Semester: 4
ECTS: 5
Lectures: 30
Practice sessions: 30
Independent work: 90
Module Code: 23-00-538
Semester: 4
ECTS: 5
Lectures: 30
Practice sessions: 30
Independent work: 90
Module Code: 23-00-538
Module title:
Computer network security
Module overview:
The objectives of this module is for students to understand network security as a characteristic of a network and to learn how to implement security principles, mechanisms, and technologies used in modern networks.
Students learn to implement:
• DoS protection in computer network
• IPsec mechanisms to secure tunneling between remote sites
• a Next-generation firewall and configure it to protect the network
• application control and malicious code protection in the network
This module is important because it introduces students to complex security technologies and their implementation in complex network environments. After successfully passing this module students will be able to implement complex secure network infrastructure with remote locations (e.g. multiple campus networks connected over the internet)
Literature:
Essential reading:
1. Catalyst 4500 Series switch Cisco IOS software configuration guide, 12.2(25)EW [Online]. Available at: https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst4500/12-2/25ew/configuration/guide/conf/dynarp.html (Accessed: 21 April 2021)
2. Configuration professional: Site-to-Site IPsec VPN between two IOS routers configuration example [Online]. Available at: https://www.cisco.com/c/en/us/support/docs/cloud-systems-management/configuration-professional/113337-ccp-vpn-routerA-routerB-config-00.html (Accessed: 21 April 2021)
3. Dynamic multipoint VPN configuration guide, Cisco IOS release 15MandT [Online]. Available at: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_conn_dmvpn/configuration/15-mt/sec-conn-dmvpn-15-mt-book.html (Accessed: 21 April 2021)
4. Fortinet Document Library [online]. Available at: https://docs.fortinet.com/product/fortigate/6.0 (Accessed: 08 May 2021)
Recommended reading:
1. Cisco (2021) Cisco networking Academy [Online]. Available at: www.netacad.com (Accessed: 21 April 2021)
2. DMVPN dual hub with dual DMVPN network [Online]. Available at: https://learningnetwork.cisco.com/s/article/dmvpn-dual-hub-with-dual-dmvpn-network (Accessed: 21 April 2021)
3. IPsec troubleshooting: understanding and using debug commands [Online]. Available at: https://www.cisco.com/c/en/us/support/docs/security-vpn/ipsec-negotiation-ike-protocols/5409-ipsec-debug-00.html (Accessed: 21 April 2021)
Further reading:
1. Omar Santos. (2015) CCNA security 210-260, Cisco Press. 221 River Street, Hoboken, NJ 07030
2. Lee Brotherston, Amanda Berlin. (2017) Defensive Security Handbook, O'Reilly Media; 1st edition, O'Reilly publishing. Farnham GU9 1PL, United Kingdom