Understanding Virtual Private Networks (VPN)

A comprehensive, hands-on practical introduction to the design and implemention of corporate data VPNs
Home     Call +44 (0)113 398 3300     Email

Course arrangement
This course is delivered under a bespoke, hign-value consultancy-based training arrangement, with the content and hands-on practical workshops tailored to meet the specific needs of your organisation.

We cover a range of VPN products and technologies from leading manufacturers, including PPTP, L2TP, IPSec, IKE, and MPLS.

Hands-on Practical
The course incorporates hands-on practical sessions, working with products and equipment from a range of vendors, including Check Point, Cisco, Microsoft, SnapGear, Fortress Technologies, Colubris and more.

  • Working with PPTP
  • RADIUS Authentication, Authorisation and Accouning (AAA)
  • Layer 2 Tunneling Protocol (L2TP)
  • Client-to-Branch IPSec VPNs
  • Branch-to-Branch IPSec VPNs
  • IPSec Pass-through and NAT
  • Securing wireless networks
  • Firewalls and Packet Filtering
  • Implementing Firewall Security Policies

On courses of 3 days and more, extensive hands-on ractical labs can be incorporated.

Bespoke Courses
Please call 0800 138 3030 to discuss your specific Security training requirements.

The roles of VPNs
Supporting remote users
Linking remote offices
Connecting business partners
Star and Mesh topologies
Trusted versus secure VPNs

Overview of VPN Technologies
Understanding VPNs layers 2 and 3
Tunnelling
Switching
MPLS
IPSec

Essential Security Principles
Authentication
Privacy
Data confidentiality
Data integrity
Essentials of cryptography

Remote Access Authentication
PPP, LCP, and NCP operation
PPP authentication methods: PAP, CHAP, MS-CHAP, EAP
Token-based authentication
SecurID
Biometrics
Kerberos

Remote Access Administration
RADIUS
TACACS+

Introduction to VPNs
VPN components
VPN concerns and solutions
Security Issues

Tunneling Protocols
Generic routing encapsulation
PPTP
PPTP, PPP and CHAP
MSCHAP, MSCHAPv2
L2F
L2TP

Cryptographic Protection - Hashing
MD5
SHA
HMAC integrity checking
One-time passwords

Cryptographic Protection - Encryption
Symmetric:
- DES
- 3-DES
- AES
- CBC mode and IVs
- Shared secrets
Asymmetric:
- Exchanging keys with Diffie-Hellman (DH)
- Public and private keys
- RSA
- ECC (Elliptic Curve Cryptosystem)

Secure IP (IPSec)
IPSec environment
AH and ESP
Security associations
IKE key management
Main mode
Aggressive mode
Quick mode
Diffie-Hellman Key Exchange
Xauth
Securing GRE with IPSec
Securing L2TP with IPSec
NAT and IPSec
UDP wrapping
SPI wrapping

Implementing VPNs
Employing VPN concentrators
Integrating firewalls
Access control
Using VPN-capable routers
Dedicated VPN hardware
Operating system support for VPN
VPN client software
Split tunnelling
VPN management


Copyright © 1996-2003 LEVER Technology Group plc, Ebor Court, Westgate, Leeds, LS1 4ND, UK
Tel: +44 (0) 113 398 3300   Fax: +44 (0) 113 398 3301
Important Notices and Privacy Statement   Maintained by www.lever.co.uk