NETWORK ARCHITECTURE AND SECURITY

Network Architecture and Security course aims to provide advanced underpinning knowledge of network architecture, security principles, and how to identify and manage threats.

Learning Outcomes

The learning outcomes are:

· Understanding the creation of firewalls, with the creation of networks and hosts, and in firewalling services between them.

· Understand how signatures can be created to detect network events, and test the success of these.

· Understand how penetration tools are used to assess how intruders might compromise system, and how they are used to assess internal systems.

· Understand how network and service logs can be used to detect and analyse threats.

· Understand how best to cope with a threat within a team, and provide a report of this.

Sessions

The sessions are:

Session1.

In-depth coverage of Network Architectures. Windows and Linux service setup and maintenance. Firewall setup with NAT including DMZ, Public and Private networks. This includes the setup of open source firewalls such as Vyatta and pfSense for firewalling and for the creation of services such as DHCP.

Session2.

Network Architecture Creation. This will focus on the creation network architectures with the segmentation of networks and the implementation of firewalling, along with debug methods.

Session3.

Introduction to Penetration Testing (Scanning) and Intrusion Detection Systems. NMAP, Nessus and Kali Linux. This outline how real-life networks and severs can be scanned to identify vulnerabilities, and will use both Windows and Linux scanners, with an outline of the reporting of vulnerabilities found. It will also outline the detection of key network events such as DDoS, username cracking, Botnet activity, Malware, and so on. The labs will show how a signature can be captured and then applied into a firewall in order to block malicious content.

Session4.

Services, logging and intrusions This session will focus on setting up logging to show the traces of user activity activity within log files, and how to create signatures to detect these.

Session5.

Web Attacks and Logging. This session will investigate a range of malicious activities, including XSS and SQL injection, and how on observing the network traffic and logs related to these.

Session6.

Big Data Integration. This will finalise the security assessment training, with some Big Data analysis of security logs and network packets.

(Course Homepage)