Because of the tremendous growth of the Internet, network and
computer security is now recognized as essential. With the
increase in use, and the changes in technology, inevitably come
new threats, vulnerabilities, and increased risk. The paradigms
for security that were established a few short years ago must
metamorphose in order to meet the challenges of these changes. No
longer is antivirus software on every desktop and a single
firewall on a gateway sufficient. Further, we need to move from
defensive solutions, to enabling solutions.
This course will cover advanced topics in network and computer
security for the network and security administrator, discussing
the technology and mechanisms to employ and deploy to secure
computers and networks for the individual and the enterprise.
In this course you will learn:
The challenges of internetwork security
Survey of Hacker attach methods and tools
Defensive and offensive methods and mechanisms including
Multiple firewall deployment and management
VPNs — types and deployment, site-to-site and
user-to-site
Intrusion detection systems — types, strengths,
weaknesses, and use
Responding to Intrusion Detection
Protecting the road warrior
Hacker tools to use to test and verify firewall systems
and ID systems
You will leave with:
Overview of some common attacks
The good, the bad, and the ugly in technology solutions
Checklist for responding to ID reports
White papers on security technologies and types of
products
Contact information for keeping up with security
advisories and vendor patches
Pointers to free and commercial solutions to security
Directory of security sites, servers, and mailing lists
Upon completion of the course, participants will have a good
working understanding of the advanced use of firewalls,
cryptography and its use in network defense, intrusion detection
system use, and techniques for securing the telecommuter and
traveler. The participant will be able to evaluate advanced tools
and plan their deployment and use.
This course is for network managers, system administrators,
and security managers who know the basics — basic cryptographic
techniques, firewalls, and A/V software.
Course Outline
Security solutions before and now
How bad guys break into networks — threats and
vulnerabilities
Multiple layers and multiple methods in security
Enterprise firewall deployment
Configurations — the good and the bad
What does my company need from a firewall?
10 simple ways to increase the security of any
firewall product.
Intrusion Detection Systems
A taxonomy of IDS
Where and how to deploy IDS
How to make the most use of IDS
Dealing with IDS information overload
Strong (cryptographic based) user authentication
Virtual Private Networks
The technologies and types
Gateway to gateway
PC to gateway
Problems with the current crop of VPN
Questions to ask
Adaptive and Reactive Security
Securing the Road Warrior
Special needs, special vulnerabilities
Protection of communications
Protection of data
Hackers tools for verification and testing
Ultimate security — what to do with unlimited people,
time, and funds
There will be opportunities to share concerns, suggest
solutions, and map plans during class discussions through
interactive problem-solving workshops.