Dates: 12-16 August 2019
Location: Dili, Timor-Leste
Venue: Conference Room Ministry of Transport and Communications Avenida Xavier do Amaral
Event Website: APNIC Event

Synopsis

This is a technical workshop, made up of lectures and hands-on lab work to teach Network Security fundamentals and the OSPF/ISIS and BGP skills required for the configuration and operation of large scale networks that make up the Internet.

Network Security
The objective of this workshop is to examine the key concepts, protocols and the policies involved in establishing and maintaining security for a network, and building an understanding and familiarity with their operation. Device and network infrastructure security is examined with a focus on different layers to establish a robust, stable and secure network and protect the data and processes that occur in the network.

The workshop also looks at the nature and structure of network attacks and the motivation that drives such on-line malicious activity.

The course further examines the actions and processes that can be used to identify, mitigate and respond to such attacks.

Advanced Routing
This technical workshop is made up of lectures and hands-on lab exercise to teach design issues to build routing infrastructure, classifications and how to choose different routing protocols, Internet routing architecture design principles, OSPF, BGP, BGP traffic engineering and scaling tools i.e. Local Pref, MED, AS path prepend, communities, Route reflector, peer group etc. Presentation cover detail protocol level operation an industry best current practise for both service provider and enterprise network.

The course also includes intense practical work based on IPv4 as well as IPv6 and Cisco IOS router configuration commands.

Target Audience

Network Security
Engineers, Network Managers and Operators, Security policy makers who are interested in network security and gaining an understanding of the threats they face and how to mitigate such threats.

Advanced Routing
Mid level to senior technical and design staff of ISP, network operators or enterprise, who are involved in day-to-day network operation and planning function.

Pre-requisites

Network Security
It is assumed that participants have a basic understanding of network operations and Internet technologies.

Advanced Routing
It is assumed that participants have a good understanding of network operations, Internet technologies, OSI reference model, TCP/IP and router operating system software (i.e Cisco IOS etc).

It is recommended that participants complete the APNIC Academy Routing course prior to attending the workshop – https://academy.apnic.net/en/course/routing-basics/

This workshop is not an introduction. The lab exercises use Cisco IOS configuration syntax.

Other Requirements
Participants are advised to bring their own laptop computers with high-speed Wi-Fi (802.11a/g/n/ac) and administrative access to system. It is also recommended that laptops have Intel i5 or i7 processor, >=8GB of RAM and 30GB of free hard disk space.

Workshop topics

Network Security

  • Network Security Fundamentals
  • Security on Different Layers and Attack Mitigation
  • Cryptography and PKI
  • Device and Infrastructure Security
  • Operational Security and Policies
  • Virtual Private Networks and IPSec
  • DNSSEC
  • Route Filtering

Advanced Routing

  • IPv6 Address Structure
  • Routing Lab Topology Overview
  • Operation of OSPF Routing Protocol
  • Lab Exercise on Basic Router and OSPF Dynamic Routing Configuration
  • Basic BGP operation
  • BGP Attributes and Path Selection Process
  • BGP traffic engineering tools i.e. Local Pref, MED, AS path prepend, communities etc.
  • BGP Scaling Techniques i.e. Route reflector, peer group
  • Lab Exercise on iBGP, RR, Peer group etc.
  • Internet Exchange [IX] Policy Overview and Configuration requirement, Route server etc.

Workshop Items

  • Agenda (includes links to presentations and schedule)
  • Instructors: Warren Finch (APNIC), Affan Basalamah
  • netsec_routing20190812-tl.txt
  • Last modified: 2019/08/11 20:37
  • by warren