Semester: 4
ECTS: 5
Lectures: 30
Practice sessions: 30
Independent work: 90
Module Code: 23-122-0197
Semester: 4
ECTS: 5
Lectures: 30
Practice sessions: 30
Independent work: 90
Module Code: 23-122-0197
Module title:
Network Security
Lecturers and associates:
Module overview:
The course aims to equip students with comprehensive knowledge and practical skills necessary for implementing and testing basic security mechanisms at the 2nd and 3rd layers of the OSI model. The course emphasizes the importance of understanding and applying security principles and technologies in modern network environments. Students will be introduced to complex security technologies and their applications, focusing on the implementation of secure tunnels, and working with next-generation firewalls, enabling them to implement both basic and advanced security technologies which will ensure that the organization´s business is not disrupted by cyberattacks.
This course is crucial for students who wish to develop the ability to create complex and secure network infrastructures, including securely connecting remote locations, such as multi-campus networks linked via the Internet. Upon successful completion of the course, students will be equipped to implement and test security mechanisms in real network environments, preparing them for professional challenges in the field of network security.
In this module students will learn:
Based on the given requirements, design a technical solution that will protect switches and routers in the computer network from common Denial of Service attacks.
Based on the given requirements, design a technical solution that will enable the connection of remote computer networks via the Internet in a secure manner
Appropriately implement mechanisms to protect against denial-of-service attacks, mechanisms for user authentication and access control to switches and routers, routing protocol authentication and routing table control.
Appropriately implement mechanisms for connecting remote computer networks via the Internet in a secure manner
Appropriately implement security mechanisms on the next generation firewall with the aim of protecting access to devices in the computer network, controlling applications and protecting against malicious code
Literature:
Required readings:
Cisco (2021) Cisco networking Academy [Online]. Available at: www.netacad.com (Accessed: 21 April 2021)
Fortinet Document Library [online]. Available at: https://docs.fortinet.com/product/fortigate/6.0 (Accessed: 08 May 2021)
Supplementary readings:
Catalyst 4500 Series switch Cisco IOS software configuration guide, 12.2(25)EW [Online]. Available at: https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst4500/12-2/25ew/configuration/guide/conf/dynarp.html (Accessed: 21 April 2021)
Configuration professional: Site-to-Site IPsec VPN between two IOS routers configuration example [Online]. Available at: https://www.cisco.com/c/en/us/support/docs/cloud-systems-management/configuration-professional/113337-ccp-vpn-routerA-routerB-config-00.html (Accessed: 21 April 2021)
Dynamic multipoint VPN configuration guide, Cisco IOS release 15MandT [Online]. Available at: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_conn_dmvpn/configuration/15-mt/sec-conn-dmvpn-15-mt-book.html (Accessed: 21 April 2021)
DMVPN dual hub with dual DMVPN network [Online]. Available at: https://learningnetwork.cisco.com/s/article/dmvpn-dual-hub-with-dual-dmvpn-network (Accessed: 21 April 2021)
IPsec troubleshooting: understanding and using debug commands [Online]. Available at: https://www.cisco.com/c/en/us/support/docs/security-vpn/ipsec-negotiation-ike-protocols/5409-ipsec-debug-00.html (Accessed: 21 April 2021)
Omar Santos. (2015) CCNA security 210-260, Cisco Press. 221 River Street, Hoboken, NJ 07030
Lee Brotherston, Amanda Berlin. (2017) Defensive Security Handbook, O´Reilly Media; 1st edition, O´Reilly publishing. Farnham GU9 1PL, United Kingdom