Cisco Security培训

Cisco Security培训

Cisco Security training

Testi...Client Testimonials

SIP protocol in VoIP

Handson and setup were nicely done and practical knowledge thoroughly imparted. Trainer was really helpful throughout.

B Kishore - Bharat Electronics Limited (BEL)

Cisco Security大纲

代码 名字 时长 概览
casapixo Cisco ASA/Pix Operation 28小时 A 4 day instructor-led practical course designed to familiarise delegates with the Cisco ASA Firewall CLI and ASDM. The course details the key commands used to configure and secure networks using the ASA Firewall with v8 of the operating system and version 6 of the ASDM. Delegates will configure the ASA using the console port, TFTP server, telnet and SSH using local and RADIUS authentication. The device will be configured to utilise Syslog and SNMP. ASA Firewalls will also be configured to use Access-Lists, Network Address Translation and VPN's utilising IPSec protocols. The course will cover the theory of Public/Private Keys, shared secret keys and their use in forming Site to site VPN's between ASA Firewalls using IKE and IPSec. Students will configure the units to create site to site VPN's, remote access VPN's using the Cisco Secure VPN Client and Web VPN's. The course will cover the theory of failover and delegates will configure Active/Standby failover on the ASA. Privileged commands and protocol analyser traces will be used, where necessary, to debug protocols and ensure proper operation of the ASA Firewall. Students will also perform password recovery operations. This course will involve interfacing the ASA with other network equipment, such as routers and switches, as would be expected in a network environment. Audience: Course is suitable for anyone involved in ASA firewall configuration and network security Course is approximately 50% practical Objectives: At the end of this course the student will be able to configure ASA Firewalls to: Allow configuration via console port, telnet and SSH Copy configurations and upgrade OS image. Authenticate users using RADIUS and local authentication. Act as a DHCP Server, Client and Relay. Operate as a Routed or Transparent Firewall. Operate in Failover mode. Support VLANs. Run routing protocols (OSPF and RIP) and exchange routing information with Cisco routers. Support Access Control Lists and content filtering. Support Object Grouping. Establish Internet connections using NAT and PAT. Setup site to site VPN's using IKE and IPSec. Setup Remote Access VPN's using Cisco secure VPN client. Setup Web VPN's Log access-list activity using a syslog server. Send traps to an SNMP Server. Password recovery Practical Exercises Lab Exercise 1: Basic Configuration of Cisco ASA. Lab Exercise 2: Configure support for VLANs on ASA. Lab Exercise 3: Connectivity via Telnet and Local/RADIUS authentication. Lab Exercise 4: Configure Static and Dynamic routing on ASA. Lab Exercise 5: Filter traffic using Access Control Lists. Lab Exercise 6: Configure NAT on ASA. Lab Exercise 7: Configure VPN's on ASA. Lab Exercise 8: Configure Active/Standby Failover on ASA/Pix. Lab Exercise 9: Password Recovery on Cisco ASA. Equipment Used in Practical Exercises: 4 Cisco ASA 5505 Firewalls running v8 of the CLI and capable of Active/Standby Failover. Pix 515E firewalls running v8 of the CLI, Cisco routers, switches and hubs as required.
waaacdwtacacs One Day Workshop for AAA of Cisco Devices using a Windows-based TACACS+ Server 7小时 Suitable for network planners, engineers or anyone interested in TACACS+ operation with Cisco IOS devices. Course is almost entirely practical if one day. If extended to 2 days due to lack of pre-reqs it will be around 50% practical. Objectives Review the operation of TACACS+ AAA process. Configure Cisco IOS devices to use TACACS+ for access to the management software. Configure Windows users/groups to authorise the TACACS+ requests. Configure TACACS+ server files for proper operation. Test successful operation of TACACS+. Equipment used in Practical Sessions: Cisco routers and/or switches running v12 of IOS. Windows 2008 R2 server running software.
waaacdwnpsr One Day Workshop for AAA of Cisco Devices using Windows 2008 NPS RADIUS 7小时 This one day workshop covers the configuration and operation of the RADIUS protocol in the authentication, authorisation and accounting of accessing the management software of Cisco IOS devices. The RADIUS server is Network Policy Server (NPS) in Windows 2008 R2. Audience: Suitable for network planners, engineers or anyone interested in RADIUS operation with Cisco IOS Devices and NPS. Workshop is almost all practical. If extended to 2 days it will be approximately 50% practical. Objectives: Review the operation of RADIUS AAA process. Configure Cisco IOS devices to use RADIUS for access to the management software. Configure connection request and network policies on NPS. Configure Windows users/groups to authorise the RADIUS requests. Test successful operation of RADIUS using NPS. Equipment used in Practical Sessions: Cisco routers and/or switches running v12 of IOS. Windows 2008 R2 server running Network Policy Server (NPS).
wciosd Workshop for Cisco IOS Devices Implementing IPSec using Certificate Authentication via a Windows 2008 R2 CA 7小时 This one day workshop covers the configuration and operation of negotiating IKE/IPSec Security Association (SA) between Cisco IOS devices. The devices will authenticate using certificates provided through enrollment with a Windows 2008 R2 Certification Authority. The Windows 2008 R2 server will run the Simple Certificate Enrollment Process (SCEP) using the Network Device Enrollment Service (NDES). Audience: Suitable for network planners, engineers or anyone interested in operation of Cisco IOS devices running IPSec using certificate authentication. Objectives: Review the operation of IPSec SA negotiation. Configure Cisco Router/ASA to authenticate and enroll with a Windows 2008 R2 CA. Configure Windows 2008 R2 Server to perform network device enrollment using NDES. Test successful operation of IPSec with certificate authentication. Equipment used in Practical Sessions: Cisco IOS devices running v12 of IOS and Windows 2008 R2 server acting as an enterprise CA and running NDES and certificate enrollment.
wpeapawscw One Day Workshop for PEAP Authentication of Windows 7 Supplicant using a Cisco Switch as Authenticator and Windows 2008 R2 Server 7小时 This one day workshop covers the configuration and operation of the IEEE802.1x protocol in the authentication and authorisation of a wired Windows 7 supplicant. The authenticator is a Cisco Switch and the server is Windows NPS running on Windows 2008 R2 server, operating as a Certification Authority (CA). The EAP protocol is Protected EAP (PEAP) and a successful request will be allocated a VLAN on the switch via RADIUS attributes received from the server following successful authentication. The procedure for a wired supplicant is almost identical to that of a wireless supplicant. Audience: Suitable for network planners, engineers or anyone interested in operation of PEAP with Cisco IOS Devices and NPS. Objectives Review the operation of IEEE802.1x process. Configure Cisco Switch to use IEEE802.1x and RADIUS. Configure Cisco Switch to authorise VLAN assignment via RADIUS attributes from server. Configure Windows 7 supplicant for dot1x authentication and install certificate from CA as a trusted computer certificate. Configure connection request and network policies on NPS to authenticate and to pass VLAN assignment to switch. Configure Windows users/groups on Windows 2008 R2 server to enable NPS authentication. Configure Windows 2008 R2 server as a DHCP server. Configure ip helper addresses and inter-VLAN routing on Cisco L3 switch. Test successful PEAP authentication and PING PCs in different VLANs. Equipment used in Practical Sessions: Cisco L2 and L3 switches running v12 of IOS. Windows 2008 R2 server running Network Policy Server (NPS).
sipvoip SIP protocol in VoIP 21小时 The course consists of two complementary parts – a theoretical and a practical one. The first is a one day introduction covering motivation, philosophy, fundamentals and rules of operation of the SIP protocol and ways it is used to implement telecom services with focus on IP telephony and VoIP. The second two-day part enables participants to learn practical aspects of service operation within a framework of hand-on laboratory exercises giving detailed insight into configuration of components of SIP telephony architecture, SIP signalling at both message sequence chart and internal message structure levels, and assists in understanding of typical problems and troubleshooting including security and telecom fraud aspects. The trainers will share their experience in launching, operation and management of SIP telephony covering also virtualization and cloud based solutions. Practical part is presented using both SIP hardphones and softphones and IP telephony servers (Asterisk and Freeswitch). Participants can take advantage of the fact trainers have got rich technical and business experience in IP telephony and submit their own problems and questions. They will be included in the agenda at wrap-up as a supplement to the training to meet current urgent needs of clients. Training is addressed to participants with basic knowledge and experience in telecom services – specifically in VoIP and IP networking.  Part I: Introduction Introduction History and motivation Types of VoIP and its evolution SIP – main concepts SIP standardization (RFC 3261 and other relevant standards) Architecture UA – User Agent Predefined servers: Registrar, Location, Proxy and Redirect Application servers Identification and addressing SIP trapezoid Servers and their operation Registration  SIP server in Proxy and Redirect modes Stateless and stateful Proxy servers Location server SRV records and DNS uri/url/urn, ENUM and NAPTR records SIP signalling messages (including Instant Messaging & Presence – IMP extensions) Message structure Requests Responses Example of a call Headers and parameters IMP models SDP (Session Description Protocol) Description of media Standard list of codecs Session negotiation rules Call flows – SIP signalling SIP session – main  RFC 3261 example Sample call scenarios Conferencing and IP PBX Changing media during a session Using IMP Routing of SIP requests and responses VIA header ROUTE and RECORD-ROUTE headers SIP-PSTN interworking SIP-T and SIP-I SIP early media and SIP trunking SIP-PSTN signalling SIP – security problems Secure SIP, Secure RTP and Secure RTCP Typical implementations of Secure SIP Practical problems and perspectives NAT and firewall traversal QoS SIP and SDP in 3GPP IMS architecture Wrap-up and discussion Part II: Hands on SIP in LAN environment: XLite SIP UA + Asterisk Creating Asterisk accounts with a simple dial plan Configuration of XLite SIP UA (dtmf, codecs, nat, rtp, timer, register) and SIP phones (Polycom, Gigaset, Yealink, Linphone) Registration, initiating and receiving calls P2P calls with Linphone Analyzing of SIP signalling using Wireshark Configuration of a server Registration of SIP signalling and RTP media streams SIP packet analysis. Retrieval of a specific call Voice quality problems. Jitter buffer. Retrieval of DTMF signalling (RFC 2833, INFO). Codec and DTMF troubleshooting (transcoding, GSM codec failure, DTMF tone duplication) VoIP monitor SDP, Instant Messaging and Presence (IM&P) SDP parameters and attributes SUBSCRIBE, PUBLISH and MESSAGE SIP methods Practising IM&P with XLite and Linphone SIP call flows SIP Registration with DNS SIP SRV record SIP phone registration using DNS-SRV Call Flows with DNS Analysing SIP call signalling using Wireshark Troubleshooting – DNS timeout, latency SIP trunks Establishing a test SIP trunk Troubleshooting (DOS, DDOS, fraud, cps) SIP security issues SIP security with IPSec Security with Secure SIP IP telephony – risk of frauds Preventing DDOS and other types of attacks Launching SIP based VoIP services Configuration of a switch SIP client configuration and registration Software Asterisk PBX / Freeswitch softswitch / Cisco Call Manager Linux CentOS TDM2IP drivers Softphones (XLite, Linphone) Hardware Server TDM2IP card/gateway Hardphone (Polycom, Gigaset, Yealink) Softphone/Hardphone Configuration Codecs User/Password/SIP Server/Proxy/Ports Operation and signalling for: 3-Way Calling Call Forwarding Attendant Call Transfer MWI, BLF Yealink autoprovisioning Vendor dependent constraints SIP & Network Adress Translation (NAT) problems Type and structure of NATs STUN (Simple Traversal of UDP Through NATs) Quality of VoIP calls – troubleshooting Call connected – missing media Key QoS factors Delay, jitter, play buffer size VoIP quality metrics RTCP – delay and jitter MOS according to ITU-T G.107 E-model VoIP quality monitoring tools (Voipmonitor) Cloud based IP telephony Wrap up and addressing SIP and VoIP related issues submitted by participants



Cisco Security,培训,课程,培训课程, 企业Cisco Security培训,Cisco Security教程,Cisco Security讲师,学Cisco Security班,Cisco Security培训师,短期Cisco Security培训,Cisco Security远程教育,Cisco Securitys辅导,学习Cisco Security ,Cisco Security辅导班,Cisco Security老师,一对一Cisco Security课程,小组Cisco Security课程,Cisco Security私教,Cisco Security晚上培训,Cisco Security训练,Cisco Security课程