APRICOT 2006 Program > Workshops & Tutorials > Tutorials
| Juniper Advanced
Routing (2 days) |
| - JUNOS philosophy and features, |
| Best Practice Guidelines
for Deploying MPLS (1 day) |
| MPLS core related technologies:
Layer 2 and Layer 2 VPNs; multicast, OAM, Security, IPv6; GMPLS; interworking
scenarios and future direction of MPLS technology. |
| Introduction to WiMax
and Broadband Access technologies (1/2 day) |
| The IEEE 802.16/WiMax (Worldwide
Interoperability for Microwave Access) standard defines the air interface
for fixed point-to-multipoint broadband wireless access networks. It
is a wireless alternative to Digital Subscriber Line (DSL). An amendment,
being drafted, adds mobility support. A lot of works are also going
on in many standards bodies and many edge of service provider network
deployments on session and policy control. This tutorial provides a
detailed introduction to WiMax and covers the ground of access privileges,
resource usage control, QoS, accounting and service and application
mediation. Standards status and update for Cable, DSL Forum, mobile/
3GPP, ITU, TISPAN and some hopes for convergence. It also discusses
some deployment cases to show how it looks like in practice. |
| Delivering Triple
Play Services Over Metro Broadband Network (1/2 day) |
| Metro broadband networks
are capable of delivering a variety of services to the end customers
but why are so many carriers having issues offering triple play services? |
| Security in Mobile
and Wireless Networks (1/2 day) |
| This tutorial will address
a range of technical and performance issues central to the deployment
and operation of secure Wireless LANs (IEEE802.11a, b, g) and UMTS /
CDMA2000 3G networks appropriate for both the enterprise and for wireless
and mobile network operators. It will examine security in the mobile
network architecture including important topics such as cryptographic
tools, devices and equipment, mobility, authentication and security
standards, security testing and evaluation, performance and quality
of service as well as a range of WLAN/3G interoperability and standards
issues. It will discuss the new IEEE802.11i (WPA2) security standard
including new products and performance issues and examine how this will
interwork with 3G Networks. Further, it will discuss the results of
performance tests on various security architectures and configurations
in order to provide useful guidelines for configuration and operation
in practice. |
| Using EAP Authentication
with RADIUS and Configuration of Linux Authentication Server
(1/2 day) |
| The RADIUS protocol is widely used for AAA (authentication, authorisation and accounting. EAP (extensible authentication protocol) is now extensively used for both wireless and wired networks, and there is a bewildering array of EAP flavours to choose from. This tutorial will demonstrate and explain the configuration and operation of a number of EAP versions. The practical demonstration will involve: |
| BGP Deployment, Best
Current Practices and Troubleshooting Techniques for Service Providers
(1 day) |
| This tutorial introduces service providers to BGP, including iBGP, eBGP and common attributes. It will then introduce some more advanced features of BGP, and look at the various scaling techniques available, when to use BGP instead of an IGP, and examine policy options available through the use of local preference, MED and communities. This tutorial introduces service providers to some of the features available in BGP to aid multihoming to the Internet. After an explanation of multihoming and the principles being followed in this tutorial, several examples involving different scenarios will be given. Configuration techniques for modifying inbound and outbound traffic flows are covered, as are some examples on how to use BGP communities in inter-AS relationships. The tutorial finishes by covering some common multihoming security issues. The tutorial discusses the best current practices for ISPs, including
how to configure external peering sessions and how to deploy BGP across
ISP backbones as well as examining common problems ISPs have when deploying
BGP within their network. It looks at problems with peer establishment,
missing routes, inconsistent route selection, and convergence issues.
It also looks at real world examples of common errors which are made
when deploying BGP, both as iBGP and eBGP, in service provider networks. |
| Zebra/Quagga Routing
Suite (1/2 day) |
| Overview: |
| Maximising Your IP
Address Potential (1 day) |
|
This tutorial consists of four different modules. Each module is self-contained so you can pick and choose which modules you are interested in. The modules are described below. 1. Infrastructure development, education and APNIC 2. Creating policies that work for you 3. Efficient address space management 4. Managing your "old" address space |
| Introducing Layer3
VPNs in MPLS Networks (1/2 day) |
| Workshop for customers who
do not have L3VPNs and would like to migrate to a MPLS VPN architecture.
The workshop would cover the migration procedure from any non-Juniper
environment to a Juniper environment. Hands-on material will be included
in this tutorial. |
| Integrated IS-IS
Primer and Infrastructure Routing (1 day) |
| Integrated IS-IS is an IGP
that is popular with large service providers. The objectives of this
tutorial is to allow attendees who have not been using ISIS, to evaluate
if IS-IS is more suited in their environment. For attendees who are
using IS-IS, this session would emphasis the optimal ways to deploy
ISIS in ISP environment. This includes pointers on tuning IS-IS for
fast convergence. The tutorial comprises hands-on and theory sections.
The theory session includes designs and case studies which are specific
to service provider networks. Participants should have baseline knowledge
of either IS-IS/OSPF/BGP. |
| Traffic Engineering
in MPLS Networks (1/2 day) |
| This presentation talks about
the conventional problems in IP networks, different techniques in MPLS
traffic engineering and the limitations and capabilities of MPLS traffic
engineering. The presentation starts with RSVP signaling, various approaches
to Fast reroute, and traffic protection. The presentation also touches
on the multivendor aspects of traffic engineering in Juniper and Cisco
routers and the different implementation flavours |
| Netflow, Flow Tools
and Flow Analysis (1/2 day) |
| Netflow has been increasingly
used as a tool to gather information about traffic flows in IP networks.
Flow analysis has the ability to tell administrators what kind of traffic
is flowing in the network based on traffic types. As has been observed
in the past, netflow can be used to detect attacks and troubleshoot
networks. goals - Enable participant to enable flows on their routers,
collect flow data and display flow data in RRDTool generated graphs.
Pre-requisites - Basic knowledge about routers, Unix based systems,
and IP address and ports. |
| VoIP - Asterisk and
SIP Implementation, Theory, Monitoring and Traffic Engineering
(1 day) |
| This tutorial aims to get a few more people up and running with their own VoIP systems and to provide additional information to those who already are up and running. Implementation of an Asterisk - the Open Source PBX - based VoIP system will be covered from the initial build through to a fully functioning system. The theory and operation of the Session Initiation Protocol (SIP) will be covered. This will include the theory of operation and architecture of SIP and exploration of Open Source implementations with particular emphasis on Asterisk and SIP Express Router (SER). Finally VOIP Network traffic trend analysis through SIP, SIP-T, ISUP,
MGCP, Trunk protocol counters will be covered. This provides an innovative
way to monitor VoIP networks and traffic flows which can help in identifying
capacity, malfunction and mis-configuration issues. Industry wide the
switches need to have this information available for doing trend analysis.
BTS provides ways export the data to a file, which can then be pulled
off the switch in pseudo-real time manner for trend analysis purposes. |
| ISP Network Security
- Survey of Security Threats and Attack Classification (1/2
day) |
| Information on ISP security survey results recently published includes many things that can be done to raise the bar in ISP network, lots of open source tools and techniques. This tutorial will include an introduction to commercial tools as well. Internet architectures are built upon a pair of protocols designed
over 25 years ago and to which virtually no consideration was given
to security. Although the IPv6 networking family has been designed to
address this issue, the majority of existing network infrastructure
is subject to substantial threats. This tutorial examines the current
security risks resulting from using TCP/IP by network providers and
ISPs and how these threats related to traffic carried by these providers
on behalf of their customers can have such devastating effects. This
tutorial classifies the type of attacks possible focusing particularly
on both wireless local and wide area networks. This tutorial will examine and classify the risks and threats in TCP/IP
networks today addressing the limitations of firewalls as well as the
use of Intrusion Detection and Prevention architectures. |
| Large Scale Denial
of Service Attack Mitigation (1/2 day) |
| Denial of service attacks
are a fact of life for service providers today and effective attack
mitigation is key for maintaining availability and exercising control. |
| Best Practice for
Security Patch and Vulnerability Management (1/2 day) |
| Organisations that invest
in complex and expensive network systems could find these systems become
rendered useless if something as simple as patching is not managed effectively.
Hackers continue to use worms, viruses, spyware and malware to exploit
known vulnerabilities on unpatched systems, resulting in costly network
downtime and considerable administrative resource and expense to repair. |
| IPv6 Transition and
Deployment (1/2 day) |
| IPv6 Network Design and Operation Enterprise Deployment Service Provider Deployment IPv6 Services |
| APNIC:
Practical introduction to IPv6 (1 day) |
| The IPv6 tutorial will offer a practical introduction to the basics of IPv6. Participants will learn how to activate IPv6 on PCs, and be given practical instruction on: * Installing IPv6 on different platforms (XP/W2003, Linux, BSD) During the tutorial, attendees will also learn how to accomplish some The tutorial is targeted at engineers and network administrators from both ISPs and SOHO/Enterprise networks. Participants should already have a basic knowledge of IPv4. Note: Considering the hands-on approach of this tutorial, it is highly recommended that participants bring their own laptops, so they can practice the lessons learned during the tutorial. It is assumed that most participants will be using Windows XP, so most of the training will be done on this operating system. However, instructions for other operating systems will be provided as part of the tutorial materials. |
 |
 |
 |
 |
|
|
 |
|
 |
||||||||||||||||||||
APRICOT 2006 |
|
|
||||||||||||||||||||
 |
 |
|||||||||||||||||||||
|
|
