h4>Troubleshooting Delivery Controller Issues</h4><ul><li>Validating FMA Services</li></ul><h4>Troubleshooting VDA Registration Issues</h4><ul><li>Troubleshooting VDA Registration</li></ul><h4>Troubleshooting HDX Connection Issues</h4><ul><li>Troubleshooting HDX Connections</li></ul><h4>Introduction to App Layering</h4><ul><li>App Layering Introduction</li><li>Architecture and How it Works</li></ul><h4>Creating an OS Layer</h4><ul><li>The OS Layer</li></ul><h4>Creating a Platform Layer</h4><ul><li>The Platform Layer</li></ul><h4>Creating App Layers</h4><ul><li>The App Layers</li></ul><h4>Creating Elastic App and User Layers</h4><ul><li>Elastic App Layering</li><li>User Layers</li></ul><h4>Deploying a Layered Image using Citrix Virtual Apps and Desktops</h4><ul><li>Using Templates in App Layering</li><li>Using Layered Images in a Citrix Virtual Apps and</li><li>Desktops Site</li></ul><h4>Exploring Layer Priority</h4><ul><li>Layer Priority</li></ul><h4>Maintaining an App Layering Environment</h4><ul><li>Updating Layers</li><li>Maintaining and Updating the App Layering Environment</li><li>Common App Layering Considerations and Additional</li><li>Resources</li></ul><h4>Introduction to Workspace Environment Management (WEM)</h4><ul><li>Workspace Environment Management (WEM) Introduction</li><li>WEM Administration</li></ul><h4>Using WEM to Centralize</h4><ul><li>Managing User Resources with WEM</li><li>Managing Profiles with WEM</li><li>Managing Endpoints with the WEM Transformer Feature</li></ul><h4>Using WEM for Performance Optimization</h4><ul><li>Optimizing Machine Performance with WEM</li><li>Optimizing User Experience with WEM</li></ul><h4>Using WEM to Secure Environments</h4><ul><li>WEM Environments</li></ul><h4>Migrating and Upgrading WEM</h4><ul><li>Migrating to WEM</li><li>Upgrading a WEM Deployment</li><li>WEM Multi-Location Considerations</li></ul></div>

IT Certifications

AWS Certified Developer

AWS Certified Cloud Practitioner

Microsoft Virtual Academy (MVA)

Citrix

CWS-315 Citrix Virtual Apps and Desktops 7 Advanced Administration

<div id="course-pills-1">Duration<p>5 Days</p><p>30 CPD hours</p>This course is intended for<p>System installers<br />System integrators<br />System administrators<br />Network administrators<br />Solutions designers</p>Overview<p>After taking this course, you should be able to:<br />Describe the Cisco SD-WAN solution and how modes of operation differ in traditional WAN versus SD-WAN<br />Describe options for Cisco SD-WAN cloud and on-premises deployment<br />Explain how to deploy WAN Edge devices<br />Review the Zero-Touch Provisioning (ZTP) process and examine technical specifics for on-premises deployment<br />Review the device configuration template and describe new features of device configuration templates<br />Describe options for providing scalability, high availability, and redundancy<br />Explain how dynamic routing protocols are deployed in an SD-WAN environment, on the service side and transport side<br />Describe Cisco SD-WAN policy concepts, which includes how policies are defined, attached, distributed, and applied<br />Define and implement advanced control policies, such as policies for custom topologies and service insertion<br />Identify and implement advanced data policies, such as policies for traffic engineering and QoS<br />Define and implement an Application-Aware Routing (AAR) policy<br />Implement Direct Internet Access (DIA) and Cisco SD-WAN Cloud OnRamp options<br />Describe Cisco SD-WAN security components and integration<br />Describe how to design pure and hybrid Cisco SD-WAN solutions, as well as how to perform a migration to Cisco SD-WAN<br />Describe Cisco SD-WAN Day-2 operations, such as monitoring, reporting, logging, troubleshooting, and upgrading<br />Describe Cisco SD-WAN support for multicast</p><p>The Implementing Cisco SD-WAN Solutions (ENSDWI) v2.0 course gives you training about how to design, deploy, configure, and manage your CiscoÂ© Software-Defined WAN (SD-WAN) solution in a large-scale live network, including how to migrate from legacy WAN to SD-WAN. You will learn best practices for configuring routing protocols in the data center and the branch, as well as how to implement advanced control, data, and application-aware policies. The course also covers SD-WAN deployment and migration options, placement of controllers, how to deploy WAN Edge devices, and how to configure Direct Internet Access (DIA) breakout. The course looks at the different Cisco SD-WAN security options available, such as application-aware enterprise firewall, Intrusion Prevention System (IPS), URL filtering, Cisco Advanced Malware Protection (AMP), Secure Sockets Layer/Transport Layer Security (SSL/TLS) proxy, and Cisco UmbrellaÂ© Secure Internet Gateway (SIG). This course helps you prepare to take the Implementing Cisco SD-WAN Solutions (300-415 ENSDWI) exam which is part of the CCNPÂ© Enterprise certification. You will also earn 32 Continuing Education (CE) credits toward recertification.</p></div><div id="course-pills-2"><h4>Course outline</h4><ul><li>Examining the Cisco SD WAN Architecture</li><li>Examining Cisco SD-WAN Deployment Options</li><li>Deploying WAN Edge Devices</li><li>Onboarding WAN Edge Devices with ZTP and PnP</li><li>Using Device Configuration Templates</li><li>Exploring Redundancy, High Availability, and Scalability</li><li>Enabling Service-Side and Transport-Side Routing</li><li>Understanding Cisco SD-WAN Policy Configuration Basics</li><li>Defining Advanced Control Policies</li><li>Implementing AAR</li><li>Examining Direct Internet Access and Cloud Deployment Options</li><li>Exploring Cisco SD-WAN Security</li><li>Designing and Migrating to Cisco SD-WAN</li><li>Performing Cisco SD-WAN Network Management and Troubleshooting</li><li>Examining Cisco SD-WAN Multicast Support</li></ul><h4>Lab outline</h4><ul><li>Deploy Cisco SD-WAN Controllers</li><li>Add a WAN Edge Router Using ZTP</li><li>Deploy Cisco SD-WAN Device Using Configuration Templates</li><li>Configure Cisco SD-WAN Controller Affinity</li><li>Implement Service Side Routing Protocols</li><li>Implement Transport Location (TLOC) Extensions</li><li>Implement Control Policies</li><li>Implement Data Policies</li><li>Implement Application-Aware Routing</li><li>Implement Branch and Regional Internet Breakouts</li><li>Migrate Branch Sites</li><li>Perform Cisco SD-WAN Software Upgrade</li></ul></div><div id="course-pills-3"><h4>Additional course details:</h4><br /><p>Nexus Humans Cisco Implementing Cisco SD-WAN Solutions (ENSDWI) v2.0 training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. </p><p></p> This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. <p></p>Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success.  <p></p>While we feel this is the best course for the Cisco Implementing Cisco SD-WAN Solutions (ENSDWI) v2.0 course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you.  <p></p>Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.<p></p></div>

Cisco Implementing Cisco SD-WAN Solutions (ENSDWI) v2.0

<div id="course-pills-1">Duration<p>4 Days</p><p>24 CPD hours</p>This course is intended for<p></p><p>This course is for Azure Security Engineers who are planning to take the associated certification exam, or who are performing security tasks in their day-to-day job. This course would also be helpful to an engineer that wants to specialize in providing security for Azure-based digital platforms and play an integral role in protecting an organization's data.</p><p></p><p></p><p>This course provides IT Security Professionals with the knowledge and skills needed to implement security controls, maintain an organization?s security posture, and identify and remediate security vulnerabilities. This course includes security for identity and access, platform protection, data and applications, and security operations.</p><p></p>Prerequisites<p></p><li>AZ-104T00 - Microsoft Azure Administrator</li>  <li>Security best practices and industry security requirements such as defense in depth, least privileged access, role-based access control, multi-factor authentication, shared responsibility, and zero trust model.</li>  <li>Be familiar with security protocols such as Virtual Private Networks (VPN), Internet Security Protocol (IPSec), Secure Socket Layer (SSL), disk and data encryption methods.</li>  <li>Have some experience deploying Azure workloads. This course does not cover the basics of Azure administration, instead the course content builds on that knowledge by adding security specific information.</li>  <li>Have experience with Windows and Linux operating systems and scripting languages. Course labs may use PowerShell and the CLI.</li><p></p></div><div id="course-pills-2"><h3>1 - Manage identities in Microsoft Entra ID</h3> <ul> <li>Secure users in Microsoft Entra ID</li> <li>Secure groups in Microsoft Entra ID</li> <li>Recommend when to use external identities</li> <li>Secure external identities</li> <li>Implement Microsoft Entra Identity protection</li> </ul> <h3>2 - Manage authentication by using Microsoft Entra ID</h3> <ul> <li>Configure Microsoft Entra Verified ID</li> <li>Implement multifactor authentication (MFA)</li> <li>Implement passwordless authentication</li> <li>Implement password protection</li> <li>Implement single sign-on (SSO)</li> <li>Integrate single sign-on (SSO) and identity providers</li> <li>Recommend and enforce modern authentication protocols </li> </ul> <h3>3 - Manage authorization by using Microsoft Entra ID</h3> <ul> <li>Configure Azure role permissions for management groups, subscriptions, resource groups, and resources</li> <li>Assign built-in roles in Microsoft Entra ID</li> <li>Assign built-in roles in Azure</li> <li>Create and assign a custom role in Microsoft Entra ID</li> <li>Implement and manage Microsoft Entra Permissions Management</li> <li>Configure Microsoft Entra Privileged Identity Management </li> <li>Configure role management and access reviews by using Microsoft Entra Identity Governance</li> <li>Implement Conditional Access policies</li> </ul> <h3>4 - Manage application access in Microsoft Entra ID</h3> <ul> <li>Manage access to enterprise applications in Microsoft Entra ID, including OAuth permission grants</li> <li>Manage app registrations in Microsoft Entra ID</li> <li>Configure app registration permission scopes</li> <li>Manage app registration permission consent</li> <li>Manage and use service principals</li> <li>Manage managed identities for Azure resources</li> <li>Recommend when to use and configure a Microsoft Entra Application Proxy, including authentication</li> </ul> <h3>5 - Plan and implement security for virtual networks</h3> <ul> <li>Plan and implement Network Security Groups (NSGs) and Application Security Groups (ASGs)</li> <li>Plan and implement User-Defined Routes (UDRs)</li> <li>Plan and implement Virtual Network peering or gateway</li> <li>Plan and implement Virtual Wide Area Network, including secured virtual hub</li> <li>Secure VPN connectivity, including point-to-site and site-to-site</li> <li>Implement encryption over ExpressRoute</li> <li>Configure firewall settings on PaaS resources</li> <li>Monitor network security by using Network Watcher, including NSG flow logging</li> </ul> <h3>6 - Plan and implement security for private access to Azure resources</h3> <ul> <li>Plan and implement virtual network Service Endpoints</li> <li>Plan and implement Private Endpoints</li> <li>Plan and implement Private Link services</li> <li>Plan and implement network integration for Azure App Service and Azure Functions</li> <li>Plan and implement network security configurations for an App Service Environment (ASE)</li> <li>Plan and implement network security configurations for an Azure SQL Managed Instance</li> </ul> <h3>7 - Plan and implement security for public access to Azure resources</h3> <ul> <li>Plan and implement Transport Layer Security (TLS) to applications, including Azure App Service and API Management</li> <li>Plan, implement, and manage an Azure Firewall, Azure Firewall Manager and firewall policies</li> <li>Plan and implement an Azure Application Gateway</li> <li>Plan and implement an Azure Front Door, including Content Delivery Network (CDN)</li> <li>Plan and implement a Web Application Firewall (WAF)</li> <li>Recommend when to use Azure DDoS Protection Standard</li> </ul> <h3>8 - Plan and implement advanced security for compute</h3> <ul> <li>Plan and implement remote access to public endpoints, Azure Bastion and just-in-time (JIT) virtual machine (VM) access</li> <li>Configure network isolation for Azure Kubernetes Service (AKS)</li> <li>Secure and monitor AKS</li> <li>Configure authentication for AKS</li> <li>Configure security for Azure Container Instances (ACIs)</li> <li>Configure security for Azure Container Apps (ACAs)</li> <li>Manage access to Azure Container Registry (ACR)</li> <li>Configure disk encryption, Azure Disk Encryption (ADE), encryption as host, and confidential disk encryption</li> <li>Recommend security configurations for Azure API Management</li> </ul> <h3>9 - Plan and implement security for storage</h3> <ul> <li>Configure access control for storage accounts</li> <li>Manage life cycle for storage account access keys</li> <li>Select and configure an appropriate method for access to Azure Files</li> <li>Select and configure an appropriate method for access to Azure Blob Storage</li> <li>Select and configure an appropriate method for access to Azure Tables</li> <li>Select and configure an appropriate method for access to Azure Queues</li> <li>Select and configure appropriate methods for protecting against data security threats, including soft delete, backups, versioning, and immutable storage</li> <li>Configure Bring your own key (BYOK)</li> <li>Enable double encryption at the Azure Storage infrastructure level</li> </ul> <h3>10 - Plan and implement security for Azure SQL Database and Azure SQL Managed Instance</h3> <ul> <li>Enable database authentication by using Microsoft Entra ID</li> <li>Enable and monitor database audit</li> <li>Identify use cases for the Microsoft Purview governance portal</li> <li>Implement data classification of sensitive information by using the Microsoft Purview governance portal</li> <li>Plan and implement dynamic mask</li> <li>Implement transparent data encryption?</li> <li>Recommend when to use Azure SQL Database Always Encrypted</li> </ul> <h3>11 - Plan, implement, and manage governance for security</h3> <ul> <li>Create, assign, and interpret security policies and initiatives in Azure Policy</li> <li>Configure security settings by using Azure Blueprint</li> <li>Deploy secure infrastructures by using a landing zone</li> <li>Create and configure an Azure Key Vault</li> <li>Recommend when to use a dedicated Hardware Security Module (HSM)</li> <li>Configure access to Key Vault, including vault access policies and Azure Role Based Access Control</li> <li>Manage certificates, secrets, and keys</li> <li>Configure key rotation</li> <li>Configure backup and recovery of certificates, secrets, and keys</li> </ul> <h3>12 - Manage security posture by using Microsoft Defender for Cloud</h3> <ul> <li>Implement Microsoft Defender for Cloud</li> <li>Identify and remediate security risks by using the Microsoft Defender for Cloud Secure Score and Inventory</li> <li>Assess compliance against security frameworks and Microsoft Defender for Cloud</li> <li>Add industry and regulatory standards to Microsoft Defender for Cloud</li> <li>Add custom initiatives to Microsoft Defender for Cloud</li> <li>Connect hybrid cloud and multicloud environments to Microsoft Defender for Cloud</li> <li>Identify and monitor external assets by using Microsoft Defender External Attack Surface Management</li> </ul> <h3>13 - Configure and manage threat protection by using Microsoft Defender for Cloud</h3> <ul> <li>Enable workload protection services in Microsoft Defender for Cloud, including Microsoft Defender for Storage, Databases, Containers, App Service, Key Vault, Resource Manager, and DNS</li> <li>Configure Microsoft Defender for Servers</li> <li>Configure Microsoft Defender for Azure SQL Database</li> <li>Manage and respond to security alerts in Microsoft Defender for Cloud</li> <li>Configure workflow automation by using Microsoft Defender for Cloud</li> <li>Evaluate vulnerability scans from Microsoft Defender for Server</li> </ul> <h3>14 - Configure and manage security monitoring and automation solutions</h3> <ul> <li>Monitor security events by using Azure Monitor</li> <li>Configure data connectors in Microsoft Sentinel</li> <li>Create and customize analytics rules in Microsoft Sentinel</li> <li>Configure automation in Microsoft Sentinel</li> </ul></div><div id="course-pills-3"><h4>Additional course details:</h4><br /><p>Nexus Humans AZ-500T00 Microsoft Azure Security Technologies training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. </p><p></p> This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. <p></p>Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success.  <p></p>While we feel this is the best course for the AZ-500T00 Microsoft Azure Security Technologies course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you.  <p></p>Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.<p></p></div>

Microsoft AZ-900

Microsoft AZ-104

Microsoft Azure

Microsoft AZ-303

Microsoft AZ-700

AZ-500T00 Microsoft Azure Security Technologies

Redhill

<h3><b>OpenSSL for engineers training course description</b></h3>
        <p>
      A hands on course covering OpenSSL. The course
focusses on the use of OpenSSL from the command
line as opposed to using its extensive libraries.
Certificate authorities are configured along with key
generation, HTTPS and a SSL VPN. </p>
        
				<h5><b>What will you learn</b></h5>
				<ul>
				 
  <li>Describe OpenSSL.</li>
                          <li>Use OpenSSL.</li>
                          <li>Describe and implement:</li>
																										<li>Explain how the various technologies involved in an
OpenSSL work.</li>
                 
                  </ul>
        <h5>
        <b>OpenSSL for engineers training course details</b> </h5>
				<div>
					<div>
						<ul>
							<li><b> Who will benefit:</b> </li>
							
              <p>Network personnel.</p>
              
							<li><b>Prerequisites:</b></li>
							
              <p>IP security foundation for engineers</p>
              
							<li><b>Duration</b></li>
							
              <p>2 days</p>
              
							
              
              
						</ul>
					</div>
				</div>
      <h3><b>OpenSSL for engineers training course contents</b></h3>
				<ul>	<li>What is OpenSSL? </li><p>
What is SSL? SSL versions, TLS, TLS negotiation, TLS authentication, What is OpenSSL, Command line tool, SSL library. OpenSSH, OpenVPN.
<br /><span>Hands on</span> TLS packet analysis.

</p><li>Getting started with OpenSSL </li><p>
Downloading, source code, packages, installing, versions, configuration, openssl command. Cipher suite selection.
<br /><span>Hands on</span> Encrypting a file with openssl.

</p><li>Public and private keys </li><p>
Algorithms, creating keys, public keys, private keys, encrypting the private key.
<br /><span>Hands on</span> Encrypting a file with keys.

</p><li>Digital signatures </li><p>
Creating signatures, checking validity of signatures, Self signing SSL certificates. Viewing certificates. Certificate files. Converting between formats.
<br /><span>Hands on</span> Securing a web server with HTTPS.

</p><li>Simple PKI with OpenSSL </li><p>
Root CA, signing CA, configuration files, Certificate signing requests. Email certificates, TLS server certificates.
<br /><span>Hands on</span> Implementing a simple PKI with OpenSSL.
</p>
				</ul>

Systems & Network Training

Network Engineer

Definitive OpenSSL for engineers

<h3><b>Cyber security training course description</b></h3>
        <p>
      This cyber security course focusses on the network
side of security. Technologies rather than specific
products are studied focussing around the protection of
networks using firewalls and VPNs.</p>
        
				<h5><b>What will you learn</b></h5>
				<ul>
				 
   <li>Describe: <br />
                    
                    	- Basic security attacks<br />
                   		- RADIUS<br />
                   		- SSL<br />
                   		- VPNs<br />
                         </li>
                         <li>Deploy firewalls and secure networks</li>
                          <li>Explain how the various technologies involved in an
IP VPN work.</li>
                           <li>Describe and implement:<br />
                            
                         
					- L2TP<br />
					- IPsec<br />
                    - SSL<br />
                   - MPLS, L3, VPNs.</li>
                  </ul>
        <h5>
        <b>Cyber security training course details</b> </h5>
				<div>
					<div>
						<ul>
							<li><b> Who will benefit:</b> </li>
							
              <p>Anyone working in the security field.</p>
              
							<li><b>Prerequisites:</b></li>
							
              <p>TCP/IP foundation for engineers</p>
              
							<li><b>Duration</b></li>
							
              <p>5 days</p>
              
							
              
              
						</ul>
					</div>
				</div>
      <h3><b>Cyber security training course contents</b></h3>
				<ul>	<li>Security review </li><p>
Denial of service, DDOS, data manipulation, data theft, data destruction, security checklists, incident response.

</p><li>Security exploits </li><p>
IP spoofing, SYN attacks, hijacking, reflectors and amplification, keeping up to date with new threats.
<br /><span>Hands on</span> port scanning, use a 'hacking' tool.

</p><li>Client and Server security </li><p>
Windows, Linux, Log files, syslogd, accounts, data security.
<br /><span>Hands on</span> Server hardening.

</p><li>Firewall introduction </li><p>
What is a firewall? Firewall benefits, concepts.
<br /><span>HAnds on</span> launching various attacks on a target.

</p><li>Firewall types </li><p>
Packet filtering, SPI, Proxy, Personal. Software firewalls, hardware firewalls. Firewall products.
<br /><span>Hands on</span> Simple personal firewall configuration.

</p><li>Packet filtering firewalls </li><p>
Things to filter in the IP header, stateless vs. stateful filtering. ACLs. Advantages of packet filtering.
<br /><span>Hands on</span> Configuring packet filtering firewalls.

</p><li>Stateful packet filtering </li><p>
Stateful algorithms, packet-by-packet inspection, application content filtering, tracks, special handling (fragments, IP options), sessions with TCP and UDP. Firewall hacking detection: SYN attacks, SSL, SSH interception.
<br /><span>Hands on</span> SPI firewalls.

</p><li>Proxy firewalls </li><p>
Circuit level, application level, SOCKS. Proxy firewall plusses and minuses.
<br /><span>Hands on</span> Proxy firewalls.

</p><li>Firewall architectures </li><p>
Small office, enterprise, service provider, what is a DMZ? DMZ architectures, bastion hosts, multi DMZ. Virtual firewalls, transparent firewalls. Dual firewall design, high availability, load balancing, VRRP.
<br /><span>Hands on</span> Resilient firewall architecture.

</p><li>Testing firewalls </li><p>
Configuration checklist, testing procedure, monitoring firewalls, logging, syslog.
<br /><span>Hands on</span> Testing firewalls.

</p><li>Encryption </li><p>
Encryption keys, Encryption strengths, Secret key vs Public key, algorithms, systems, SSL, SSH, Public Key Infrastructures.
<br /><span>Hands on</span> Password cracking.

</p><li>Authentication </li><p>
Types of authentication, Securid, Biometrics, PGP, Digital certificates, X.509 v3, Certificate authorities, CRLs, RADIUS.
<br /><span>Hands on</span> Using certificates.

</p><li>VPN overview </li><p>
What is a VPN? What is an IP VPN? VPNs vs. Private Data Networks, Internet VPNs, Intranet VPNs, Remote access VPNs, Site to site VPNs, VPN benefits and disadvantages.

</p><li>VPN Tunnelling </li><p>
VPN components, VPN tunnels, tunnel sources, tunnel end points, tunnelling topologies, tunnelling protocols, which tunnelling protocol? Requirements of tunnels.

</p><li>L2TP </li><p>
Overview, components, how it works, security, packet authentication, L2TP/IPsec, L2TP/PPP, L2 vs L3 tunnelling.
<br /><span>Hands on</span> Implementing a L2TP tunnel.

</p><li>IPsec </li><p>
AH, HMAC, ESP, transport and tunnel modes, Security Association, encryption and authentication algorithms, manual vs automated key exchange, NAT and other issues.
<br /><span>Hands on</span> Implementing an IPsec VPN.

</p><li>SSL VPNs </li><p>
Layer 4 VPNs, advantages, disadvantages. SSL. TLS. TLS negotiation, TLS authentication. TLS and certificates.
<br /><span>Hands on</span> Implementing a SSL VPN.

</p><li>MPLS VPNs </li><p>
Introduction to MPLS, why use MPLS, Headers, architecture, label switching, LDP, MPLS VPNs, L2 versus L3 VPNs. Point to point versus multipoint MPLS VPNs. MBGP and VRFs and their use in MPLS VPNs.
<br /><span>Hands on</span> Implementing a MPLS L3 VPN.

</p><li>Penetration testing </li><p>
Hacking webservers, web applications, Wireless networks and mobile platforms. Concepts, threats, methodology.
<br /><span>Hands on</span> Hacking tools and countermeasures.

</p>
				</ul>

Cyber security for engineers

<h3><b>SIP security training course description</b></h3>
        <p>
        A hands-on course covering SIP security. It is assumed that delegates already know SIP as this course focuses purely on the security issues in SIP IP telephony networks. Hands-on practicals follow each major theory session and include use of various SIP security tools such as vomit, sipp, sipsak and sivus amongst others.</p>
        
				<h5><b>What will you learn</b></h5>
				<ul>
				 
          <li>Secure SIP networks</li>
					<li>Use various SIP security tools</li>
                  </ul>
				
        <h5><b>SIP security training course details</b> </h5>
				<div>
					<div>
						<ul>
							<li><b> Who will benefit:</b> </li>
							
              <p>Technical staff working with SIP.<br />
                 Technical security staff.</p>
              
							<li><b>Prerequisites:</b></li>
							
              <p>SIP for engineers</p>
              
							<li><b>Duration</b></li>
							
              <p>2 days</p>
              
							
              
              
						</ul>
					</div>
				</div>
      <h3><b>SIP security training course contents</b></h3>
				<ul>	<li>SIP review</li><p>
SIP infrastructure and entities, example SIP session.
<br /><span>Hands on</span> Simple SIP network with and without
authentication.
					</p><li>SIP security attacks</li><p>
 DOS attacks, infrastructure attacks, eavesdropping,
spoofing, replay, message integrity. <br /><span>Hands on</span> Basic
SIP packet capture, infrastructure attacks.
</p><li>SIP tools</li><p>
 SIP packet creation: Sivus, SIPsak, PROTOS, SFTF,
SIP bomber, SIPp, Seagull, Nastysip. SIP packet
generators: SIPNess, NetDude. Monitoring:
Wireshark, Cain &amp; Abel, Vomit, Oreka, VoiPong.
Scripts and tools: SIP-Fun, Skora.net, kphone-ddos,
sip-scan, sip-kill, sip-redirectrtp. Health of different
tools. <br /><span>Hands on</span> Generating SIP packets, rebuilding
conversations from captured packets, password
cracking.
</p><li>VPNs and SIP</li><p>
 IPSec, AH, ESP, transport mode, tunnel mode, Pre
Shared Keys, Public keys. <br /><span>Hands on</span> SIP calls over
IPSec.
</p><li>Secure SIP signaling</li><p>
 SIP relationship with HTTP, Deprecated HTTP 1.0
basic authentication, HTTP 1.1 Digest authentication,
S/MIME, SIPS, SIPS URI, TLS, DTLS, PKI
infrastructures. <br /><span>Hands on</span> SIP with TLS.
</p><li>Secure media streams</li><p>
 SRTP, features, packet format, default encryption,
default authentication, key distribution. S/MIME,
MIKEY, SDP security descriptions. SIP security
agreements. <br /><span>Hands on</span> Analysing SRTP packets.
</p><li>Firewalls</li><p>
 NAT traversal. Impact of firewall on infrastructure
attacks. TLS and firewalls. SIP specific firewalls.
<br /><span>Hands on</span> SIP calls through a firewall. 

</p>
				</ul>

SIP security for engineers

<strong>This course will teach you everything from scratch right from simple setups to complex solutions. If you want to master SSL and HTTPS in-depth, this course is for you! 
No prior knowledge of computer networks, encryption, or configuring web servers is required.</strong>
        <p>This course is all about securing websites with SSL/TLS certificates. We start by exploring the basics of symmetric encryption algorithms such as AES, asymmetric encryption (RSA), and hashing protocols (MD5 and SHA). We will also explain the fundamentals of computer networks and TCP/IP stacks; for that, we will use the Wireshark traffic analyzer. 
You will learn about the structure of SSL/TLS certificates. You will also understand why CAs (Certificate Authorities) are needed and how the chain of trust is built. 
We will perform multiple practice activities such as buying a domain and configuring DNS settings, using the Certbot ACME client to automatically obtain a free SSL certificate from Let's Encrypt; then with the help of OpenSSL, we'll generate RSA keys and self-signed certificates, we'll secure WordPress with Apache using SSL/TLS certificates, and create a CSR (Certificate Signing Request) via OpenSSL and submit it to the CA server. We will configure Cloudflare for your domain and set up different SSL operation modes, install and configure NGINX web servers for SSL/TLS certificates, migrate from HTTP to HTTPS, and redirect all traffic using HTTP 301 redirect from HTTP to HTTPS. 
By the end of this course, you will become a guru of SSL and TLS encryption and will be able to easily obtain and install SSL certificates on your web servers.</p>
        <h2>What You Will Learn</h2><p>Learn how to install SSL/TLS certificate on web servers<br>Differentiate between HTTP and HTTPS<br>Secure WordPress with Apache using SSL/TLS certificates<br>Understand what a CA is and how the chain of trust is built<br>Install and configure an NGINX web server for SSL/TLS encryption<br>Redirect all traffic using HTTP 301 redirect from HTTP to HTTPS</p>
        <h2>Audience</h2><p>This course is for anyone who wants to learn SSL via real-life projects. This course will also be beneficial for website owners, DevOps engineers, web developers, network engineers, and JavaScript developers.</p>
        <h2>Approach</h2><p>In this course, all practice exercises are performed on a real domain with real hosting. When you've completed the course, you'll have production-ready solutions with HTTPS set up and HTTP-to-HTTPS redirection.</p>
        <h2>Key Features</h2><p>Use Certbot ACME client to automatically obtain a free SSL certificate from Let's Encrypt * With the help of OpenSSL, generate RSA keys and self-signed certificates * Configure Cloudflare for your domain and set up different SSL modes of operations</p>
        
        <h2>About the Author</h2><h3>Bogdan Stashchuk</h3><p>Bogdan Stashchuk has over 20 years of experience as a software engineering instructor. He excels at breaking down complex topics into easy-to-follow steps. His courses are designed with hands-on exercises, ensuring that learners can actively participate and apply what they learn. From start to finish, students can follow along and complete tasks just as Bogdan demonstrates in his lectures. He also includes challenging assignments with detailed solutions. This approach helps learners understand and remember the material long after they've completed the course. Through his dedication and expertise, Bogdan ensures a valuable and effective learning experience for everyone.</p>
        <h2>Course Outline</h2><h4>1. Introduction</h4><p></p><br><h4>2. Introduction to HTTPS and TLS</h4><p></p><br><h4>3. Encryption and Hashing Overview</h4><p></p><br><h4>4. RSA, Certificates, and Chain of Trust</h4><p></p><br><h4>5. SSL, TLS, and HTTPS</h4><p></p><br><h4>6. Launching TLS Secured Website with Free Domain and Hosting</h4><p></p><br><h4>7. Custom Domain with Free Hosting</h4><p></p><br><h4>8. Free TLS Certificate (Let's Encrypt) on Paid Hosting</h4><p></p><br><h4>9. Cloudflare with Free TLS Certificate</h4><p></p><br><h4>10. Configuring NGINX Web Server and Installing TLS Certificate</h4><p></p><br><h4>11. Creating a Self-Signed Certificate Using OpenSSL</h4><p></p><br><h4>12. Getting and Installing a Custom Certificate</h4><p></p><br><h4>13. Cleanup</h4><p></p>

Online Course Creation

Basic Security Training (BST)

This course will teach you everything from scratch right from simple setups to complex solutions. If you want to master SSL and HTTPS in-depth, this course is for you! 
No prior knowledge of computer networks, encryption, or configuring web servers is required.

SSL Complete Guide 2021: HTTP to HTTPS

<h3><b>Securing UNIX systems training course description</b></h3>
      <p>This course teaches you everything you need to know
to build a safe Linux environment. The first section
handles cryptography and authentication with
certificates, openssl, mod_ssl, DNSSEC and filesystem
encryption. Then Host security and hardening is
covered with intrusion detection, and also user
management and authentication. Filesystem Access
control is then covered. Finally network security is
covered with network hardening, packet filtering and
VPNs. </p>
        
				<h5><b>What will you learn</b></h5>
				<ul>
				 
      <li>Secure UNIX accounts.</li>
					              <li>Secure UNIX file systems.</li>
                   <li>Secure UNIX access through the network.</li>
                  </ul>
                  
       
        <h5>
        <b>Securing UNIX systems course details</b> </h5>
				<div>
					<div>
						<ul>
							<li><b> Who will benefit:</b> </li>
							
              <p>Linux technical staff needing to secure their systems.</p>
              
							<li><b>Prerequisites:</b></li>
							
              <p>Linux system administration (LPIC-1)</p>
              
							<li><b>Duration</b></li>
							
              <p>5 days
						</p>
              
							
              
              
						</ul>
					</div>
				</div>
      <h3><b>Securing UNIX systems course contents</b></h3>
      <ul>
				<li><span>Cryptography</span></li><p>
</p><li>Certificates and Public Key Infrastructures</li><p>
				X.509 certificates, lifecycle, fields and certificate
extensions. Trust chains and PKI. openssl. Public and
private keys. Certification authority. Manage server and
client certificates. Revoke certificates and CAs.
</p><li>Encryption, signing and authentication</li><p>
SSL, TLS, protocol versions. Transport layer security
threats, e.g. MITM. Apache HTTPD with mod_ssl for
HTTPS service, including SNI and HSTS. HTTPD with
mod_ssl to authenticate users using certificates. HTTPD
with mod_ssl to provide OCSP stapling. Use OpenSSL
for SSL/TLS client and server tests.
</p><li>Encrypted File Systems</li><p>
Block device and file system encryption. dm-crypt with
LUKS to encrypt block devices. eCryptfs to encrypt file
systems, including home directories and, PAM
integration, plain dm-crypt and EncFS.
</p><li>DNS and cryptography</li><p>
DNSSEC and DANE. BIND as an authoritative name
server serving DNSSEC secured zones. BIND as an
recursive name server that performs DNSSEC validation,
KSK, ZSK, Key Tag, Key generation, key storage, key
management and key rollover, Maintenance and resigning of zones, Use DANE. TSIG.
				</p><li><span>Host Security</span></li><p>
</p><li>Host Hardening</li><p>
BIOS and boot loader (GRUB 2) security. Disable
useless software and services, sysctl for security related
kernel configuration, particularly ASLR, Exec-Shield and
IP / ICMP configuration, Exec-Shield and IP / ICMP
configuration, Limit resource usage. Work with chroot
environments, Security advantages of virtualization.
</p><li>Host Intrusion Detection</li><p>
The Linux Audit system, chkrootkit, rkhunter, including
updates, Linux Malware Detect, Automate host scans
using cron, AIDE, including rule management,
OpenSCAP.
</p><li>User Management and Authentication</li><p>
NSS and PAM, Enforce password policies. Lock
accounts automatically after failed login attempts,
SSSD, Configure NSS and PAM for use with SSSD,
SSSD authentication against Active Directory, IPA,
LDAP, Kerberos and local domains, Kerberos and local
domains, Kerberos tickets.
</p><li>FreeIPA Installation and Samba Integration</li><p>
FreeIPA, architecture and components. Install and
manage a FreeIPA server and domain, Active Directory
replication and Kerberos cross-realm trusts, sudo,
autofs, SSH and SELinux integration in FreeIPA.
				</p><li><span>Access Control</span></li><p>
</p><li>Discretionary Access Control</li><p>
File ownership and permissions, SUID, SGID. Access
control lists, extended attributes and attribute classes.
</p><li>Mandatory Access Control</li><p>
TE, RBAC, MAC, DAC. SELinux, AppArmor and Smack.
</p><li>etwork File Systems</li><p>
NFSv4 security issues and improvements, NFSv4
server and clients, NFSv4 authentication mechanisms
(LIPKEY, SPKM, Kerberos), NFSv4 pseudo file system,
NFSv4 ACLs. CIFS clients, CIFS Unix Extensions, CIFS
security modes (NTLM, Kerberos), mapping and
handling of CIFS ACLs and SIDs in a Linux system.<br />
				</p><li><span>Network Security</span></li><p>
</p><li>Network Hardening</li><p>
FreeRADIUS, nmap, scan methods. Wireshark, filters
and statistics. Rogue router advertisements and DHCP
messages.
</p><li>Network Intrusion Detection</li><p>
ntop, Cacti, bandwidth usage monitoring, Snort, rule
management, OpenVAS, NASL.
</p><li>Packet Filtering</li><p>
Firewall architectures, DMZ, netfilter, iptables and
ip6tables, standard modules, tests and targets. IPv4 and
IPv6 packet filtering. Connection tracking, NAT. IP sets
and netfilter rules, nftables and nft. ebtables. conntrackd
</p><li>Virtual Private Networks</li><p>
OpenVPN server and clients for both bridged and routed
VPN networks. IPsec server and clients for routed VPN
networks using IPsec-Tools / racoon. L2TP.
</p>
      </ul>

Securing UNIX systems

<h3><b>Securing Linux systems training course description</b></h3>
      <p>This course teaches you everything you need to know
to build a safe Linux environment. The first section
handles cryptography and authentication with
certificates, openssl, mod_ssl, DNSSEC and filesystem
encryption. Then Host security and hardening is
covered with intrusion detection, and also user
management and authentication. Filesystem Access
control is then covered. Finally network security is
covered with network hardening, packet filtering and
VPNs. </p>
        
				<h5><b>What will you learn</b></h5>
				<ul>
				 
      <li>Secure Linux accounts.</li>
					              <li>Secure Linux file systems.</li>
                   <li>Secure Linux access through the network.</li>
                  </ul>
                  
       
        <h5>
        <b>Securing Linux systems training course details</b> </h5>
				<div>
					<div>
						<ul>
							<li><b> Who will benefit:</b> </li>
							
              <p>Linux technical staff needing to secure their systems.</p>
              
							<li><b>Prerequisites:</b></li>
							
              <p>Linux system administration (LPIC-1)</p>
              
							<li><b>Duration</b></li>
							
              <p>5 days
						</p>
              
							
              
              
						</ul>
					</div>
				</div>
      <h3><b>Securing Linux systems training course contents</b></h3>
      <ul>
				<li><span>Cryptography</span></li><p>
</p><li>Certificates and Public Key Infrastructures</li><p>
				X.509 certificates, lifecycle, fields and certificate
extensions. Trust chains and PKI. openssl. Public and
private keys. Certification authority. Manage server and
client certificates. Revoke certificates and CAs.
</p><li>Encryption, signing and authentication</li><p>
SSL, TLS, protocol versions. Transport layer security
threats, e.g. MITM. Apache HTTPD with mod_ssl for
HTTPS service, including SNI and HSTS. HTTPD with
mod_ssl to authenticate users using certificates. HTTPD
with mod_ssl to provide OCSP stapling. Use OpenSSL
for SSL/TLS client and server tests.
</p><li>Encrypted File Systems</li><p>
Block device and file system encryption. dm-crypt with
LUKS to encrypt block devices. eCryptfs to encrypt file
systems, including home directories and, PAM
integration, plain dm-crypt and EncFS.
</p><li>DNS and cryptography</li><p>
DNSSEC and DANE. BIND as an authoritative name
server serving DNSSEC secured zones. BIND as an
recursive name server that performs DNSSEC validation,
KSK, ZSK, Key Tag, Key generation, key storage, key
management and key rollover, Maintenance and resigning of zones, Use DANE. TSIG.
				</p><li><span>Host Security</span></li><p>
</p><li>Host Hardening</li><p>
BIOS and boot loader (GRUB 2) security. Disable
useless software and services, sysctl for security related
kernel configuration, particularly ASLR, Exec-Shield and
IP / ICMP configuration, Exec-Shield and IP / ICMP
configuration, Limit resource usage. Work with chroot
environments, Security advantages of virtualization.
</p><li>Host Intrusion Detection</li><p>
The Linux Audit system, chkrootkit, rkhunter, including
updates, Linux Malware Detect, Automate host scans
using cron, AIDE, including rule management,
OpenSCAP.
</p><li>User Management and Authentication</li><p>
NSS and PAM, Enforce password policies. Lock
accounts automatically after failed login attempts,
SSSD, Configure NSS and PAM for use with SSSD,
SSSD authentication against Active Directory, IPA,
LDAP, Kerberos and local domains, Kerberos and local
domains, Kerberos tickets.
</p><li>FreeIPA Installation and Samba Integration</li><p>
FreeIPA, architecture and components. Install and
manage a FreeIPA server and domain, Active Directory
replication and Kerberos cross-realm trusts, sudo,
autofs, SSH and SELinux integration in FreeIPA.
				</p><li><span>Access Control</span></li><p>
</p><li>Discretionary Access Control</li><p>
File ownership and permissions, SUID, SGID. Access
control lists, extended attributes and attribute classes.
</p><li>Mandatory Access Control</li><p>
TE, RBAC, MAC, DAC. SELinux, AppArmor and Smack.
</p><li>etwork File Systems</li><p>
NFSv4 security issues and improvements, NFSv4
server and clients, NFSv4 authentication mechanisms
(LIPKEY, SPKM, Kerberos), NFSv4 pseudo file system,
NFSv4 ACLs. CIFS clients, CIFS Unix Extensions, CIFS
security modes (NTLM, Kerberos), mapping and
handling of CIFS ACLs and SIDs in a Linux system.<br />
				</p><li><span>Network Security</span></li><p>
</p><li>Network Hardening</li><p>
FreeRADIUS, nmap, scan methods. Wireshark, filters
and statistics. Rogue router advertisements and DHCP
messages.
</p><li>Network Intrusion Detection</li><p>
ntop, Cacti, bandwidth usage monitoring, Snort, rule
management, OpenVAS, NASL.
</p><li>Packet Filtering</li><p>
Firewall architectures, DMZ, netfilter, iptables and
ip6tables, standard modules, tests and targets. IPv4 and
IPv6 packet filtering. Connection tracking, NAT. IP sets
and netfilter rules, nftables and nft. ebtables. conntrackd
</p><li>Virtual Private Networks</li><p>
OpenVPN server and clients for both bridged and routed
VPN networks. IPsec server and clients for routed VPN
networks using IPsec-Tools / racoon. L2TP.
</p>
      </ul>

Securing Linux systems

<h3><b>Definitive 802.1X training course description</b></h3>
        <p>
        A hands-on training course concentrating solely on 802.1X. Hands on sessions follow major chapters to reinforce the theory.</p>
        
				<h5><b>What will you learn</b></h5>
				<ul>
				 
          <li>Describe 802.1X.</li>
                   		 <li>Explain how 802.1X works</li>
                   		 <li>Configure 802.1X</li>
                   		 <li>Troubleshoot 802.1X.</li>
                  </ul>
				
        <h5><b>Definitive 802.1X training course details</b> </h5>
				<div>
					<div>
						<ul>
							<li><b> Who will benefit:</b> </li>
							
              <p>Technical network staff.<br />
                    Technical security staff.</p>
              
							<li><b>Prerequisites:</b></li>
							
              <p>SIP for engineers</p>
              
							<li><b>Duration</b></li>
							
              <p>2 days</p>
              
							
              
              
						</ul>
					</div>
				</div>
      <h3><b>Definitive 802.1X training course contents</b></h3>
				<ul>	<li>Introduction</li><p>
What is 802.1X? Authentication access, 802.3,
802.11. IEEE, 802, 802.1X-2001, 802.1X-2010.
				</p><li>Architecture</li><p>
Supplicant, Authenticator, Authentication server,
EAP, EAPOL, RADIUS, Diameter.
</p><li>Port configuration</li><p>
802.1X in a switch environment.
<br /><span>Hands on</span> Configuring 802.1X.
</p><li>How it works</li><p>
Controlled ports, uncontrolled ports.
Authentication flow chart, Initialisation, initiation,
negotiation, authentication.
<br /><span>Hands on</span> 802.1X packet analysis.
</p><li>802.1X and 802.11</li><p>
WiFi, WiFi security.
<br /><span>Hands on</span> 802.1X WiFi port access.
</p><li>EAP</li><p>
Extensible Authentication Protocol, RFC 3748,
RFC 5247. EAP methods: Weak, MD5, LEAP,
Strong: TTLS, TLS, FAST. Encapsulation:
802.1X, PEAP, RADIUS, Diameter, PPP.
</p><li>802.1X accounting</li><p>
RADIUS, accounting messages, 802.1X
accounting AV pairs.
</p><li>8021.X and VLANS</li><p>
VLANs, Guest VLAN, restricted VLAN, voice
VLAN.
<br /><span>Hands on</span> VLAN assignments with 802.1X.

</p>
				</ul>

Definitive 802.1X for engineers

<h3><b>Network forensics training course description</b></h3>
        <p>
   This course studies network forensics-monitoring and
analysis of network traffic for information gathering,
intrusion detection and legal evidence. We focus on the
technical aspects of network forensics rather than other
skills such as incident response procedures etc.. Hands
on sessions follow all the major sections.</p>
        
				<h5><b>What will you learn</b></h5>
				<ul>
				 
    <li>Recognise network forensic data sources.</li>
	<li>Perform network forensics using:<br />
		Wireshark<br />
                    NetFlow<br />
			Log analysis<br />
		
		
</li>
           <li>Describe issues such as encryption.</li>         
                  </ul>
        <h5>
        <b>Network forensics training course details</b> </h5>
				<div>
					<div>
						<ul>
							<li><b> Who will benefit:</b> </li>
							
              <p>Technical network and/or security staff. </p>
              
							<li><b>Prerequisites:</b></li>
							
              <p>TCP/IP foundation for engineers.</p>
              
							<li><b>Duration</b></li>
							
              <p>3 days</p>
              
							
              
              
						</ul>
					</div>
				</div>
      <h3><b>Network forensics training course contents</b></h3>
	<ul>				
					
<li>What is network forensics?</li><p>
What it is, host vs network forensics, purposes,
legal implications, network devices, network data
sources, investigation tools. <br /><span> Hands on </span> whois, DNS
queries.
					
</p><li>Host side network forensics</li><p>
Services, connections tools. <br /><span>Hands on</span> Windows
services, Linux daemons, netstat, ifoconfig/ipconfig,
ps and Process explorer, ntop, arp, resource
monitor.
</p><li>Packet capture and analysis</li><p>
Network forensics with Wireshark, Taps,
NetworkMiner. <br /><span>Hands on</span> Performing Network
Traffic Analysis using NetworkMiner and Wireshark.
</p><li>Attacks</li><p>
DOS attacks, SYN floods, vulnerability exploits,
ARP and DNS poisoning, application attacks, DNS
ANY requests, buffer overflow attacks, SQL
injection attack, attack evasion with fragmentation.
<br /><span>Hands on</span> Detecting scans, using nmap, identifying
attack tools.
</p><li>Calculating location</li><p>
Timezones, whois, traceroute, geolocation. Wifi
positioning. <br /><span>Hands on</span> Wireshark with GeoIP
lookup.
</p><li>Data collection</li><p>
NetFlow, sflow, logging, splunk, splunk patterns,
GRR. HTTP proxies. <br /><span>Hands on</span> NetFlow
configuration, NetFlow analysis.
</p><li>The role of IDS, firewalls and logs</li><p>
Host based vs network based, IDS detection styles,
IDS architectures, alerting. Snort. syslog-ng.
Microsoft log parser. <br /><span>Hands on</span> syslog, Windows
Event viewer.
</p><li>Correlation</li><p>
Time synchronisation, capture times, log
aggregation and management, timelines. <br /><span>Hands on</span>
Wireshark conversations.
</p><li>Other considerations</li><p>
Tunnelling, encryption, cloud computing, TOR.
<br /><span>Hands on</span> TLS handshake in Wireshark.
</p>
	</ul>

Definitive network forensics for engineers

<h3><b>Security+ training course description</b></h3>
        <p>
   A hands on course aimed at getting delegates successfully through the CompTia Security+ examination. </p>
        
				<h5><b>What will you learn</b></h5>
				<ul>
				 
   <li>Explain general security concepts.</li>
					<li>Describe the security concepts in communications.</li>
					<li>Describe how to secure an infrastructure.</li>
                    <li>Recognise the role of cryptography.</li>
					<li>Describe operational/organisational security.</li>
                  </ul>
        <h5>
        <b>Security+ training course details</b> </h5>
				<div>
					<div>
						<ul>
							<li><b> Who will benefit:</b> </li>
							
              <p>Those wishing to pass the Security+ exam.</p>
              
							<li><b>Prerequisites:</b></li>
							
              <p>TCP/IP foundation for engineers</p>
              
							<li><b>Duration</b></li>
							
              <p>5 days</p>
              
							
              
              
						</ul>
					</div>
				</div>
      <h3><b>Security+ training course contents</b></h3>
				<ul>	<li>General security concepts</li><p>
Non-essential services and protocols. Access
control: MAC, DAC, RBAC. Security attacks: DOS,
DDOS, back doors, spoofing, man in the middle,
replay, hijacking, weak keys, social engineering,
mathematical, password guessing, brute force,
dictionary, software exploitation. Authentication:
Kerberos, CHAP, certificates, usernames/
passwords, tokens, biometrics. Malicious code:
Viruses, trojan horses, logic bombs, worms.
Auditing, logging, scanning.
					</p><li>Communication security</li><p>
Remote access: 802.1x, VPNs, L2TP, PPTP,
IPsec, RADIUS, TACACS, SSH. Email: S/MIME,
PGP, spam, hoaxes. Internet: SSL, TLS, HTTPS,
IM, packet sniffing, privacy, Javascript, ActiveX,
buffer overflows, cookies, signed applets, CGI,
SMTP relay. LDAP. sftp, anon ftp, file sharing,
sniffing, 8.3 names. Wireless: WTLS, 802.11,
802.11x, WEP/WAP.
	</p><li>Infrastructure security</li><p>
Firewalls, routers, switches, wireless, modems,
RAS, PBX, VPN, IDS, networking monitoring,
workstations, servers, mobile devices. Media
security: Coax, UTP, STP, fibre. Removable
media. Topologies: Security zones, DMZ, Intranet,
Extranet, VLANs, NAT, Tunnelling. IDS: Active/
passive, network/host based, honey pots, incident
response. Security baselines: Hardening OS/NOS,
networks and applications.
	</p><li>Cryptography basics</li><p>
Integrity, confidentiality, access control,
authentication, non-repudiation. Standards and
protocols. Hashing, symmetric, asymmetric. PKI:
Certificates, policies, practice statements,
revocation, trust models. Key management and
certificate lifecycles. Storage: h/w, s/w, private key
protection. Escrow, expiration, revocation,
suspension, recovery, destruction, key usage.
	</p><li>Operational/Organisation security</li><p>
Physical security: Access control, social
engineering, environment. Disaster recovery:
Backups, secure disaster recovery plans.
Business continuity: Utilities, high availability,
backups. Security policies: AU, due care, privacy,
separation of duties, need to know, password
management, SLAs, disposal, destruction, HR
policies. Incident response policy. Privilege
management: Users, groups, roles, single sign
on, centralised/decentralised. Auditing. Forensics:
Chain of custody, preserving and collecting
evidence. Identifying risks: Assets, risks, threats,
vulnerabilities. Role of education/training. Security
documentation. 
</p>
				</ul>

54 TLS courses delivered Online

Cisco Implementing Secure Solutions with Virtual Private Networks v1.0 (SVPN)

By Nexus Human

SonicWall Network Security Professional Course - SNSP - NA

By Nexus Human

Cisco SD-WAN Security and Cloud Onboarding v1.1 (SDWSCS)

By Nexus Human

ICCC-CT-Installing and Configuring Cisco Cube/Gateways

By Nexus Human

Cisco SD-WAN Security and Cloud Onboarding v1.0 (SDWSCS)

By Nexus Human

Cisco Securing the Web with Cisco Web Security Applicance v3.0 (SWSA)

By Nexus Human

VMware NSX Advanced Load Balancer: Global Server Load Balancing Design and Deploy

By Nexus Human

Hands-on Linux - Self-Hosted WordPress for Linux Beginners

By Packt

CWS-315 Citrix Virtual Apps and Desktops 7 Advanced Administration

By Nexus Human

Cisco Implementing Cisco SD-WAN Solutions (ENSDWI) v2.0

By Nexus Human