Instructors: Damien Holloway, Kunjal Trivedi, Merike Kaeo Who should attend: Network Operations and security staff at ISPs and Network Service Providers. People who are trying to learn ropes of establishing a functioning security system in their network core and edges. Any one else with interest in Security topics. Pre-requisites: This is an advanced course. Good familiarity with UNIX command line and system administration jobs. Knowledge of Layer 3 protocols, and command line of popular routers. Basic knowledge of security concepts is an added advantage. What you will learn: The ISP / NSP Security Workshop focuses on following components to provide comprehensive understanding and hands-on experience allowing you to gain valuable experience in network security best common practices, tools and techniques. - Network infrastructure security
- Security services
For network infrastructure security, best common practice for protecting infrastructure including IP addressing, baseline building, securing IGP and BGP routing protocols and router filtering techniques are covered in detail. Controlling access to the routers, collecting network telemetry information and control plane protection techniques are discussed. A six step methodology for detecting and mitigating DDoS attacks on the infrastructure provides hands-on understanding on how to deal with such attacks. Anti-spoofing measures to combat IP spoofing attacks and Remotely Triggered Blackhole (RTBH) filtering to protect against infrastructure attacks hands-on practice provides easy to deploy tools on the SP networks. The security services address designing, deploying and managing L3 Virtual Private Networks. A balanced discussion covering security of 3VPN provides good basis of evaluating the level of security for the business needs. Finally, a discussion of how managed security services such as IP VPN prepares SP networks for provisioning other security services Abstracts - Network Management and NOC Workshop
Hervey Allen (NSRC), Phil Regnauld (NSRC), Chris Evans (Delta-Risk) - VOIP Deployment Workshop
Jonny Martin (PCH), Vicky Shrestha (PCH), Daniel Griggs (FX Networks) - Network Security Workshop
Damien Holloway (Juniper Networks), Kunjal Trivedi I(Cisco), Merike Kaeo (Doubleshot Security) - ISP Routing Workshop using IPv4 and IPv6
Gaurab Raj Upadhaya(PCH), Amante Alvaran (APNIC), Shankar Vridhagiri - Advanced Routing - BGP Multihoming with IPv4 and IPv6
Philip Smith (Cisco), Mark Tinka (Global Transit) - Toward The Internet 2.0
Hiroshi Esaki, Ph.D. - Advancing the Philippines' Internet Infrastructure
William Torres, Ph.D. - Integrating IP Wireless Sensor Networks
Patrick Grossetete, Archrock - Lessons Learnt from the Beijing Olympic Games Website Measurement
Rocky K. C. Chang, The Hongkong Polytechnic University - A technical demo and overview of .tel
Jim Reid (Telnic) - BGP IN 2008 - what's changed
Geoff Huston (APNIC) - IPv6 Traffic levels on Hurricane Electric's backbone
Martin Levy (Hurricane Electric) - JANET's 40Gbps backbone
Rob Evans (JANET) - From IPv4 only to v4/v6 Dual Stack
Shin Miyakawa (NTT) - How to Keep CGNs from Breaking the Internet
Randy Bush (IIJ) - IPv6 Deployment at IIJ
Yoshinobu Matsuzaki (IIJ) - Session aware NAT
David Miles (Alcatel-Lucent) - IANA and DNSSEC at the root
Richard Lamb (IANA) - IPv6 at Google: lessons learned, state of the art, and the road to deployment
Lorenzo Colitti(Google) - Euro-IX update
Serge Radovcic (Euro-IX) - IPv6 at Monash University
John Mann(Monash University) - What can IXPs do for IPv4/IPv6 route exchange?
Takabayashi Takejiro (Japan Internet Exchange Co., Ltd.) and Mawatari Masataka (Co-author) - What can IXPs do about IPv4 exhaustion?
MAWATARI Masataka (Japan Internet Exchange Co., Ltd.) and TAKABAYASHI Takejiro - DNS-OARC's Open DNSSEC Validating Resolver
Duane Wessels(DNS-OARC) - AMS-IX Update
Cara Mascini(AMS-IX) - DNSSEC in 6 minutes
Joao Damas (ISC) - 32-bit ASNs
Chris Malayter, Switch&Data, Co-author: Greg Hankins , Force10 Networks
|