Services
Convergent Communications, Inc. - A Cisco Systems Learning Partner
Business/Enterprise Solutions Certification Packages
Cisco AS Courses
E-Learning About CCI
Consulting Home Page
Courses Schedules & Pricing Registration Contact Us
Product Training
Deploy Assure
Defending Complex Core Networks From Attacks


Course Description

Course Objectives

Course Audience

Network Topology

Prerequisites

Course Outline & Labs

AES COURSES INDEX

 Defending Complex Core Networks From Attacks (DCCNA) - Powerful 5 Day Course

Course Description

This hands-on course will help experienced engineers who support large complex networks, whether service provider, ISP or large enterprise to respond to the ongoing challenges of security and infrastructure protection. It will show engineers how to recognize when they are under attack as well as how to effectively react to such attacks.

Students will learn how to use Cisco Systems® capabilities and industry-available tools to classify and react to attacks as well as methods for collaborating with peers and vendors. Through this lab-intensive training, students will have the opportunity to implement a security structure that allows them to proactively defend their network and respond more quickly to ever-changing attacks.

Each student will partner with another peer during the bootcamp to own and defend their own workgroup, consisting of Cisco® routers and switches and associated industry tools. Each of these workgroups simulates a service provider infrastructure that includes an ISP, sinkholes, and peering modules.

TOP
Course Objectives

Upon completion of this course, students will be able to complete the following tasks:

  • Describe how the service provider infrastructure is attacked
  • Explain how basic protocols are attacked
  • Describe packet inspection and filtering
  • Identify the characteristics and capabilities of secure routing
  • Explain the role of advanced filtering and hardware support in service provider security
  • Apply basic surveillance methods to identify attacks
  • Apply advanced surveillance methods to identify attacks
  • Describe basic traceback and backscatter traceback techniques
  • Divert traffic to sinkholes, using multiple routing techniques
  • React to attacks by applying special routing and remote triggering techniques
  • Apply classification, inspection, and filtering techniques to anomaly analysis
  • Explain the role of peering modules in service provider security
  • Describe routing protocol vulnerabilities
  • Explain the security applications of Border Gateway Protocol (BGP) in the point of presence (POP)
  • Apply analytical advanced traceback techniques to react to attacks
  • Detect and react to worms
  • Detect and mitigate distributed-denial-of-service (DDoS) attacks

TOP

Course Audience

This course is intended for service provider (including ISP) network operators and security engineers who perform the following tasks:

  • Establish a security structure
  • Monitor for and recognize when they are under attack
  • Effectively respond to attacks

TOP
Prerequisites

Before attending this course, students must have the following:

  • Detailed knowledge of classless interdomain routing (CIDR) IP addressing
  • Detailed knowledge of BGP configuration, as provided by the Cisco Advanced Services Building Core Networks with OSPF, BGP, and MPLS Bootcamp
  • CCNA® level or equivalent industry experience recommended, CCNP® level or equivalent experience preferred

TOP

Network Topology

Network Topology

Course Outline & Labs

Course Outline
Lab Outline

Key Concepts in Service Provider Security: Preparation

  • Attacking Service Provider Infrastructure
  • Attacking Basic Protocols
  • Introduction to Packet Inspection and Filtering
  • Addresses, Routes, and Service Provider Security
  • Advanced Filters and Hardware Support

Service Provider Security Identification

  • Basic Surveillance
  • Advanced Surveillance Tools
  • Basic Traceback and Backscatter
  • Introduction to Sinkholes
  • Special Routing and Remote Triggering

Classification

  • Classification Inspection and Filtering
  • New Peering Concepts
  • Routing Protocol Vulnerabilities
  • BGP in the POP

Traceback and Reaction

  • Advanced Traceback
  • Worm Detection
  • Reaction to Worms
  • DDoS and Botnet Detection and Mitigation

Key Concepts in Service Provider Security: Preparation

  • Familiarization and Basic Baselining
  • Watch an Attack
  • Survey the Damage
  • Verify Operational Validity of Source Addresses
  • Basic Infrastructure Filtering
  • Scaling Packet Inspection in the Preparation Phase

Service Provider Security Identification

  • Identification Phase Basic Inspection and Enabling Cisco IOS® Software Data Sources
  • Surveillance Tools
  • Backscatter
  • Sinkholes
  • Remote Triggering

Classification

  • Basic Inter-Autonomous System Attacks
  • Attacking and Protecting Routing Protocols
  • POPs, BGP, and Service Provider Security

Traceback and Reaction

  • Characterization of an Exploit
  • Sensor Correlation and Worm Detection
  • Mitigating Worm Effects



TOP


301-565-0138 : info@ccitraning.net

Courses | Schedule | Registration | Contact Us | Homepage | Related Links
Business/Enterprise Solutions | E-Learning | Consulting | Certification Packages | CISCO AES Courses | About Us

© Convergent Communications, Inc.