IP Network Security
- Duration: 2 days or 12 hours
- Level: Level 3
IP Network Security
Course Outline
Divided into 8 sections, the topics covered will include:
Section 1: The Threat Landscape (2 hours)
- Current Summary of the Threats Associated with IP Based Networks.
- Threat Explanation and Analysis - Malware, Botnets, DDoS, Hacking, Fraud.
- Threats to Next Generation Networks.
- Future Trends in the Threat Climate.
Section 2: The Principles of Security (1 hour)
- Ensuring the Confidentiality, Integrity, Authenticity and Availability of Network Traffic.
- Encryption Techniques and Algorithms - Symmetrical (Block and Stream) and Asymmetrical Ciphers, AES.
- Integrity and Authentication Checking - Digital Signatures and Certificates.
- Availability - Protection against DDoS, Redundancy and Resiliency.
Section 3: Authentication and Authorization (2 hours)
- Techniques Used to Support Authentication - RADIUS, Diameter, PKI (X.509), EAP.
- Passwords and Password Cracking.
- Identity Based Networking - 802.1X.
- Hacking Methodology - Steps to Hacking, Popular Hacking Tools.
- Hacking Counteraction Mechanisms.
Section 4: Securing IP Traffic (2 hours)
- IPSec Operation - Selectors, SPD, SAD, SA.
- IPSec Varieties - AH and ESP.
- IPSec AH and ESP Header Functionality.
- SA Establishment Using IKEv2.
- SSL and TLS.
- TLS Handshake Procedures.
Section 5: Service Provider Security Mechanisms (2 hours)
- GSM and UMTS Security Features.
- LTE Security Features.
- EAP-TLS, EAP-TTLS, EAP-SIM.
- WiMAX Security Features.
- xDSL Security Features.
- IMS AKA.
Section 6: Protocol Security Considerations for NGN Protocols (1 hour)
- NGN Soft Switch Architecture.
- Vulnerabilities and Protection Mechanisms - H.248, SIP, SDP, RTP.
Section 7: Security Solutions for the Network (1 hour)
- Overview of the Hardware Devices Used to Protect the Network.
- Firewall Operation.
- Intrusion Detection and Prevention - IDS, IPS.
- Admission Control Systems.
- DoS Mitigation Tools.
- SBC.
Section 8: Security Implementation and Management (1 hour)
- Security Strategies - Security Policy Review, Asset and Threat Identification, Risk Assessment, Testing.
- Defence in Depth Architecture.
- Disaster Recovery - Initial Assessment, Damage Reduction, Legal Issues, Asset Recovery.
In an ever changing security climate, Service Provider Next Generation Networks must be secure enough to mitigate against the potential threats posed by cybercrime. This course is designed to provide a concise evaluation of the current security climate, detailing the threats currently affecting the IP networking world, in addition to outlining the tools and techniques available to protect against these threats.
Who Should Attend
Network Engineers requiring a comprehensive overview of Telecommunications and IP Network Security. Technical Staff involved in the development and deployment of an IP based Next Generation Network.
Pre - Learning
Pre-Learning is provided to prime those attending the instructor led phase. Each lesson is based on an interactive online format and should take about 30 minutes to complete. The pre-Learning lessons are:
- Test of Understanding - Try the online check to see how much you know.
- Packet Switching.
- Protocol Stacks and IP.
- IP Addressing.
- Problems with IP in Next Generation Networks.