Virtual private networks (VPN) and other remote access systems (RAS), when configured properly, are the most common and secure methods of enabling business mobility. On the flip side, however, remote access systems are some of the most exploited technologies due to improper configuration, unpatched vulnerabilities, cross-site scripting (XSS), cloud-based systems with loose controls, and the ever-present success of social engineering?a patch that's nearly impossible to fix.
In spite of the challenges, best practices have evolved over the years that allow network security teams to harden systems against flaws, poor implementations, shadow IT, and more.| During this course, students will be introduced to the concepts and essential knowledge necessary to understand today's VPN and RAS technologies. Course will cover network architecture, common configuration scenarios, and common risk factors.
Students will learn basics of various VPN deployments to include underlying technologies, network design, device configuration, protocol choices, and common configuration scenarios. Emphasis will be towards understanding device configuration to assess proper implementation in accordance with industry best practices.
This course is only available on-site at your location.
- Day 1
- VPN Models, OSI Model, Encapsulation
- Types of VPN, Software v Hardware, Firewall based, IP based
- Architecture, Access, Internet, Extranet, Network addresses, DHCP scope assignments, Point to point connections
- Tunneling Protocols, GRE, Point to point, LAN, WAN, Security issues, PPTP Filters
- Day 2
- MPLS, Point to point, Layer 2 (VPLS), Layer 3 (VPRN)
- Authentication Methods, Checkpoint, RADIUS, TACACS
- Encryption, IPSec/IKE, AES , TLS, Hashing, MD5, SHA, Key Exchange, Diffie/Hellman, RSA
- Day 3
- Digital Certificates, Public/Private keys
- Management Oversight, Risk evaluation, including limitation of VPNs, Setting standards, VPN Quarantining, Monitoring, Logging, Evaluating effective use of VPNs