Course detail
Design and Security of Enterprise Networks
FIT-CCSAcad. year: 2020/2021
Designing network topology with security. BPG, MPLS, MPLS VPN and VxVLAN
technologies. Multihoming, mobility, renumbering. IPv6 native
implementation and transition techniques. Optical networks. Automated
network configuration using IPAM, DevOps and NetOps.
Supervisor
Department
Learning outcomes of the course unit
Students learn concepts of network design, security and management of enterprise networks. They will understand network technologies like BPG, MPLS, VxVLAN, VPN tunneling, QoS and others.
Prerequisites
Student are expected to be familiar with configuration of active network devices and advanced configuration of Linux systems. Cisco courses CCNA Routing and Switching or CCNP Route are recommended as prerequisities.
Co-requisites
Not applicable.
Recommended optional programme components
Not applicable.
Recommended or required reading
Lecture notes in English.
Omar Santos, John Stuppi. CCNA Security 210-260 Official Cert Guide. Cisco Press, 2015.
Anthony Bruno, Steve Jordan. CCDA 200-310 Official Cert Guide, 5th Edition. Cisco Press, 2016.
Ina Minei, Julian LucekMPLS-Enabled Applications: Emerging Developments and New Technologies. Wiley; 3 edition (Jan. 18 2011)
Ivan Pepelnjak, Jim Guichard, MPLS and VPN Architectures, 2000 by Cisco Press.
Planned learning activities and teaching methods
Not applicable.
Assesment methods and criteria linked to learning outcomes
- Home preparation and hands-on labs (max 26 points).
- Skills exam (max 20 points).
- Final configuration and theoretical test (max 54 points)
Exam prerequisites:
- Participation in all hands-on labs.
- Half of points in each activity required for credits.
Language of instruction
Czech
Work placements
Not applicable.
Aims
The course is focused on advanced networking technologies employed in
ISP and telcom networks. It includes interdomain routing, IPv6
transitions technologies, L2 virtual technologies and quality of
services. Hands-on lab training will be provided on active network
devices and Linux stations.
Specification of controlled education, way of implementation and compensation for absences
- Home preparation and active participation in hands-on labs.
- Missed classes will not be replaced.
Classification of course in study plans
- Programme IT-MGR-2 Master's
branch MSK , any year of study, winter semester, 5 credits, compulsory-optional
- Programme MITAI Master's
specialization NADE , any year of study, winter semester, 5 credits, elective
specialization NBIO , any year of study, winter semester, 5 credits, elective
specialization NGRI , any year of study, winter semester, 5 credits, elective
specialization NNET , any year of study, winter semester, 5 credits, elective
specialization NVIZ , any year of study, winter semester, 5 credits, elective
specialization NCPS , any year of study, winter semester, 5 credits, elective
specialization NSEC , any year of study, winter semester, 5 credits, elective
specialization NEMB , any year of study, winter semester, 5 credits, elective
specialization NHPC , any year of study, winter semester, 5 credits, elective
specialization NISD , any year of study, winter semester, 5 credits, elective
specialization NIDE , any year of study, winter semester, 5 credits, elective
specialization NISY , any year of study, winter semester, 5 credits, elective
specialization NMAL , any year of study, winter semester, 5 credits, elective
specialization NMAT , any year of study, winter semester, 5 credits, elective
specialization NSEN , any year of study, winter semester, 5 credits, elective
specialization NVER , any year of study, winter semester, 5 credits, elective
specialization NSPE , any year of study, winter semester, 5 credits, elective
Type of course unit
Laboratory exercise
52 hours, compulsory
Teacher / Lecturer
Syllabus
- Introduction to TCP/IP networking.
- Stateful firewalls, IDS/IPS systems.
- Cisco ASA - Adaptive Security Appliance.
- BGP routing.
- BGP - filering, communities.
- LISP - Locator ID Separation Protocol
- IPv6 in enterprise networks. Transition mechanisms, autoconfiguration.
- MPLS a and packet switching in ISP networks.
- MPLS VPN, ATOM
- VxVLAN
- QoS.
- Optical connections and links.
- IPAM, automated management, devops