137 VPN courses in Cardiff delivered Live Online

Duration 5 Days 30 CPD hours This course is intended for The Microsoft 365 Endpoint Administrator is responsible for deploying, configuring, securing, managing, and monitoring devices and client applications in a corporate setting. Their duties include managing identity, access, policies, updates, and apps. They work alongside the M365 Enterprise Administrator to develop and execute a device strategy that aligns with the requirements of a modern organization. Microsoft 365 Endpoint Administrators should be well-versed in M365 workloads and possess extensive skills and experience in deploying, configuring, and maintaining Windows 11 and later, as well as non-Windows devices. Their role emphasizes cloud services over on-premises management technologies. In this course, students will learn to plan and execute an endpoint deployment strategy using contemporary deployment techniques and implementing update strategies. The course introduces essential elements of modern management, co-management approaches, and Microsoft Intune integration. It covers app deployment, management of browser-based applications, and key security concepts such as authentication, identities, access, and compliance policies. Technologies like Microsoft Entra ID, Azure Information Protection, and Microsoft Defender for Endpoint are explored to protect devices and data. Prerequisites The Modern Desktop Administrator must be familiar with M365 workloads and must have strong skills and experience of deploying, configuring, and maintaining Windows 11 and later, and non-Windows devices. 1 - Explore the Enterprise Desktop Examine benefits of modern management Examine the enterprise desktop life-cycle model Examine planning and purchasing Examine desktop deployment Plan an application deployment Plan for upgrades and retirement 2 - Explore Windows Editions Examine Windows client editions and capabilities Select client edition Examine hardware requirements 3 - Understand Microsoft Entra ID Examine Microsoft Entra ID Compare Microsoft Entra ID and Active Directory Domain Services Examine Microsoft Entra ID as a directory service for cloud apps Compare Microsoft Entra ID P1 and P2 plans Examine Microsoft Entra Domain Services 4 - Manage Microsoft Entra identities Examine RBAC and user roles in Microsoft Entra ID Create and manage users in Microsoft Entra ID Create and manage groups in Microsoft Entra ID Manage Microsoft Entra objects with PowerShell Synchronize objects from AD DS to Microsoft Entra ID 5 - Manage device authentication Describe Microsoft Entra join Examine Microsoft Entra join prerequisites limitations and benefits Join devices to Microsoft Entra ID Manage devices joined to Microsoft Entra ID 6 - Enroll devices using Microsoft Configuration Manager Deploy the Microsoft Configuration Manager client Monitor the Microsoft Configuration Manager client Manage the Microsoft Configuration Manager client 7 - Enroll devices using Microsoft Intune Manage mobile devices with Intune Enable mobile device management Explain considerations for device enrollment Manage corporate enrollment policy Enroll Windows devices in Intune Enroll Android devices in Intune Enroll iOS devices in Intune Explore device enrollment manager Monitor device enrollment Manage devices remotely 8 - Execute device profiles Explore Intune device profiles Create device profiles Create a custom device profile 9 - Oversee device profiles Monitor device profiles in Intune Manage device sync in Intune Manage devices in Intune using scripts 10 - Maintain user profiles Examine user profile Explore user profile types Examine options for minimizing user profile size Deploy and configure folder redirection Sync user state with Enterprise State Roaming Configure Enterprise State Roaming in Azure 11 - Execute mobile application management Examine mobile application management Examine considerations for mobile application management Prepare line-of-business apps for app protection policies Implement mobile application management policies in Intune Manage mobile application management policies in Intune 12 - Deploy and update applications Deploy applications with Intune Add apps to Intune Manage Win32 apps with Intune Deploy applications with Configuration Manager Deploying applications with Group Policy Assign and publish software Explore Microsoft Store for Business Implement Microsoft Store Apps Update Microsoft Store Apps with Intune Assign apps to company employees 13 - Administer endpoint applications Manage apps with Intune Manage Apps on non-enrolled devices Deploy Microsoft 365 Apps with Intune Additional Microsoft 365 Apps Deployment Tools Configure Microsoft Edge Internet Explorer mode App Inventory Review 14 - Protect identities in Microsoft Entra ID Explore Windows Hello for Business Deploy Windows Hello Manage Windows Hello for Business Explore Microsoft Entra ID Protection Manage self-service password reset in Microsoft Entra ID Implement multi-factor authentication 15 - Enable organizational access Enable access to organization resources Explore VPN types and configuration Explore Always On VPN Deploy Always On VPN 16 - Implement device compliance Protect access to resources using Intune Explore device compliance policy Deploy a device compliance policy Explore conditional access Create conditional access policies 17 - Generate inventory and compliance reports Report enrolled devices inventory in Intune Monitor and report device compliance Build custom Intune inventory reports Access Intune using Microsoft Graph API 18 - Deploy device data protection Explore Windows Information Protection Plan Windows Information Protection Implement and use Windows Information Protection Explore Encrypting File System in Windows client Explore BitLocker 19 - Manage Microsoft Defender for Endpoint Explore Microsoft Defender for Endpoint Examine key capabilities of Microsoft Defender for Endpoint Explore Windows Defender Application Control and Device Guard Explore Microsoft Defender Application Guard Examine Windows Defender Exploit Guard Explore Windows Defender System Guard 20 - Manage Microsoft Defender in Windows client Explore Windows Security Center Explore Windows Defender Credential Guard Manage Microsoft Defender Antivirus Manage Windows Defender Firewall Explore Windows Defender Firewall with Advanced Security 21 - Manage Microsoft Defender for Cloud Apps Explore Microsoft Defender for Cloud Apps Planning Microsoft Defender for Cloud Apps Implement Microsoft Defender for Cloud Apps 22 - Assess deployment readiness Examine deployment guidelines Explore readiness tools Assess application compatibility Explore tools for application compatibility mitigation Prepare network and directory for deployment Plan a pilot 23 - Deploy using the Microsoft Deployment Toolkit Evaluate traditional deployment methods Set up the Microsoft Deployment Toolkit for client deployment Manage and deploy images using the Microsoft Deployment Toolkit 24 - Deploy using Microsoft Configuration Manager Explore client deployment using Configuration Manager Examine deployment components of Configuration Manager Manage client deployment using Configuration Manager Plan in-place upgrades using Configuration Manager 25 - Deploy Devices using Windows Autopilot Use Autopilot for modern deployment Examine requirements for Windows Autopilot Prepare device IDs for Autopilot Implement device registration and out-of-the-box customization Examine Autopilot scenarios Troubleshoot Windows Autopilot 26 - Implement dynamic deployment methods Examine subscription activation Deploy using provisioning packages Use Windows Configuration Designer Use Microsoft Entra join with automatic MDM enrollment 27 - Plan a transition to modern endpoint management Explore using co-management to transition to modern endpoint management Examine prerequisites for co-management Evaluate modern management considerations Evaluate upgrades and migrations in modern transitioning Migrate data when modern transitioning Migrate workloads when modern transitioning 28 - Manage Windows 365 Explore Windows 365 Configure Windows 365 Administer Windows 365 29 - Manage Azure Virtual Desktop Examine Azure Virtual Desktop Explore Azure Virtual Desktop Configure Azure Virtual Desktop Administer Azure Virtual Desktop Additional course details: Nexus Humans MD-102T00 : Microsoft 365 Endpoint Administrator training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the MD-102T00 : Microsoft 365 Endpoint Administrator course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 3 Days 18 CPD hours This course is intended for This course is recommended for technical professionals who perform advanced deployment configurations of Check Point products. Overview Provide an overview of the upgrade service and options available. Explain how to perform management upgrade and migration. Articulate the process using CPUSE features. Articulate the purpose and function of Management High Availability. Explain Primary vs Secondary, Active vs Standby and Synchronization. Explain disaster recovery steps in case the primary management server becomes unavailable. Provide overview of Central Deployment in SmartConsole. Articulate an understanding of Security Gateway cluster upgrade methods. Explain about Multi Version Cluster (MVC) upgrades. Discuss Gaia Commands and how they are used. Explain the main processes on s and s. Describe how to work with scripts and SmartTasks to configure automatic actions. Explain the Management Data Plane Separation (MDPS) Explain kernel operations and traffic flow Articulate Dynamic and Updatable Objects in Security Gateways Explain the policy installation flow and files used. Describe the use of policy installation history. Explain concurrent and accelerated install policy. Describe an overview of APIs and ways to use and authenticate. Explain how to make changes in GAIA and management configuration. Explain how to install policy using API. Explain how the SecureXL acceleration technology enhances and optimizes Security Gateway performance. Describe how the CoreXL acceleration technology enhances and improves Security Gateway performance. Articulate how utilizing multiple traffic queues can make traffic handling more efficient. Discuss Site-to-Site VPN basics, deployment and communities. Describe how to analyze and interpret VPN tunnel traffic. Explain Link Selection and ISP Redundancy options. Explain tunnel management features. Discuss Check Point Remote Access solutions and how they differ from each other. Describe how client security can be provided by Remote Access . Explain authentication methods including machine authentication. Explain Multiple Entry Point (MEP). Discuss the Mobile Access Software Blade and how it secures communication and data exchange during remote connections. Learn basic concepts and develop skills necessary to administer IT security fundamental tasks. Course Outline Prepare for a Security Management Server Upgrade Upgrade the Security Management Server Deploy a Secondary Security Management Server Configure a Distributed Log Server Upgrade a Security Gateway from SmartConsole Work with the Command Line Use Scripts and SmartTasks Configure Dynamic Objects Monitor Traffic Verify Policy Installation and Status Work with Gaia and Management APIs Work with Acceleration Features Configure a Locally Managed Site to Site VPN Configure a Site to Site VPN with an Interoperable Device Configure Remote Access VPN Configure Mobile Access VPN Configure a High Availability Cluster Work with ClusterXL Configure Policy Compliance Deploy SmartEvent

Duration 3 Days 18 CPD hours This course is intended for The primary audience for this course is as follows: IT Staff and Managers Network and systems personnel and engineers Small to mid-sized organizations that require fundamental knowledge on networking terms/concepts and configuration guidance for Meraki equipment. This also includes organizations looking to implement remote sites, provide a guest wireless solution, and collect user analytics. Overview Following completion of this course, students will understand, Install, Configure, monitor, and Troubleshoot the following: Navigate and Configure the dashboard Add MX/MR/MS/MV devices to the Dashboard Understand and Configure Configuration Templates Understand and Configure Group Policies Manage/Configure/Integrate Users and Radius Policies Configure, Monitor, and Troubleshoot MX Firewalls Troubleshoot devices and Connectivity This 3-day Cisco course provide students with the skills to configure, optimize, and troubleshoot a Cisco Meraki solution. Students will learn how to install and optimize Meraki MX Firewalls. Students will also learn how to configure the Meraki Dashboard Students will troubleshoot and configure the Meraki environment and learn how to diagnose and resolve user and Network issues that may arise. Introduction to Meraki The Meraki Mission Cisco Meraki: Bringing the Cloud to Enterprise Networks Cloud-Managed Networking Architecture Benefits of a Cloud-Based Solution The Meraki Full Stack: New and Unique Value Proposition Meraki Deployment ? How it works Why Customers Choose Meraki Meraki MS Switches Overview Meraki MX Security Appliances Overview Meraki SD-WAN Overview Meraki MR Wireless Access Points Overview Cisco Meraki Systems Manager Overview Cisco Meraki MV Vision Security Cameras Overview Meraki API Overview Meraki Licensing Enterprise Support Cisco Meraki Documentation Cloud Management with the Meraki Dashboard The Meraki Dashboard Dashboard: Organizational Structure Out-of-band Cloud Management Loss of Connectivity to the Cisco Meraki Cloud Meraki Dashboard Logins Create Dashboard Accounts and Organization MSP Logins - Manage Multiple Organizations Modify an Organization View Organizations Health Meraki Dashboard Best Practices Dashboard Search Meraki Help Organizational Wide Settings Configure Monitor Create and Manage Configuration Templates Network-Wide Settings Configure Meraki MX Security Benefits of a Cloud Managed Security Solution Threat Management Solution Advanced Security Licenses Reliable, Cost Effective Connectivity with Meraki SD-WAN Site-to-Site VPN (Auto VPN) High Availability and Path Redundancy Application-Aware Intelligent Path Control Traffic Monitoring and Analytics Integrating Active Directory Cisco Meraki MX Models and Features Configuring the Local Status Page Adding Appliance to Network Device Configuration Configuring the Warm Spare Feature Device Tags & Notes Configuring Addressing & VLANs DHCP Server Configuration and Options Meraki Firewall Configuration Meraki Site-to-Site VPN One Arm VPN Concentrator Configuration Meraki Client VPN Meraki Active Directory Integration Meraki Access Control Meraki Splash Page Configuration Configuring Access Policies Teleworker VPN/L3 Roaming

Duration 2 Days 12 CPD hours This course is intended for Networking and security professionals involved in the design, implementation, and administration of a network infrastructure using FortiGate appliances. Overview Analyze a FortiGate's route table. Route packets using policy-based and static routes for multi-path and load balanced deployments. Configure SD-WAN to load balance traffic between multiple WAN links effectively. Inspect traffic transparently, forwarding as a Layer 2 device. Divide FortiGate into two or more virtual devices, each operating as an independent FortiGate, by configuring virtual domains (VDOMs). Establish an IPsec VPN tunnel between two FortiGate appliances. Compare policy-based to route-based IPsec VPN. Implement a meshed or partially redundant VPN. Diagnose failed IKE exchanges. Offer Fortinet Single Sign On (FSSO) access to network services, integrated with Microsoft Active Directory. Deploy FortiGate devices as an HA cluster for fault tolerance and high performance. Deploy implicit and explicit proxy with firewall policies, authentication, and caching. Diagnose and correct common problems. In this two-day course, you will learn how to use advanced FortiGate networking and security. Course Outline Module 1. Routing Module 2. Software-Defined WAN (SD-WAN) Module 3. Layer 2 Switching Module 4. Virtual Domains Module 5. Site-to-Site IPsec VPN Module 6. Fortinet Single Sign-On (FSSO) Module 7. High Availability (HA) Module 8. Web Proxy Module 9. Diagnostics

Carrier Ethernet training course description Ethernet is now the interface of choice for nearly all networking. This comprehensive course looks at the ways carriers can provide this Ethernet interface for their WANs and MANs. The course assumes delegates already have a solid foundation in Ethernet switching and so concentrates on just the Ethernet technologies for Carrier Ethernet. What will you learn Describe the main Carrier Ethernet services. Evaluate transports for Carrier Ethernet. Explain how Ethernet can work over MPLS and SDH. Explain the Ethernet technologies used to enable Carrier Ethernet. Carrier Ethernet training course details Who will benefit: Network engineers. Staff working for carriers. Prerequisites: Definitive Ethernet switching for engineers. Duration 2 days Carrier Ethernet training course contents Introduction What is Ethernet? LANs, MANs, WANs, Ethernet and switches in the LAN. Traditional LAN/WAN integration, routers. The Ethernet interface for the WAN. Standards: IEEE, MEF, OIF, Ethernet Alliance. Carrier Ethernet Services E-line: EPL, EVPL. E-LAN: EP-LAN, EVP-LAN. E-Tree: EP-Tree, EVP-Tree. Ethernet Services attributes. Applications: Carrier Ethernet for businesses, Mobile backhaul. Multicasting. Service attributes Bandwidth profiles, bandwidth parameters, Class of Service, QoS, MTU, Protection mechanisms: STP, RSTP, MSTP, Link aggregation, G.8031, G.8032. Transporting Carrier Ethernet The main options. 'Pure' Ethernet, Ethernet over SDH, Ethernet over WDM, Ethernet over MPLS. Ethernet switching, addresses and MAC address tables. Carrier Ethernet access technologies. EFM. Ethernet over MPLS What is MPLS, MPLS-TE, MPLS-VPN, L2 VPNs, VPLS, VPWS. MPLS Fast Reroute. CET 'Pure' Ethernet, Provider bridging 802.1d, Provider Backbone Bridges 802.1ah. Traffic engineering 802.1Qay. Carrier Ethernet technologies 802.1ad VLAN stacking, 802.1AX Link aggregation. 802.1Q QoS. OAM Standards, layers, interworking

Duration 3 Days 18 CPD hours This course is intended for Networking and security professionals involved in the management, configuration, administration, and monitoring of FortiGate devices used to secure their organizations' networks. Overview Deploy the appropriate operation mode for your network. Use the GUI and CLI for administration. Identify the characteristics of the Fortinet security fabric. Control network access to configured networks using firewall policies. Apply port forwarding, source NAT, and destination NAT. Authenticate users using firewall policies. Understand encryption functions and certificates. Inspect SSL/TLS-secured traffic to prevent encryption used to bypass security policies. Configure security profiles to neutralize threats and misuse, including viruses, torrents, and inappropriate websites. Apply application control techniques to monitor and control network applications that might use standard or non-standard protocols and ports. Fight hacking and denial of service (DoS). Defend against data leaks by identifying files with sensitive data, and block them from leaving your private network. Offer an SSL VPN for secure access to your private network. Implement a dial-up IPsec VPN tunnel between FortiGate and FortiClient. Collect and interpret log entries. In this three-day course, you will learn how to use basic FortiGate features, including security profiles. Course Outline Module 1. Introduction to FortiGate and the Security Fabric Module 2. Firewall Policies Module 3. Network Address Translation (NAT) Module 4. Firewall Authentication Module 5. Logging and Monitoring Module 6. Certificate Operations Module 7. Web Filtering Module 8. Application Control Module 9. Antivirus Module 10. Intrusion Prevention and Denial of Service Module 11. SSL VPN Module 12. Dial-Up IPsec VPN Module 13. Data Leak Prevention (DLP)

Duration 3 Days 18 CPD hours This course is intended for Any Managed Service Provider who is designing VMware SD-WAN solutions or managing SD-WAN networks for their customers. Overview By the end of this course, you should be able to meet the following objectives: Explain VMware SD-WAN architecture Outline VMware SD-WAN key components Discuss various Managed Service Provider (MSP) use cases and deployment options Deploy VMware SD-WAN Gateway, and VMware SD-WAN Edge Manage VMware SD-WAN Cloud VPN Design VMware SD-WAN for performance and scalability Configure the Partner Gateway handoff Customers demand a scalable, secure, and manageable VMware SD-WAN? by VeloCloud©. To deliver a successful solution you must understand VMware SD-WAN architecture, know how the features can solve customer use cases, and be able to design a VMware SD-WAN that can be easily deployed, managed, and expanded. Course Introduction Introductions and course logistics Course objectives Architecture and Core Features Evaluate the current state of the enterprise WAN and limitations for growth Describe the key components and features of the VMware SD-WAN architecture Explain VMware SD-WAN component placement and interactions between components List VMware SD-WAN core value differentiators Describe VMware SD-WAN core features Evaluate the effect of VMware SD-WAN differentiators on a SD-WAN site deployment VMware SD-WAN MSP use Cases, Deployment Models, and License Models Compare VMware SD-WAN use cases List VMware SD-WAN deployment models Describe each VMware SD-WAN license model Zero Touch Provisioning Provision VMware SD-WAN Edges Describe the workflow of a VMware SD-WAN Edge activation. Provision a VMware SD-WAN Virtual Edge on VMware ESXi VMware SD-WAN Cloud VPN Configure the VMware SD-WAN Cloud VPN Consider the availability settings when deploying a Cloud VPN Describe the packet flow in a Cloud VPN Routing and Branch Design Control SD-WAN overlay and underlay route advertisement Overlay flow control Describe best practices when designing VMware SD-WAN with BGP Evaluate branch design options VMware SD-WAN Security Explain VMware SD-WAN security architecture Describe VMware SD-WAN Edge security capabilities High Availability Designs Distinguish between Standard and Enhanced High Availability (HA) and Virtual Router Redundancy Protocol (VRRP) Designing for Performance and Scale List the SD-WAN factors that influence scalability and performance Describe VMware SD-WAN Edge Clustering Standing up a Partner Gateway Describe VMware SD-WAN Gateway functionality and roles Provision a VMware SD-WAN Gateway from VMware SD-WAN Orchestrator Demonstrate the procedure to install a VMware SD-WAN Gateway on ESXi Describe how BGP works together with a Partner Gateway hand-off MSP Operations and Version Management Identify the appropriate documentation Demonstrate account management Describe the VMware SD-WAN upgrade sequence Demonstrate a VMware SD-WAN Edge and VMware SD-WAN Gateway upgrade

Network virtualization training course description This course covers network virtualization. It has been designed to enable network engineers to recognise and handle the requirements of networking Virtual Machines. Both internal and external network virtualization is covered along with the technologies used to map overlay networks on to the physical infrastructure. Hands on sessions are used to reinforce the theory rather than teach specific manufacturer implementations. What will you learn Evaluate network virtualization implementations and technologies. Connect Virtual Machines with virtual switches. Explain how overlay networks operate. Describe the technologies in overlay networks. Network virtualization training course details Who will benefit: Engineers networking virtual machines. Prerequisites: Introduction to virtualization. Duration 2 days Network virtualization training course contents Virtualization review Hypervisors, VMs, containers, migration issues, Data Centre network design. TOR and spine switches. VM IP addressing and MAC addresses. Hands on VM network configuration Network virtualization What is network virtualization, internal virtual networks, external virtual networks. Wireless network virtualization: spectrum, infrastructure, air interface. Implementations: Open vSwitch, NSX, Cisco, others. Hands on VM communication over the network. Single host network virtualization NICs, vNICs, resource allocation, vSwitches, tables, packet walks. vRouters. Hands on vSwitch configuration, MAC and ARP tables. Container networks Single host, network modes: Bridge, host, container, none. Hands on Docker networking. Multi host network virtualization Access control, path isolation, controllers, overlay networks. L2 extensions. NSX manager. OpenStack neutron. Packet walks. Distributed logical firewalls. Load balancing. Hands on Creating, configuring and using a distributed vSwitch. Mapping virtual to physical networks VXLAN, VTEP, VXLAN encapsulation, controllers, multicasts and VXLAN. VRF lite, GRE, MPLS VPN, 802.1x. Hands on VXLAN configuration. Orchestration vCenter, vagrant, OpenStack, Kubernetes, scheduling, service discovery, load balancing, plugins, CNI, Kubernetes architecture. Hands on Kubernetes networking. Summary Performance, NFV, automation. Monitoring in virtual networks.

Security+ training course description A hands on course aimed at getting delegates successfully through the CompTia Security+ examination. What will you learn Explain general security concepts. Describe the security concepts in communications. Describe how to secure an infrastructure. Recognise the role of cryptography. Describe operational/organisational security. Security+ training course details Who will benefit: Those wishing to pass the Security+ exam. Prerequisites: TCP/IP foundation for engineers Duration 5 days Security+ training course contents General security concepts Non-essential services and protocols. Access control: MAC, DAC, RBAC. Security attacks: DOS, DDOS, back doors, spoofing, man in the middle, replay, hijacking, weak keys, social engineering, mathematical, password guessing, brute force, dictionary, software exploitation. Authentication: Kerberos, CHAP, certificates, usernames/ passwords, tokens, biometrics. Malicious code: Viruses, trojan horses, logic bombs, worms. Auditing, logging, scanning. Communication security Remote access: 802.1x, VPNs, L2TP, PPTP, IPsec, RADIUS, TACACS, SSH. Email: S/MIME, PGP, spam, hoaxes. Internet: SSL, TLS, HTTPS, IM, packet sniffing, privacy, Javascript, ActiveX, buffer overflows, cookies, signed applets, CGI, SMTP relay. LDAP. sftp, anon ftp, file sharing, sniffing, 8.3 names. Wireless: WTLS, 802.11, 802.11x, WEP/WAP. Infrastructure security Firewalls, routers, switches, wireless, modems, RAS, PBX, VPN, IDS, networking monitoring, workstations, servers, mobile devices. Media security: Coax, UTP, STP, fibre. Removable media. Topologies: Security zones, DMZ, Intranet, Extranet, VLANs, NAT, Tunnelling. IDS: Active/ passive, network/host based, honey pots, incident response. Security baselines: Hardening OS/NOS, networks and applications. Cryptography basics Integrity, confidentiality, access control, authentication, non-repudiation. Standards and protocols. Hashing, symmetric, asymmetric. PKI: Certificates, policies, practice statements, revocation, trust models. Key management and certificate lifecycles. Storage: h/w, s/w, private key protection. Escrow, expiration, revocation, suspension, recovery, destruction, key usage. Operational/Organisation security Physical security: Access control, social engineering, environment. Disaster recovery: Backups, secure disaster recovery plans. Business continuity: Utilities, high availability, backups. Security policies: AU, due care, privacy, separation of duties, need to know, password management, SLAs, disposal, destruction, HR policies. Incident response policy. Privilege management: Users, groups, roles, single sign on, centralised/decentralised. Auditing. Forensics: Chain of custody, preserving and collecting evidence. Identifying risks: Assets, risks, threats, vulnerabilities. Role of education/training. Security documentation.

IP security training course description Connection to the Internet is becoming an essential business tool. This course looks at firewalls, digital certificates, encryption and other essential topics for e-commerce sites. A generic course that looks at firewalls and VPNs. Hands on sessions include using hacking tools and configuring firewalls. What will you learn Describe: Basic security attacks RADIUS SSL IPSec VPNs Implement digital certificates Deploy firewalls to protect Web servers and users. Secure Web servers and clients. IP security training course details Who will benefit: Network administrators. Network operators. Security auditors Prerequisites: TCP/IP foundation for engineers Duration 2 days IP security training course contents TCP/IP review Brief overview of the relevant headers. Hands on Download software for course, use analyser to capture passwords on the wire. Security review Policies, Types of security breach, denial of service, data manipulation, data theft, data destruction, security checklists, incident response. Security exploits The Internet worm, IP spoofing, SYN attack, hijacking, Ping o' Death… keeping up to date with new threats. Hands on Use a port scanning tool, use a 'hacking' tool. Firewalls Products, Packet filtering, DMZ, content filtering, stateful packet inspection, Proxies, firewall architectures, Intrusion Detection Systems, Viruses. Hands on Set up a firewall and prevent attacks. NAT NAT and PAT, Why use NAT, NAT-ALG, RSIP. Encryption Encryption keys, Encryption strengths, Secret key vs Public key, algorithms, systems, SSL, SSH, Public Key Infrastructures. Hands on Run a password-cracking program. Authentication Types of authentication, Securid, Biometrics, PGP, Digital certificates, X.509 v3, Certificate authorities, CRLs, PPP authentication, RADIUS. Hands on Using certificates. Web client and server security Cookies, browser certificates, censorship, PICS. Operating system security, Web server user authentication, Restricting access, Logging, Securing CGI scripts. Hands on Browser security. VPNs and IPSec What is a VPN, tunnelling, L2F, PPTP, L2TP, IPSec, AH, ESP, transport mode, tunnel mode.