• Home
  • About us expertise
  • What We Do Products & Services
    • Products
    • Services
      • Branded WiFi Hotspots
    • Training
  • Clients & what they say
  • Order Online 24/7 Service
    • Network Hardware
      • Switches
        • Unmanaged Switches
        • Managed Switches
      • Draadloos
  • Contact us 03 457 60 08
  • 0

Training

LAN Security Training

Secure your network in depth

LAN Security Training

Secure your network in depth

Everyone knows that it's necessary for a good network security to have an virusscanner, install a firewall, keep your systems up-to-date... But the Layer 2 & 3 are often forgotten. Learn how you can secure these layers, and improve your overall security.

Join our hands-on training about security concepts, protocols and techniques to secure your Layer 2 & 3. With this brimming 2 day training with plenty of practical tests and excercices, you become a network security expert.

This 3-day training consists of 3 modules. This set up allows you to choose one or more days of your preference.

 

 

Day ONE

DAY TWO

DAY THREE

  • Port authentication 802.1x
    •  
    • EAP TLS
    • EAP MD5
  • RADIUS-servers: IAS, NPS & FreeRADIUS
  • Static VLAN's
  • Dynamic VLAN's
  • Trunking
  • Routing
  • Multihomed server
  • Guest VLAN
  • MAC-based VLAN
  • Web-based authentication
  • NAP/NAC
  • DHCP-snooping
  • Spanningtree
  • Link-aggragation
  • Prevention of double IP-adresses

Requisite foreknowledge:

  • Basic network knowledge: IP-address, DNS, gateway
  • Basic knowledge of Windows 2003: Active Directory

Price (VAT not included):

  • One day: € 375,00
  • Two days: € 650,00
  • Complete course: € 950,00

What do you learn in this training?

  • Port authentication with 802.1x
    In a traditional wired network everybody with physical access can gain access to your internal network. When we talk about wireless network everybody is aware of the fact that you need authenticity. The same awareness should be present with wired networks. By using the 802.11x protocol you can force authentication before your machines have any connection with your internal network.
    • Different authentication possibilities, such as RADIUS, freeRADIUS, IAS, EAP...
    • Advantages and disadvantages of these variants
    • Points of interest concerning security
    • Minimum requierements
  • VLAN
    When machines need access to a traditional LAN they’re usually connected to the switch of the relevant department. However, there may rise some administrative and practical problems if the clients’ physical location is changed. (e.g. another switch). However, if you use a virtual LAN you only need to connect the client to the corresponding VLAN, regardless of its physical location.
    • Terminologies
    • Static and dynamic assignment
    • VLAN information exchange between switches
    • Trunking
    • Secure routing
    • Multihomed servers, Guest-VLAN's and integration of WLAN into VLAN
  • Web-based authentication
    With web-based authentication you grant visitors access to the network by capturing the web traffic and redirecting the users to a login page. When they are succesfully identified, they will get access to the (V)LAN. The big difference with 802.1x port authentication, is that the user doesn't need to make any adaptations to his laptop settings.
  • Network Access Control systems
    Client PC’s who don’t have antivirus installed, or that have an out-of-date antivirus, pose a threat to the network. The principle of the weakest link is present here since a weaker machine could infect others. Network access Control is a technique that ensures that machines in the network can’t make a connection as long as they do not comply with Policy's, anti-virus software, latest updates, etc.
    • Different options for execution methods
    • Extended tests, including dynamic VLAN assignment
  • DHCP-snooping
    If hackers gain access to your network, they can install their own DHCP Server. The hacker can then send IP-addresses to your employees, and steal information from their PC’s. With DHCP snooping, a trusted or untrusted state can be granted to a switch port allowing only IP-addresses from DHCP servers which are connected to a trusted port.
    • DHCP-snooping terminilogies
    • Techniques to intercept unknown DHCP-servers
  • Spanning Tree Protocol
    Today's networks are often build redundantly so there exists a second connection to fall back on when the first connection drops. However, the drawback is that this will create loops in the network where duplicate packets could exist. The Spanning Tree Protocol avoids this risk by putting the redundant connection in standby, and activate it again if necessary.
    • Prevent network failure caused by false connections
    • Use and best practices of the Spanning Tree Protocol
    • Network Testing
  • Link Aggregation
    You can combine multiple ports to achieve more redundancy and higher performance. This technology, also known as Link Trunking, allows you to do this.
  • Prevention of double IP-addresses
    When an unknown client (e.g. laptop of a sales representative, iPhone...) accesses the network and has the same IP-address as your domain controller or your mail server, these last become inaccessible. Through a group policy you can implement simple settings so that they remain accessible, unregarding the double IP-addresses.

 

 

  • Home
  • About us
  • What We Do
    • Products
    • Services
    • Training
  • Clients
  • Order Online
  • Contact us

Latest Products

AT-PC2002/POE AT-PC2002/POE Call for Pricing
AT-GS2002/SP AT-GS2002/SP Call for Pricing

Now Online

We have 2 guests online

Visits

Visits [+/-]
Today:
Yesterday:
Day before yesterday:
31
27
27

+0
This week:
Last week:
Week before last week:
212
227
265

-38
This month:
Last month:
Month before last month:
942
780
1130

-350
linkedin   facebook   twitter
+32 (0)3 457 60 08 |  Mail

 

Contact Info

iXiT bvba
Kleine Meylstraat 8
B-2550 Kontich

Active Network Solutions

iXiT offers a broad range of carrier-class equipment for fibre optic connections, and simple media-conversion up till Metro Ethernet (aggregation/demarcation) services.

Scroll To Top