Abstract:

The ISP / NSP Security Workshop focuses on following components to provide comprehensive understanding and hands-on experience allowing you to gain valuable experience in network security best common practices, tools and techniques:

• Network infrastructure security
• Security services

For network infrastructure security, best common practice for protecting infrastructure including IP addressing, baseline building, securing IGP and BGP routing protocols and router filtering techniques are covered in detail. Controlling access to the routers, collecting network telemetry information and control plane protection techniques are discussed.

A six step methodology for detecting and mitigating DDoS attacks on the infrastructure provides hands-on understanding on how to deal with such attacks. Anti-spoofing measures to combat IP spoofing attacks and Remotely Triggered Blackhole (RTBH) filtering to protect against infrastructure attacks hands-on practice provides easy to deploy tools on the SP networks.

The security services address designing, deploying and managing L3 Virtual Private Networks. A balanced discussion covering security of 3VPN provides good basis of evaluating the level of security for the business needs.

Finally, a discussion of how managed security services such as IP VPN prepares SP networks for provisioning other security services.

Prerequisite

- Good familiarity with UNIX/LINUX command line and system administration jobs.
- Knowledge of Layer 3 protocols, and command line of Cisco IOS routers.
- Basic knowledge of security concepts is an added advantage.

Biography of instructor

Kunjal Trivedi
Kunjal Trivedi joined Cisco in 1999 as a consulting engineer initially and then worked in product management covering Cisco IOS infrastructure security. Currently, he is helping Cisco shape Managed Security Services marketing vision and strategy. A widely respected networking security expert, Kunjal presents infrastructure security, IP security and Managed Security topics at Cisco's Networkers events as well as at conferences such as ARPICOT.

Kunjal has a Bachelor of Engineering degree with honours in electrical and electronics engineering from University of Wales, College of Cardiff, and a Master of Science degree in Artificial Intelligence from Cranfield Institute of Technology, UK. He holds CISSP and CCIE designations in routing and switching as well as security. Recently, he was awarded Chartered Engineer status by Institute of Engineering and Technology. He can be reached at kunjal at cisco.com.