Get Technical Help
Upcoming Events
Designing Secure Network Architecture

Designing Secure Network Architecture

Description

Securing the information systems environment is one of the important tasks of the organization IT. This course focuses on the design, analysis, and implementation of enterprise-level security information systems. This course will expose the student to secure computing and networking concepts, security protocols and principles along with practical networking security methodologies.

The course starts with the risks and risk analysis methods, continues with protocols and security algorithms, network security and how to implement it, operating systems, and security devices. The course finalizes with network analysis and common tools that can be used for the purpose.

Course Objectives

Upon completing the course, the participants will be able to:

  • Describe the architecture & components of core and perimeter network protection
  • Understand the use of detection and response tools and mechanisms
  • Understand how do securely deploy wired and wireless network
  • Use common scanning and analysis tools

Topics

The following topics are covered in the course

  • Thinking security
  • Risks and risk assessment
  • Security protocols – encryption and authentication
  • Core and perimeter protection
  • Detection and response
  • Anti-malware technologies
  • OSs security and protection
  • Network security – how to secure the network and its components
  • Wireless communication security
  • Network and computer forensics and analysis

Target Audience

CIOs and IT managers, information security managers, system administrators, network and system engineers

 

Prerequisites

Good knowledge in networking and network protocols

Duration

3 Days

Outline

Data Networks Structure and Weakness Points

  • Data Centers and enterprise networks architecture and components
  • Data, control, and management planes
  • Cloud connectivity and threats
  • The new world networks – SDN/NFV and potential threats
  • Type of attacks and where they are implemented

Network architecture and protocols

  • L2 protocols – Ethernet and LAN switching mechanisms
  • IP, ARP and routing protocols
  • TCP/UDP structure and network behavior
  • Application-level protocols
  • Encapsulation and tunneling

Security architecture and protocols

  • Encryptions basics and protocols
  • Authentication basics and protocols
  • Authorization and access control protocols
  • Certificates and digital signatures
  • IPSec and key-management protocols
  • SSL/TLS and Proxies
  • IKE and public key infrastructure
  • RADIUS/TACACS and AAA systems
  • Network security components – FW, IDS/IPSs, NAC, WAFs and others

Network based attacks and tools

  • Active and passive attacks
  • DoS/DDoS attacks and flooding
  • Spoofing and smurf attacks
  • L2 Attacks and ARP Poisoning
  • L3/4 ICMP and port scanning
  • Reconnaissance and information gathering
  • DHCP Starvation

Information gathering and Eavesdropping

  • Packet analysis tools – Wireshark, TCPDump and others
  • Using Linux/Shell tools and Python/Pyshark for deep network analysis
  • Advanced packet dissection with LUA
  • ARP spoofing, session hijacking and data hijacking tools, scripts and techniques
  • Packet generation and replaying tools and when to use them

Attacks on Network Devices and their characteristics

  • Network devices structure and components
  • Memory and buffers structure and exhaustion attacks
  • Memory corruption and exploit mitigations
  • Storage structure and exhaustion attacks
  • CPUs structure and exhaustion attacks

Network Traffic Analysis and Eavesdropping

  • Packet analysis tools – Wireshark, TCPDump and others
  • Using Linux/Shell tools and Python/Pyshark for deep network analysis
  • Advanced packet dissection with LUA
  • ARP spoofing, session hijacking and data hijacking tools, scripts and techniques
  • Packet generation and replaying tools and when to use them

Network Protocols – How to Attack and How to Protect – Methodologies and Tools

  • Layer-2 storms and how to generate them
  • Storm identification, where can it block the network and what to
  • IP-based attacks, DHCP starvations, ARP Poisoning
  • ICMP-Based attacks, Teardrops, Ping scans, Ping of death, L3 DDoS
  • MAC and IP Spoofing
  • IP fragmentation attacks
  • Deep dive into UDP and TCP protocols data structure and behavior
  • Syn Flood and SYN stealth scans attacks and countermeasures
  • RST and FIN attacks and countermeasures
  • TCP sequence attacks and session hijacking attacks
  • TCP/TLS attacks and prevention

Wireless network security

  • Protocols, operation, and implementation – 802.11 versions, operating principles
  • Security protocols – WEP, WPA, WPA-PSKWPA2, WPA3, 802.11i, TKIP, AES and CCMP, 802.1X and EAP
  • Common attacks on Wireless networks – adding a fake AP, Eavesdropping, encryption cracking, authentication attacks, MAC spoofing and more
  • WLAN security architectures and how to protect your Wireless network

Securing routing networks and protocols

  • IGP standard protocols – RIP (brief), OSPF and ISIS protocols behaviors
  • RIP, OSPF and ISIS data structure
  • Potential threats and common attacks – falsification, overclaiming and disclaiming
  • Tools and scripts
  • DDoS, mistreating and attacks on routers control plane
  • HEADING 6: Routing tables poisoning and attacks on management plane
  • Traffic generation and attacks on data plane
  • How to configure your routers to protect
  • BGP – protocol and operation
  • What are the symptoms of BGP hijacking?
  • How to protect against BGP hijacking

Internet Protocols Security – DNS, HTTP and Mail Protocols

  • The DNS protocols, behavior and data structure
  • Attacks on service: Domain spoofing and hijacking, Flooding, Cache poisoning
  • Using DNS to bypass network controls: DNS tunneling
  • Attacks on DNS resources: NX records, subdomains
  • DNS attacks discovery and protection: tools and analysis
  • HTTP and HTTP2 protocol behavior, data structure and analysis
  • SSL/TLS protocol behaviour, data structure and analysis
  • HTTP hacking tools – scanners, vulnerability checker and others
  • Web hack – URL interceptions, Input validation, SQL injection, Buffer overflow
  • Web hacks – HTTP session hijacking and impersonation
  • eMail protocols, vulnerabilities and how to protect your network and messaging
  • Countermeasures and defence

Enterprise Applications Security – Databases, Filesystems and More

  • Microsoft network protocols – NetBIOS/SMB and LDAP operation and vulnerabilities
  • Database network protocols – TDS and SQLNet operation and vulnerabilities
  • Attacking DB protocols: tools and methods, DB injection methods
  • Protecting NetBIOS and LDAP
  • Securing your databases through the network and servers

IP Telephony and Collaboration Services Security

  • SIP and RTP – Protocols, operations and vulnerabilities
  • Attack and destroy – DoS, Sessions tear down, Fuzzing and more
  • Attack and take – registration manipulation, Man in the Middle, redirects and more
  • Discover and identify attacks
  • Protecting methodology and tools

Using Behaviour Analysis and Anomaly Detection

  • Collection methods – agents, Netflow/IPFix, Telemetry and packet analysis
  • Establishing the baseline – traffic loads, applications, and protocols patterns
  • Typical suspicious patterns

 

  • 3 full day meetings
  • 24 hours
  • Intensive
Please contact us for more information:
  • This field is for validation purposes and should be left unchanged.
Share with friends
Contact Us
contact
Contact Form
  • This field is for validation purposes and should be left unchanged.