Alcatel OmniSwitch 8800, 7000, 6800, 6600 series

Tutored virtual training sessions accessible via an internet connection. MAXIMUM ... The following main topics are covered : DoS attacks, Role-Based-Management, Authenticated Switch Access, IP spoofing, 802.1x, ... competencies .
Télécharger le PDF
62KB taille 11 téléchargements 271 vues
commentaire
Report
Alcatel OmniSwitch 8800, 7000, 6800, 6600 series Alcatel OmniSwitch Security

REFERENCE

DT00TE650FR

DURATION

DELIVERY LANGUAGE

Francais (course material in English)

METHOD Virtual self-paced training on the computer. 3

days

Traditional classroom or practical sessions with tutorials (TAP LAB). Tutored virtual training sessions accessible via an internet connection.

MAXIMUM NUMBER OF PARTICIPANTS

8

PUBLIC • Networks and technical support engineers, technicians, network operators OBJECTIVES

At the end of the course, the participant will be able to: • The 3-day Omniswitch Security course provides students an understanding of the operation and configuration of the security features of the Alcatel Omniswitch and how to implement the Alcatel trusted Network solution in the enterprise.The course starts with an introduction of Alcatel CrystalSec followed by a detailed presentation of the 3 cornerstones of this security framework : Security Of (1), To (2) , Through (3) the Omniswitch. The following main topics are covered : DoS attacks, Role-Based-Management, Authenticated Switch Access, IP spoofing, 802.1x, Authenticated Vlans,…The Alcatel CrystalSec security framework has been extended in 2005 thanks to partnership with Fortinet and Sygate and the introduction of the Alcatel Quarantine Manager 2770 . The course presents the various possibilities to protect, prevent, detect, contain a network against attacks and to perform integrity check over the network. The course focuses on the Alcatel Quarantine Manager, 3rd party IDP solutions, Fortinet and Sygate products.The class consists of approximately 50% lecture and 50% hands on lab exercises. PREREQUISITES •

Students must be familiar with the overall operation of the Alcatel OmniSwitch and to have an ACSS level of competencies . • It is advised to know the concepts and solutions in the deployment of Security in an Enterprise network • Students shoud be familiar with basic security technologies. The course Security Essentials (ref: FG00TE/WB081) would cover those adequately.

Alcatel OmniSwitch 8800, 7000, 6800, 6600 series Alcatel OmniSwitch Security

PROGRAM DESCRIPTION

Security : Trends and Implications Description of the Alcatel CrystalSec Security Solution Alcatel CrystalSec Security Framework Expanding the framework : Alcatel Trusted Network Alcatel CrystalSec Framework : Security Of the device -AOS Security Default -Vulnerability management (DoS, closed port,…) Alcatel CrystalSec Framework : Security To the device -Role Based Management (Partition management, end-user –profile, password, pre-banner,…) -Authenticated Switch Access (local, external) -SSH, SSL, SNMPv3 -Logging, Accouting Alcatel CrystalSec Framework : Security Thru the device -Intrusion Management (ACL, IP Spoofing, BDPU blocking, pCAM protection) -Authenticated Vlans (Telnet, HTTP, …) Port Based Network Access Control (802.1x) LPS, NAT, Binding rules Alcatel Trusted Network : Attack Detection and Containment- IDS/IDP - Fortinet - Quarantine Manager 2770 - Automated Quarantine Engine -Integrating IDS and a containment solution Alcatel Trusted Network : Attack Prevention and Host Integrity Check - Sygate Secure Enterprise solution -Integrating Host Integrity Check and attack prevention solution in AOS environment Lab 1 – DoS AttacksLaunch your own DoS attack and configure the AOS device to respond to it and send a trap to Omnivista Lab 2 – Role Based ManagementBecome Familiar with privilege account and end-user-profile, password settings, prebanner text. Lab 3 – Authenticated Switch Access-local authentication-External Radius serverGet authenticated to log on the switch by using the local user database or an external authentication server Lab 4 – Vlan AuthenticationGain access to a specific Vlan by using an external authentication server (Radius) Lab 5 – Port Based Network Access Control (802.1x)-MD5-PEAP MS-CHAP v2Make physical devices attached to a switch port on the switch authenticate through the switch through 802.1x with (PEAP) or without certificates (MD5). Lab 6 - Fortinet & Quarantine Manager 2770Configure Fortinet and QM2770 to put you in quarantine when you launch a malicious attack on the network.

Alcatel OmniSwitch 8800, 7000, 6800, 6600 series Alcatel OmniSwitch Security

Lab 7 – Sygate Configure Sygate Servers and clients, Radius and AOS to perform Host Integrity Check and authentication at all time for physical devices attached to a switch port.