Securing Networks with Open Source

Overview:

Focused upon the best and most successful Open Source projects currently available, students learn how to leverage the benefits of Open Source solutions through step-by-step hands-on instruction. This course is designed for Windows System Administrators and anyone responsible for network and system security with no previous Linux experience.  This introductory course teaches students practical applications of Open Source tools within their existing Windows environment.

The course begins with an introduction to Linux command shell and basic system administration.  Students implement a virtual network secured by a powerful edge firewall featuring enterprise class capabilities.  Because over 70% of reported intrusions originate internally, course topics focus on reducing the attack surface of Windows hosts by adding Open Source security layers and detect anomalous network activity through event collection, filtering and notification.

Some of the Open Source security layers include a Proxy server with web content filtering. A network intrusion detection sensor with instant notifications and no false positives. A central event logging server capable of reporting anomalous activity from key infrastructure servers and network devices. And a well known host-based intrusion detection system that monitors service activity, log file output, registry activity and system performance.

By the end of the course students have the necessary skills to install a basic Linux Server, configure Open Source tools to secure a Windows network and detect anomalous activity.

Features:

This course features security pillars no network should be without. It begins with a secure and powerful firewall implementation featuring enterprise class capabilities typically costing thousands of dollars from leading commercial vendors. Secondly, an accurate network intrusion detection sensor makes false positives a distant memory with the added benefit of instant notification. Iron clad security benefits of a Proxy server, layered with web content filtering and anti-virus scanning are also covered. Much improved email gateway security through the use of MTA coupled with anti-virus scanning thus eliminating typical MS Exchange attack surface. And, an SSL based VPN implementation with the proven security of Public Key Infrastructure by way of SSL client certificates and two-factor software token authentication. Students are immersed in a VMWare virtual network. Through live demonstrations, class discussions and hands-on labs, students are introduced to Open Source and taught how to install, configure and implement Open Source tools to secure a typical Windows network.

Students will harden a network consisting of:

• VMWare Workstation
• Ubuntu Linux
• Vyatta Firewall
• Squid Proxy Server
• Content Inspection
• SMTP Email Gateway Antivirus
• Virtual Private Network
• Intrusion Detection
• Logging
• OSSEC-HIDS
• Web Application scanning and Clam-AV Anti-virus

Benefits:

• Over 30 total years of experience in Security, Consulting and Infrastructure
• Digital Boundary Group has performed security assessments/audits and penetration testing for over 250 North American clients since 2003.
• We have also developed and delivered Network Security Training programs to Municipal Government, Law Enforcement, Utilities, Financial Services, Insurance, Healthcare, Manufacturing, Professional Services and Education sectors.

Testing:

Final Hacking Attack Exercise:

Students will be challenged with a hacking attack exercise whereby a number of unknown automated attacks will occur against select virtual hosts. Students will be given limited time to apply appropriate configuration changes against virtual hosts to detect and notify of attacks. Upon completion of the exercise Students will be asked to identify attack targets and the purpose of each attack event.