 |
|
|
|
||
|
|
|
|
|
|||||
|
|
|
|
||||||
|
|
||||||||
|
|
||||||||
|
|||||||||
|
|||||||||
|
|
 |
 |
|
||||||||||||||||||||||||||||||
|
|
|
Introduction to Network Security (SEC-100) The Internet today is not what it once was. Problems abound everywhere but most especially in network security. This session will take a look back at the network security events of 2001 to help attendees understand the need for improved network security. This class will introduce session attendees to the basic components and technologies of network security, including authentication, firewalls, intrusion detection, and VPNs. The session will discuss basic security practices that complement the use of security technologies. This session is appropriate for all attendees interested in network security fundamentals and will help prepare the attendees to attend subsequent network sessions focused on security. Back to top Design Principles for Secure Enterprise Networks Part I (SEC-200) As security expands from special purpose devices to an integrated component of the network, designing sound network security becomes very important. This session, updated from last year's presentation on the same subject, presents a lively story that chronicles a hacker's conflict with an overworked IT staff. As the attack forays escalate, the IT staff is forced to learn and deploy new countermeasures. These include design, technology, and configuration modifications affecting access control, intrusion detection, authentication, and management systems. Participants will learn how small issues in a network can lead to large security compromises. This session, which is the first part of a two-part session, is for network engineers who design and implement security in enterprise environments. Part 2 is a comprehensive examination of three networks of varying sizes that are designed from the ground up to be secure. The following sessions cover information you may find useful if you register for this session: SEC-201 (Part 2) is a comprehensive examination of three networks of varying sizes that are designed from the ground up to be secure. This session is designed to be particularly useful for attendees working in the following areas: network engineers who design and implement security in enterprise environments. Back to top Design Principles for Secure Enterprise Networks Part II (SEC-201) Deploying today's next-generation networks requires a keen eye for security issues. Unfortunately, many of today's implementations rely too heavily on the actual deployment of security products, rather than a complete understanding of how these products fit into an overall network security system. This session presents three networks of varying size designed to be secure from the ground up. The networks scale from deployments where a single device performs most of the security requirements to a high-end resilient design with many special purpose security appliances. Design decisions and key technology configurations will be provided for each network, with special attention given to the deployment of newer technologies including wireless and voice over IP (VoIP). After each network is presented, the results of a systematic network attack will be explained. Participants will learn how network security can be deployed in a systematic fashion to mitigate security risks. This session is for network engineers who design and implement security in enterprise environments. This is Part 2 of a two-part course. Part 1 outlines several common security design missteps and discusses their remedies. It is an updated reprise of the highly popular Networkers 2001 Designing Secure Networks session. The following sessions cover information you may find useful if you register for this session: SEC-200 (Part 1) outlines several common security design missteps and discusses their remedies. This session is designed to be particularly useful for attendees working in the following areas: network engineers who design and implement security in enterprise environments. Back to top Layer 2 Attacks and Their Mitigation (SEC-202) Every network today is built on the foundations of the 7-layer OSI model. This session will spend two hours focusing on the security issues around Layer 2, the Data Link layer. With a significant percentage of all network attacks originating from inside the corporate firewall, exploring this soft underbelly of data networking is critical for any secure network design. Security issues addressed include: ARP Spoofing, MAC Flooding, VLAN hopping, Auto-VLAN trunking, packet sniffing and STP concerns. Common myths with Ethernet switch security will be either confirmed or debunked and security lockdown recommendations will be provided. Attendees can expect to learn layer 2 design considerations from a security perspective, and mitigation techniques for common L2 attacks. This session is for network designers, administrators, and engineers in all areas of data networking. Back to top Understanding Identity and Network Policy Management (SEC-203) This session provides the audience with an indepth look at the technologies associated with identity and policy management for network and service access. It explores the features associated with Authentication, Authorization, and Accounting (AAA), as well as the mechanisms (RADIUS, 802.1x, LEAP, etc.) used to enforce AAA-configured policies. The session balances theoretical understanding with additional emphasis on real world deployment and troubleshooting. This session is designed to be particularly useful for attendees working in the following areas: Network managers, architects, engineers and security officers concerned with network and service access security. Back to top Deploying and Managing Enterprise IPsec VPNs (SEC-210) This presentation will address how to deploy and manage remote access and site-to-site IPsec VPNs. Key topics covered include device placement, deployment topologies, high availability, security policy enforcement, IPsec interaction with other technologies, and configuration management and monitoring. This session is designed for network and system operators responsible for deploying IPSec in their networks. The following sessions cover information that you may find useful if you register for this session: SEC-300 Troubleshooting IOS and PIX Firewall Based IPsec Implementations and SEC-311 Troubleshooting Cisco VPN3000 IPsec Design and Implementation. You should have familiarity with IPsec and related security technologies before attending this session. Back to top Deploying and Managing Firewall Technology (SEC-220) Firewall technology often is the primary line of defense against external threats to networks, computers and business critical information. Firewalls can also be used to partition intranets reducing the risk from insider attacks. Network Firewalls are enforcement points for an organizations security policy. This session will discuss differences in Firewall architectures and approaches. It will examine how different types of Firewalls are deployed in a number of common design scenarios. This course will also provide detailed design information for using firewall technology in secure Internet gateways for enterprise networks. Finally, Firewall management as part of an overall security policy will be discussed. This session is appropriate for all Networkers attendees interested in network security policy and the deployment and management of Firewalls. Back to top Deploying and Managing Intrusion Detection Systems (SEC-230) As networks and access points into them become more diverse and complicated, the traditional strategies of network security, once considered bedrock, are now fighting an uphill battle for control. With VPN, dialin, wireless, and partner connections to consider, the trustworthiness of your internal networks is not what it was once believed to be. To address this additional risk by using the islands of security model is fast becoming a necessity. Integral to this is a robust Intrusion Detection System. This session will take a detailed look at proper enterprise deployment strategies as well as next steps going forward. Covered topics will include sensor placement, event management, and operational reactions. Also addressed in the session will be some of the myths surrounding Intrusion Detection Systems in general. This talk is primarily directed at engineers who will deploying, managing, and maintaining Intrusion Detection Systems. However, there will also be enough material covering high level planning and strategies to make it of value for almost anyone. Back to top Troubleshooting IOS and PIX Firewall-Based IPsec Implementations (SEC-310) This session demonstrates detailed techniques for troubleshooting Cisco IOS and Cisco Secure PIX Firewall based IPSec designs and implementations. It covers the debugging tools available within Cisco IOS and Cisco Secure PIX firewall to troubleshoot IPsec VPN configurations. Based on the experiences of Cisco TAC engineers, this session also provides solutions to the most commonly seen issues concerning IPsec VPN designs and implementations. The following sessions cover information that you may find useful if you register for this session: SEC-210 Deploying and Managing Enterprise IPsec VPNs and SEC-311 Troubleshooting Cisco VPN3000 IPsec Design and Implementation. This session will be useful to customers who have deployed IPsec VPNs using either Cisco IOS or Cisco Secure PIX Firewalls. Back to top Troubleshooting VPN3000 IPsec Implementations (SEC-311) The Cisco VPN 3000 series concentrator is a best-of-breed, remote-access VPN solution for enterprise class deployment and is regarded as one of the best VPN devices in the market today. This session demonstrates various methodologies and techniques in troubleshooting remote-access and site-site IPsec implementations. It covers a detailed description of the logs, provides troubleshooting tips and resolution to common issues and discusses case studies involving real-world scenarios. Back to top Troubleshooting Firewalls (SEC-320) Firewalls are a crucial component of today's networks. If they are not operating as you intend them, the impact can be huge. This session will focus on useful techniques for quickly identifying and resolving firewall issues. The content will site specific scenarios where these techniques can be used to maintain the smooth operation of the firewall. This presentation will focus on the PIX Firewall as well as the Cisco IOS Firewall. Attendees will leave this session with the information they need to quickly and effectively maintain their Cisco Firewall. Back to top Troubleshooting Intrusion Detection Systems (SEC-330) How do you know if someone has been sleeping in your network? We all know that intrusion detection is important, but how do we maintain or diagnose issues with the system? This session is for network engineers who are responsible for maintaining their networks' intrusion detection systems. We will focus on identifying and troubleshooting the daemons and services of the sensor appliance and the sensor management applications. Attendees will be equipped with the tools and information they need to resolve these issues. Back to top Advanced Concepts in Security Threats (SEC-400) 2001 may well be remembered as the Year of the Internet Worms as well as the year of Wired Equivalent Privacy (WEP) exploits. The Internet worm affected programs such as CodeRed, CodeRed II, Nimda, and sadmind/UNICODE, wreaked havoc not just on Web and other Internet servers but on the Internet infrastructure itself. Wireless LANs (WLANs) provided difficulties for network security professionals by the discovery of significant and critical weaknesses in the WEP scheme used by WLANs. Problems such as replay attacks, the Fluhrer, Mantin, and Shamir attack on RC4, and IV collisions added to WEP and WLAN woes. This class will examine in detail the inner workings of the Internet worms discussed above as well as take a hard look at the vulnerabilities of wireless LANs and WEP. The session will describe the underlying mechanics of as well as how to defend a network against these attacks. This session is open to all attendees interested in having a greater understanding of these problems and will be particularly useful for attendees involved with network security. Back to top Advanced IPsec Concepts (SEC-410) This session will go into a detailed analysis of how the Internet Key Exchange (IKE) and other IPsec protocols work. The session will also do a separate analysis of the authentication protocols involved in the IKE process. Encryption and Hashing mechanisms used in IPsec will also be discussed. After describing the workings of these main protocols and mechanisms, the presentation will go into an analysis of how some of the most important IPsec features actually work. Examples of these features are: mode configuration, extended authentication, Dead Peer Discovery (DPDs), IPsec NAT traversal and TED. IPsec's MTU related issues and IPsec's interaction with QOS will also be looked into. The emphasis will be on giving protocol-level details of how the various features have been implemented. Packet flow-charts and descriptions of the various fields in the packets will be the mainstay of this presentation. An essential session for VPN implementation experts who would like to gain a deeper understanding of how various IPsec-based VPN configurations actually work. Back to top
|
 |
|
||||||||||||||||||||||||||||||
 |
|
|
|
|
||||||||||||||||||||||||||||||
|
|
|
|
| Important NoticesPrivacy Statement | |||
