 | |
Security: Firewall & VPN: Security University's Network Firewalls, VPN's & Prevention Tools
| Previous | | | Average Rating: 0.00/10
(# Rating Votes: 0 | Rate This Course | Contribute a Review )
Short Description:
This seminar focuses on creating firewall implementations that protect your information resources. You will implement numerous commercial and freeware firewalls, examine best practices for protecting DNS services, HTTP, and SMTP.
Full Description:
This three-day, hands-on seminar focuses on creating firewall implementations that protect your information resources. You will implement numerous commercial and freeware firewalls, examine best practices for protecting DNS services, HTTP, and SMTP. You will explore proven strategies for defending your networks against unauthorized access and denial-of-service attacks with the new leading edge prevention tools. You will examine the weaknesses of firewall architectures and how good security processes strengthen user- and host-based authentication, warning banners, address translation and masquerade, remote management, alerts, content filtering, spoofing, complex protocols and other advanced issues. Hands-on labs are designed for impact providing you essential features of various firewall architectures including packet filters, stateful packet filting and proxy firewalls and how they work with VPNs. Session size is limited for maximum hands-on experience.
Course Fee: $1,995
Time: 8:30am - 4pm
Location: Click here to view the course schedule
Learning Level: Basic
CPE Credits: 24
Prerequisites: You should know TCP/IP. You should also be familiar with Windows NT or Unix
What You Will Learn:
1. Review of Internet Attacks
hacker trends and motives
denial-of-service attacks: SYN floods, smurf, Trinoo and others
network probes and scans
IP spoofing
Trojan horses
application-level attacks
2. Characteristics of the Firewall Environment
objectives of firewalls
creating security domains
perimeter and internal firewalls
firewall rule sets
default deny vs.default allow
firewall platforms
common commercial firewalls
host-based firewalls
firewall appliances
firewall configurations
demilitarized zones (DMZs)
dual & multi-homed configurations
screened sub-networks
HA - high availability firewalls
positioning Network Services in the firewall environment
servers on the firewall
single server vs. multiple server
access policy for internal applications
firewall architectures: packet filters, proxy-based firewalls,
hybrid firewalls
issues not addressed by firewalls: poor passwords, data-driven attacks,
modems, internal attacks
3. Firewall Security Policies
risk assessment approach
identifying essential services
identifying key threats
vulnerability assessment
developing firewall rule sets
policies for inbound access and outbound access
Network Address Translation (NAT) and PortAddress Translation (PAT)
additional elements of the firewall security policy
denial-of-service filters
account management and authentication
remote management
4. Standard (Stateless) Packet Filters
packet filter design
identifying where packet filtering is performed
rules processing
ingress and egress filtering
packet filter control points & parameters
TCP flags & ICMP message types
permitting established connections
configuring packet filters to control access to HTTP, SMTP, DNS
advanced packet filter usage
addressing denial-of-service attacks: LAND, ping floods, SYN floods
dynamic access controls
authentication, authorization and accounting (AAA)
limitations of packet filters
handling difficult protocols: FTP, multimedia applications
5. Stateful Inspection Firewalls
stateful inspection firewall design
limitations of standard (stateless) packet filters
stateful inspection firewalls control points
weaknesses of stateful inspection technology
configuring the TCP/IP protocol stack
IP forwarding issues
application data
Web content: ActiveX controls, Java applets
maintaining stateful inspection
connection tables and performance
connections for UDP
network address translation techniques
application protocol handling
handling FTP and streaming protocols
6. Proxy-Based Firewalls
proxy firewall design
characteristics of proxy-based connections
differences between proxy firewalls and caching proxy servers
address hiding
circuit-level & application-layer proxies
strengths of proxy firewalls
configuring & hardening the TCP/IP protocol stack
IP forwarding issues
application proxy rules processing
application protocol and data handling
configuring application proxies to support SMTP, FTP, HTTP
configuring generic proxy servers
one-to-one/ any-to-one
7. Proxy Servers for Internal to External Access
types of proxy servers
Winsock proxy servers
SOCKS proxy servers
Web proxy servers
configuring clients for proxy servers,
client applications,
client operating systems,
port redirectors on proxy server gateways
8. Personal Firewalls
Do you need personal firewalls?
For the mobile user
For home office users
Trojan horse problems
How to manage the personal firewall
Standard templates vs advanced configuration
User managed vs. centralized management
List of current personal firewalls
9. VPNs
The need for VPNs
How to configure
How to integrate with firewalls
What VPNs to use with which firewalls
Securing network connections using VPNs
10. Content Filtering and Prevention Tools
Deploying content filters
SMTP filters
Anti-virus
Blocking Trojans and Worms at the SMTP server
Spam filtering
Anti-relaying
Web site filtering blockers
Recommended policies and actions
Filtering mobile code: ActiveX, Java, JavaScript
Intrusion prevention tools
Integrating firewalls & Prevention Tools
Firewall penetration-testing tools
11. Firewall Management
Assessing the firewall vendor
Independent certification of firewall products
Installation, training
Assigning resources for firewall management
Firewall administrator responsibilities
Creating a secure platform for the firewall
Creating a bastion host
Creating system baselines
Monitoring the firewall
Managing firewall alerts
Best practices for incident handling
Log file management
keeping up to date: key e-mail lists and Web sites
Duration:
3 Days
Price:
$1,995
Submitted by: admin
Hits: 0
Security University's Network Firewalls, VPN's & Prevention Tools Course Web Page
| | | |
