Course detail

Implementing Secure Converged WANs (CCNP2)

FIT-CP2Acad. year: 2010/2011

The course covers modern technologies for secure remote access through Internet using cable modems and DSL. It also describes MPLS transmission in WAN, VPN building using MPLS, IPSec, and GRE. It includes network device security, AAA architecture, packet filtering and IDS/IPS devices.

Language of instruction

Czech

Number of ECTS credits

4

Mode of study

Not applicable.

Guarantor

doc. Ing. Petr Matoušek, Ph.D., M.A.

Department

Department of Information Systems (UIFS)

Learning outcomes of the course unit

Students will learn technologies for remote access. They will learn how to configure cable modem and DSL. They will understand MPLS and its implementation in Cisco routers. They will learn how to configure VPN using MPLS, IPSec, and GRE. They will get acquainted how to secure network devices, and AAA architecture. They will learn how to configure packet filtering and IPS/IDS devices.

Students will understand technologies for remote access into Internet and secure data transmission over Internet using VPN technology. They will learn how to configure VPN and how to secure network devices. Course knowledge and experience cover  requirements of Cisco certification exam 642-825 ISCW.

Prerequisites

Students are expected to have knowledge of CCNA Exploration 4, or certification exam CCNA 804-802.

Co-requisites

Not applicable.

Planned learning activities and teaching methods

Not applicable.

Assesment methods and criteria linked to learning outcomes

  • Labs attendance.
  • Getting at least 50% points of every activity.

Course curriculum

Item has no outline.

Work placements

Not applicable.

Aims

Technologies for secure remote access - cable technology, DSL (PPPoE, PPPoA). MPLS architecture and configuration. Building VPN using MPLS. IPSec architecture, VPN using IPSec. GRE tunnelling. Securing network devices. AAA architecture. IOS protection. Packet inspection and filtering, IDS and IPS.

Specification of controlled education, way of implementation and compensation for absences

  • Příprava a aktivní účast na všech laboratorní cvičení.
  • Vypracování všech modulových testů.

Recommended optional programme components

Not applicable.

Prerequisites and corequisites

Not applicable.

Basic literature

Not applicable.

Recommended reading

Not applicable.

Classification of course in study plans

  • Programme IT-MGR-2 Master's

    branch MBI , any year of study, winter semester, elective
    branch MPV , any year of study, winter semester, elective
    branch MSK , any year of study, winter semester, compulsory-optional
    branch MBS , any year of study, winter semester, elective
    branch MMM , any year of study, winter semester, elective
    branch MMI , 2. year of study, winter semester, compulsory-optional

Type of course unit

 

Laboratory exercise

52 hours, compulsory

Teacher / Lecturer

doc. Ing. Petr Matoušek, Ph.D., M.A.

Syllabus

  1. Remote access - requirements, technologies.
  2. Cable access. DSL, PPPoE, PPPoA.
  3. MPLS Architecture.
  4. IPSec VPN networks.
  5. GRE tunnelling, high availability.
  6. Securing network devices.
  7. AAA architecture, implementation.
  8. Packet filtering, firewalls.
  9. Securing IOS. IDS and IPS devices.
  10. Case study presentation.
  11. Skills exam. Final test.