1-800-THE-TREE (1-800-843-8733)
 

Controlling Network Access: Hands-On

 
Course: 941     Type: Hands-On Training     Duration: 4 Days

Quick Enroll    

You Will Learn How To
  • Secure enterprise networks using access control tools and best practices
  • Deploy advanced filtering techniques to add state and support Quality of Service (QoS)
  • Block attack traffic using intrusion prevention systems (IPS) and application-level firewalls
  • Detect, mitigate and limit the impact of zero-day attacks with IPS
  • Deny rogue and untrusted computer access with network access control (NAC) and 802.1x authentication
  • Ensure secure communication with IPsec and SSL/TLS VPNs

Course Benefits
As enterprises expand, networks are exposed to increasing amounts of traffic that can pose a threat to mission-critical data. The ability to control internal and external access is vital in establishing a secure architecture. In this course, you gain the practical skills and knowledge required to perform information assurance that protects data integrity and maintains organizational credibility.

Who Should Attend
This course is valuable for network and security administrators, engineers, architects and others who design, implement or manage access control within the enterprise. Knowledge of networking and security fundamentals at the level of Course 468, "System and Network Security Introduction," is assumed.

Hands-On Training
Through an evolving case study, you gain practical experience securing the enterprise by applying access control methodology that incorporates industry best practices. Exercises include:
  • Configuring routers and switches to support advanced filtering
  • Hardening perimeter devices
  • Deploying a Web-application firewall
  • Implementing a network-based IPS to mitigate or stop simulated attacks
  • Filtering protocols and Web-based content
  • Defeating zero-day attacks with host-based IPS
  • Applying NAC solutions
  • Securing remote access with VPN technology

Course 941 Content
Establishing a Secure Framework
Building a robust enterprise
  • Investigating security model components
  • Validating your organization's security policy
  • Quantifying risk to determine access controls
Deploying TCP/IP
  • Identifying network protocols
  • Blueprinting encapsulation
  • Analyzing headers to classify packets
Fortifying the Perimeter
Best practices for device configuration
  • Securing access to devices
  • Hardening routers and switches
Applying advanced filtering techniques
  • Prioritizing network traffic
  • Classifying traffic to achieve Quality of Service (QoS)
  • Ingress and egress filtering
  • Providing state with context-based access controls
Mitigating threats using port security
  • Preventing address spoofing
  • Containing resource starvation
Strengthening Gateway Defense
Traffic filtering methods
  • Stateless vs. stateful packet filters
  • Application proxies
  • Web application firewalls: Profense, mod_security
Differentiating firewall architectures
  • Refining the topology
  • Setting a security perimeter
  • Combining components to give defense in depth
Managing access
  • Safeguarding application servers
  • Supporting DMZ services
Implementing Network Intrusion Prevention
Decoding traffic using protocol analyzers
  • Fingerprinting Operating Systems
  • Interpreting malicious traffic
  • Establishing thresholds and boundaries
Curtailing the network threat
  • Inspecting network traffic for abnormal activity
  • Leveraging intrusion prevention technologies
  • Correlating signature- and anomaly-based events
Filtering Content
Essential proxy principles
  • Constructing proxy controls
  • Assessing proxy operations
Strategizing content filter deployment
  • Preventing malicious Web-based content
  • Validating Ajax and SOAP messages
Protecting the Infrastructure
Surveying the network
  • Defensive techniques with an offensive mindset
  • Dissecting an attack methodology
Shielding against zero-day exploits
  • Defeating attacks with host-based intrusion prevention
  • Processing system calls and system-level access
Network Access Control (NAC)
Establishing an effective NAC
  • Identifying NAC requirements
  • Partitioning and segmenting zones
  • Neutralizing rogue clients
Enforcing user identity-based controls
  • Guest, contractors and others
  • Maintaining awareness of who is on your network
Controlling and securing authentication
  • Implementing 802.1x port access control
  • Pruning ports to deter intrusion
Securing Remote Access
Building Virtual Private Networks (VPNs)
  • Tunneling with IPsec and SSL/TLS
  • Developing secure communications
Supporting remote users
  • Site-to-site vs. client-to-site
  • Avoiding pitfalls of split tunneling
The Future of Access Control
  • Screening complex protocols
  • Expanding de-perimeterization across the enterprise

Related Courses
  
 
Request More Info

Salutation

First Name

Last Name

Company

Zip Code

Country
   Codes
Work Phone

Extension

E-mail

A representative will contact you to follow up your request.
Privacy Statement

Save an EXTRA $200 on a 10-Day Training Pass!

Controlling Network Access: Hands-On
Upcoming Dates
Sep 9 - 12, 2008
 Washington, DC (Rockville, MD)
Oct 28 - 31, 2008
 Washington, DC (Alexandria, VA)
Nov 4 - 7, 2008
 Chicago (Schaumburg)
Nov 11 - 14, 2008
 Washington, DC (Reston, VA)
Dec 2 - 5, 2008
 Washington, DC (Rockville, MD)
Jan 6 - 9, 2009
 Los Angeles
Jan 13 - 16, 2009
 Ottawa
Jan 20 - 23, 2009
 New York
Jan 27 - 30, 2009
 Toronto
Feb 3 - 6, 2009
 Washington, DC (Alexandria, VA)

Controlling Network Access: Hands-On
Bring Learning Tree On-Site

Course Tuition
$ 2,650 Standard Tuition
Tuition with a Savings Plan
$ 1,580 10-Day Pass
$ 1,665 Training Passport
$ 1,830 Flex-Pass
$ 2,095 Voucher 10-Pack
$ 2,385 Alumni Gold Discount
$ 2,360 Government Discount
 

 

Controlling Network Access: Hands-On
Controlling Network Access: Hands-On
Participants identifying a rogue client using NAC.


CPE 23 Credits 1 Hour(s) College Credit
Customer Service or Enroll: 1-800-843-8733