33 Courses in Cardiff

SECURING UNIX SYSTEMS TRAINING COURSE DESCRIPTION This course teaches you everything you need to know to build a safe Linux environment. The first section handles cryptography and authentication with certificates, openssl, mod_ssl, DNSSEC and filesystem encryption. Then Host security and hardening is covered with intrusion detection, and also user management and authentication. Filesystem Access control is then covered. Finally network security is covered with network hardening, packet filtering and VPNs. WHAT WILL YOU LEARN * Secure UNIX accounts. * Secure UNIX file systems. * Secure UNIX access through the network. SECURING UNIX SYSTEMS COURSE DETAILS * Who will benefit: Linux technical staff needing to secure their systems. * Prerequisites: Linux system administration (LPIC-1) * Duration 5 days SECURING UNIX SYSTEMS COURSE CONTENTS * Cryptography * Certificates and Public Key Infrastructures X.509 certificates, lifecycle, fields and certificate extensions. Trust chains and PKI. openssl. Public and private keys. Certification authority. Manage server and client certificates. Revoke certificates and CAs. * Encryption, signing and authentication SSL, TLS, protocol versions. Transport layer security threats, e.g. MITM. Apache HTTPD with mod_ssl for HTTPS service, including SNI and HSTS. HTTPD with mod_ssl to authenticate users using certificates. HTTPD with mod_ssl to provide OCSP stapling. Use OpenSSL for SSL/TLS client and server tests. * Encrypted File Systems Block device and file system encryption. dm-crypt with LUKS to encrypt block devices. eCryptfs to encrypt file systems, including home directories and, PAM integration, plain dm-crypt and EncFS. * DNS and cryptography DNSSEC and DANE. BIND as an authoritative name server serving DNSSEC secured zones. BIND as an recursive name server that performs DNSSEC validation, KSK, ZSK, Key Tag, Key generation, key storage, key management and key rollover, Maintenance and resigning of zones, Use DANE. TSIG. * Host Security * Host Hardening BIOS and boot loader (GRUB 2) security. Disable useless software and services, sysctl for security related kernel configuration, particularly ASLR, Exec-Shield and IP / ICMP configuration, Exec-Shield and IP / ICMP configuration, Limit resource usage. Work with chroot environments, Security advantages of virtualization. * Host Intrusion Detection The Linux Audit system, chkrootkit, rkhunter, including updates, Linux Malware Detect, Automate host scans using cron, AIDE, including rule management, OpenSCAP. * User Management and Authentication NSS and PAM, Enforce password policies. Lock accounts automatically after failed login attempts, SSSD, Configure NSS and PAM for use with SSSD, SSSD authentication against Active Directory, IPA, LDAP, Kerberos and local domains, Kerberos and local domains, Kerberos tickets. * FreeIPA Installation and Samba Integration FreeIPA, architecture and components. Install and manage a FreeIPA server and domain, Active Directory replication and Kerberos cross-realm trusts, sudo, autofs, SSH and SELinux integration in FreeIPA. * Access Control * Discretionary Access Control File ownership and permissions, SUID, SGID. Access control lists, extended attributes and attribute classes. * Mandatory Access Control TE, RBAC, MAC, DAC. SELinux, AppArmor and Smack. * etwork File Systems NFSv4 security issues and improvements, NFSv4 server and clients, NFSv4 authentication mechanisms (LIPKEY, SPKM, Kerberos), NFSv4 pseudo file system, NFSv4 ACLs. CIFS clients, CIFS Unix Extensions, CIFS security modes (NTLM, Kerberos), mapping and handling of CIFS ACLs and SIDs in a Linux system. * Network Security * Network Hardening FreeRADIUS, nmap, scan methods. Wireshark, filters and statistics. Rogue router advertisements and DHCP messages. * Network Intrusion Detection ntop, Cacti, bandwidth usage monitoring, Snort, rule management, OpenVAS, NASL. * Packet Filtering Firewall architectures, DMZ, netfilter, iptables and ip6tables, standard modules, tests and targets. IPv4 and IPv6 packet filtering. Connection tracking, NAT. IP sets and netfilter rules, nftables and nft. ebtables. conntrackd * Virtual Private Networks OpenVPN server and clients for both bridged and routed VPN networks. IPsec server and clients for routed VPN networks using IPsec-Tools / racoon. L2TP.

MICROSOFT LYNC TRAINING COURSE DESCRIPTION This course teaches IT staff how to plan, design, deploy, configure, and administer a Microsoft Lync Server solution. The course emphasizes Lync Server Enterprise Unified Communications features focussing particularly on coexisting with and migrating from legacy communication services. The labs in this course create a solution that includes IM and Presence, Conferencing, and Persistent Chat. This course helps prepare for Exam 70-336. WHAT WILL YOU LEARN * Describe the Lync Server architecture. * Install and deploy Lync Server. * Use Lync Server management interfaces. * Deploy and manage clients. * Manage and administer dial-in conferencing. * Design audio and video for web conferencing. * Plan for instant message and presence Federation. * Deploy and configure persistent chat in Lync. * Configure archiving and monitoring services. * Troubleshoot Lync Server. * Describe the required daily, weekly, and monthly maintenance tasks. * Use SIP commands and analyze SIP logs. * Configure high availability features in Lync. * Design load balancing in Lync Server. * Backup and restore Lync Server data. MICROSOFT LYNC TRAINING COURSE DETAILS * Who will benefit: Technical staff working with Microsoft Lync. * Prerequisites: Supporting Windows 2008 or 2012. * Duration 5 days MICROSOFT LYNC TRAINING COURSE CONTENTS * Microsoft Lync Server architecture Lync Server architecture, Lync core capabilities, Lync design process, assessing infrastructure requirements and updating the design, planning for all Microsoft solutions framework phases. * Designing a Lync Server topology Infrastructure requirements for Lync Server, using the planning tool, using topology builder, server infrastructure, documentation. Hands on Environment preparation and Lync Server pools. * Users and rights in Microsoft Lync Server Managing Lync Server, role based access control. Hands on Using the management shell, configuring role-based access control. * Client/device deployment and management Deploy and manage clients, prepare for device deployment, IP phones. Hands on Clients. * Conferencing in Lync Server Introduction to conferencing in Lync Server, designing for audio\video and web conferencing, dial-in conferencing in Lync Server, managing and administering conferencing. Hands on Conferencing in Microsoft Lync. * Designing and deploying external access Conferencing and external capabilities of Lync Server, planning for IM and presence federation, designing edge services. Hands on Deploying Edge Server and Configuring Remote Access, Validating the Edge Server. * Deploying Lync Server persistent chat Overview of persistent chat architecture in Lync Server, designing persistent chat, deploying and persistent chat. Hands on persistent chat server. * Monitoring and archiving The archiving service, the monitoring service, configuring archiving and monitoring. Hands on Archiving and monitoring in Lync Server. * Administration and maintenance of Lync Lync Server troubleshooting tools, Lync Server operational tasks, Lync Server troubleshooting techniques. Hands on Lync administration tools, centralized logging service, analysing Lync Server logs and traces. * High Availability in Lync Server High availability in Lync Server, configuring high availability in Lync Server, planning for load balancing, designing load balancing. Hands on Configuring database mirroring, experiencing a scheduled SQL Server outage, experiencing an unscheduled SQL Server outage. * Disaster recovery in Lync Server Disaster recovery in Lync Server, tools for backing up and restoring Lync Server, critical Lync Server data to back up and restore, critical data to export and import, designing branch site resiliency. Hands on Configure pool pairing, experiencing a pool failure or outage. * Planning a migration to Lync Server Coexistence and migration, migration steps, planning for clients and devices. Designing a client migration and device migration strategy. Hands on Creating a migration plan, documenting the migration phases.

SECURING LINUX SYSTEMS TRAINING COURSE DESCRIPTION This course teaches you everything you need to know to build a safe Linux environment. The first section handles cryptography and authentication with certificates, openssl, mod_ssl, DNSSEC and filesystem encryption. Then Host security and hardening is covered with intrusion detection, and also user management and authentication. Filesystem Access control is then covered. Finally network security is covered with network hardening, packet filtering and VPNs. WHAT WILL YOU LEARN * Secure Linux accounts. * Secure Linux file systems. * Secure Linux access through the network. SECURING LINUX SYSTEMS TRAINING COURSE DETAILS * Who will benefit: Linux technical staff needing to secure their systems. * Prerequisites: Linux system administration (LPIC-1) * Duration 5 days SECURING LINUX SYSTEMS TRAINING COURSE CONTENTS * Cryptography * Certificates and Public Key Infrastructures X.509 certificates, lifecycle, fields and certificate extensions. Trust chains and PKI. openssl. Public and private keys. Certification authority. Manage server and client certificates. Revoke certificates and CAs. * Encryption, signing and authentication SSL, TLS, protocol versions. Transport layer security threats, e.g. MITM. Apache HTTPD with mod_ssl for HTTPS service, including SNI and HSTS. HTTPD with mod_ssl to authenticate users using certificates. HTTPD with mod_ssl to provide OCSP stapling. Use OpenSSL for SSL/TLS client and server tests. * Encrypted File Systems Block device and file system encryption. dm-crypt with LUKS to encrypt block devices. eCryptfs to encrypt file systems, including home directories and, PAM integration, plain dm-crypt and EncFS. * DNS and cryptography DNSSEC and DANE. BIND as an authoritative name server serving DNSSEC secured zones. BIND as an recursive name server that performs DNSSEC validation, KSK, ZSK, Key Tag, Key generation, key storage, key management and key rollover, Maintenance and resigning of zones, Use DANE. TSIG. * Host Security * Host Hardening BIOS and boot loader (GRUB 2) security. Disable useless software and services, sysctl for security related kernel configuration, particularly ASLR, Exec-Shield and IP / ICMP configuration, Exec-Shield and IP / ICMP configuration, Limit resource usage. Work with chroot environments, Security advantages of virtualization. * Host Intrusion Detection The Linux Audit system, chkrootkit, rkhunter, including updates, Linux Malware Detect, Automate host scans using cron, AIDE, including rule management, OpenSCAP. * User Management and Authentication NSS and PAM, Enforce password policies. Lock accounts automatically after failed login attempts, SSSD, Configure NSS and PAM for use with SSSD, SSSD authentication against Active Directory, IPA, LDAP, Kerberos and local domains, Kerberos and local domains, Kerberos tickets. * FreeIPA Installation and Samba Integration FreeIPA, architecture and components. Install and manage a FreeIPA server and domain, Active Directory replication and Kerberos cross-realm trusts, sudo, autofs, SSH and SELinux integration in FreeIPA. * Access Control * Discretionary Access Control File ownership and permissions, SUID, SGID. Access control lists, extended attributes and attribute classes. * Mandatory Access Control TE, RBAC, MAC, DAC. SELinux, AppArmor and Smack. * etwork File Systems NFSv4 security issues and improvements, NFSv4 server and clients, NFSv4 authentication mechanisms (LIPKEY, SPKM, Kerberos), NFSv4 pseudo file system, NFSv4 ACLs. CIFS clients, CIFS Unix Extensions, CIFS security modes (NTLM, Kerberos), mapping and handling of CIFS ACLs and SIDs in a Linux system. * Network Security * Network Hardening FreeRADIUS, nmap, scan methods. Wireshark, filters and statistics. Rogue router advertisements and DHCP messages. * Network Intrusion Detection ntop, Cacti, bandwidth usage monitoring, Snort, rule management, OpenVAS, NASL. * Packet Filtering Firewall architectures, DMZ, netfilter, iptables and ip6tables, standard modules, tests and targets. IPv4 and IPv6 packet filtering. Connection tracking, NAT. IP sets and netfilter rules, nftables and nft. ebtables. conntrackd * Virtual Private Networks OpenVPN server and clients for both bridged and routed VPN networks. IPsec server and clients for routed VPN networks using IPsec-Tools / racoon. L2TP.

CWSP TRAINING COURSE DESCRIPTION A hands-on training course concentrating solely on WiFi security with an emphasis on the delegates learning the necessary knowledge and skills to pass the CWSP exam. The course progresses from simple authentication, encryption and key management onto in depth coverage of 802.X and EAP along with many other security solutions such as access control, intrusion prevention and secure roaming. WHAT WILL YOU LEARN * Demonstrate the threats to WiFi networks. * Secure WiFi networks. * Configure: WPA2 RADIUS 802.1x EAP * Pass the CWSP exam. CWSP TRAINING COURSE DETAILS * Who will benefit: Technical network staff. Technical security staff. * Prerequisites: Certified Wireless Network Associate. * Duration 5 days CWSP TRAINING COURSE CONTENTS * WLAN Security overview Standards, security basics, AAA, 802.11 security history. Hands on WLAN connectivity. * Legacy 802.11 security Authentication: Open system, shared key. WEP. VPNs. MAC filters. SSID segmentation, SSID cloaking. Hands on Analysing 802.11 frame exchanges, viewing hidden SSIDs. * Encryption Basics, AES, TKIP, CCMP, WPA, WPA2. Hands on Decrypting 802.11 data frames. * 802.11 layer 2 authentication 802.1X: Supplicant, Authenticator, Authentication server. Credentials. Legacy authentication. EAP, Weak EAP protocols, Strong EAP protocols: EAP -PEAP, EAP-TTLS, EAP-TLS, EAP-FAST. Hands on Analysing 802.1X/EAP frames. * 802.11 layer 2 dynamic key generation Robust Security Network. Hands on Authentication and key management. * SOHO 802.11 security WPA/WPA2 personal, Preshared Keys, WiFi Protected Setup (WPS). Hands on PSK mapping. * WLAN security infrastructure DS, Autonomous APs, WLAN controllers, split MAC, mesh, bridging, location based access control. Resilience. Wireless network management system. RADIUS/LDAP servers, PKI, RBAC. Hands on 802.1X/EAP configuration. RADIUS configuration. * 802.11 Fast secure roaming History, RSNA, OKC, Fast BSS transition, 802.11k. Hands on Roaming. * Wireless security risks Rogue devices, rogue prevention. Eavesdropping, DOS attacks. Public access and hotspots. Hands on Backtrack. * WiFi security auditing Layer 1 audit, layer 2 audit, pen testing. WLAN security auditing tools. * WiFi security monitoring Wireless Intrusion Detection and Prevention Systems. Device classification, WIDS/WIPS analysis. Monitoring. 802.11w. Hands on Laptop spectrum analysers. * VPNs, remote access, guest access Role of VPNs in 802.11, remote access, hotspots, captive portal. * Wireless security policies General policy, functional policy, recommendations.

C++ TRAINING COURSE DESCRIPTION A hands on introduction to programming in the C++ language. The course concentrates on aspects that will be new to experienced C programmers and so is not suitable for those without C knowledge. WHAT WILL YOU LEARN * Write C++ programs * Debug C++ programs. * Examine existing code and determine its function. * Use classes, function overloading, operator overloading, inheritance and virtual functions within C++ programs. C++ TRAINING COURSE DETAILS * Who will benefit: Programmers needing to write C++ code. Programmers needing to maintain C++ code. * Prerequisites: C programming foundation. * Duration 5 days C++ TRAINING COURSE CONTENTS * The origins of C++ C++ as a better C, C++ and Object Oriented Programming, encapsulation, polymorphism, inheritance. C++ standards. * Getting started Simple C++ programs. * Classes Basics, constructor and destructor functions, member and friend functions. Using objects. Default, copy and conversion constructors. * A better C Arrays, pointers and references, new and delete. Improved safety with smart pointers, Resource Acquisition in Initialization (RAII). * Functions in C++ Function overloading, default arguments, inline functions, Lambda functions. * Templates Template classes and functions. * Standard Library Containers, Iterators, algorithms, function objects. * Operator overloading Basics, binary operators, the this pointer, relational operators, unary operators. Members versus friends. * Inheritance Base class access control, protected members, multiple inheritance, virtual base classes. * More I/O Manipulators, customising inserters, extractors. File I/O. * Virtual functions Pointers to derived classes, run time polymorphism. * Exception handling Throwing errors, trying code and catching errors.

SUPPORTING MICROSOFT IIS TRAINING COURSE DESCRIPTION This course provides students with the fundamental knowledge and skills to configure and manage Internet Information Services. This course is intended to help provide pre-requisite skills supporting a broad range of Internet web applications, security, and knowledge to help support other products that use IIS such as Exchange and SharePoint. WHAT WILL YOU LEARN * Install IIS. * Configure IIS. * Secure websites. * Maintain IIS. SUPPORTING MICROSOFT IIS TRAINING COURSE DETAILS * Who will benefit: Technical staff working with Microsoft IIS. * Prerequisites: TCP/IP foundation for engineerss Supporting Windows ( XP or 2000 or 2003) * Duration 5 days SUPPORTING MICROSOFT IIS COURSE CONTENTS * Overview and Installing IIS Web Server infrastructure, installing IIS. Hands on Default install of IIS, verify and test.. * Configuring the default website Default website, IIS Manager, default IIS file structure, configuring DNS records for a website, creating virtual directories and Applications. Hands on Configuring the Default website for public access. Creating Virtual Directories and Applications. * Application Pools Application Pool Architecture, Application Pool recycling. Hands on Creating and managing Application Pools. * Creating additional websites Multiple websites on a single server, website bindings. Hands on Creating new websites. * Website and Web application support Configuring Common features, adding support for web applications. Hands on Adding support for web applications. * Securing Websites and applications Access control, sites, applications, authentication and permissions. URL authorization rules. Hands on Configuring Authentication and permissions. * Securing Data Transmissions with SSL Certificates and SSL, creating certificates for a web server, adding a certificate to a website. Hands on Certificates and HTTPS. * Using the Central Certificate Store The Central Certificate Store. Hands on Install and configure the Central Certificate Store. * Configuring Remote Administration Installing and Configuring the Management Service. Connecting to remote web servers and websites. Delegating Management Access. Hands on Remote administration. * Implementing FTP Implementing FTP, configuring an FTP site. Hands on Install and configure a secured FTP site. * Monitoring IIS IMonitoring IIS logs with Log Parser. Hands on Analyze a set of IIS log files for possible issues using Log Parser. Analyze performance data for performance related problems using PerfMon. * Backing up and Restoring IIS The IIS environment. Hands on Performing a backup and restore of a website. * Building Load-Balanced Web Farms Load-balancing mechanisms, building a Load-Balanced Web Farm using ARR, sharing content to a Web Farm using a network share, Sharing content to a Web Farm using DFS-R, Sharing IIS Configurations in a Web Farm. Hands on Installing and configuring ARR, sharing content to a Web Farm using network share and DFS-R, sharing IIS Configurations in a Web Farm.

CCNP (ENARSI) TRAINING COURSE DESCRIPTION The Implementing Cisco Enterprise Advanced Routing and Services (ENARSI) v1.0 gives you the knowledge you need to install, configure, operate, and troubleshoot an enterprise network. This course covers advanced routing and infrastructure technologies, expanding on the topics covered in the Implementing and Operating Cisco Enterprise Network Core Technologies (ENCOR) v1.0 course. This course helps prepare for the exam, Implementing Cisco Enterprise Advanced Routing and Services (300- 410 ENARSI), which leads to the new CCNP WHAT WILL YOU LEARN * Gain the knowledge you need to install, configure, operate, and troubleshoot an enterprise network. * Qualify for professional-level job roles in advance routing and services * Prepare for the Implementing Cisco Enterprise Advanced Routing and Services Exam (300-410 ENARSI). CCNP (ENARSI) TRAINING COURSE DETAILS * Who will benefit: Enterprise network engineers, System engineers, System administrators, Network administrators. * Prerequisites: CCNP core * Duration 5 days CCNP (ENARSI) TRAINING COURSE CONTENT * Course Objectives Configure classic Enhanced Interior Gateway Routing Protocol (EIGRP) and named EIGRP for IPv4 and IPv6 Optimize classic EIGRP and named EIGRP for IPv4 and IPv6 Troubleshoot classic EIGRP and named EIGRP for IPv4 and IPv6 Configure Open Shortest Path First (OSPF)v2 and OSPFv3 in IPv4 and IPv6 environments Optimize OSPFv2 and OSPFv3 behaviour Troubleshoot OSPFv2 for IPv4 and OSPFv3 for IPv4 and IPv6 Implement route redistribution using filtering mechanisms Troubleshoot redistribution Implement path control using Policy-Based Routing (PBR) and IP Service Level Agreement (SLA) Configure Multiprotocol-Border Gateway Protocol (MPBGP) in IPv4 and IPv6 environments Optimize MPBGP in IPv4 and IPv6 environments Troubleshoot MPBGP for IPv4 and IPv6 Describe the features of Multiprotocol Label Switching (MPLS) Describe the major architectural components of an MPLS VPN Identify the routing and packet forwarding functionalities for MPLS VPNs Explain how packets are forwarded in an MPLS VPN environment Implement Cisco Internetwork Operating System (IOS) Dynamic Multipoint VPNs (DMVPNs) Implement Dynamic Host Configuration Protocol (DHCP) Describe the tools available to secure the IPV6 first hop Troubleshoot Cisco router security features Troubleshoot infrastructure security and services * Course Outline Implementing EIGRP Optimizing EIGRP Troubleshooting EIGRP Implementing OSPF Optimizing OSPF Troubleshooting OSPF Configuring Redistribution Troubleshooting Redistribution Implementing Path Control Implementing Internal Border Gateway Protocol (IBGP) Optimizing BGP Implementing MP-BGP Troubleshooting BGP Exploring MPLS Introducing MPLS L3 VPN Architecture Introducing MPLS L3 VPN Routing Configuring Virtual Routing and Forwarding (VRF)-Lite Implementing DMVPN Implementing DHCP Introducing IPv6 First Hop Security Securing Cisco Routers Troubleshooting Infrastructure Security and Services Troubleshooting with DNA Center Assurance. * Lab outline Configure EIGRP Using Classic Mode and Named Mode for IPv4 and IPv6 Verify the EIGRP Topology Table Configure EIGRP Stub Routing, Summarization, and Default Routing Configure EIGRP Load Balancing and Authentication Troubleshoot EIGRP Issues Configure OSPFv3 for IPv4 and IPv6 Verify the LinkState Database Configure OSPF Stub Areas and Summarization Configure OSPF Authentication Troubleshoot OSPF Issues Implement Routing Protocol Redistribution Manipulate Redistribution Manipulate Redistribution Using Route Maps Troubleshoot Redistribution Issues Implement PBR Configure IBGP and External Border Gateway Protocol (EBGP) Implement BGP Path Selection Configure BGP Advanced Features Configure BGP Route Reflectors Configure MP-BGP for IPv4 and IPv6 Troubleshoot BGP Issues Configure Routing with VRF -Lite Implement Cisco IOS DMVPN Obtain IPv6 Addresses Dynamically Troubleshoot DHCPv4 and DHCPv6 Issues Troubleshoot IPv4 and IPv6 Access Control List (ACL) Issues Configure and Verify Unicast Reverse Path Forwarding (uRPF) Troubleshoot Network Management Protocol Issues: Lab 1 and 2

GPON AND FTTX NETWORKS TRAINING COURSE DESCRIPTION Designed to benefit those requiring an in depth knowledge of the principles and applications of Ten Gigabit and Gigabit Passive Optical Networking and Fibre to the X in NG Networks applications and their associated equipment, its flexibility and function within a modern transmission network. Using an effective mix of 'hands on' equipment instruction and correlation to theory based learning the delegate will gain a complete understanding of the equipment and the tasks to be undertaken in a real life situation. WHAT WILL YOU LEARN * Compare PON/FTTx systems. * Explain network elements and designs. * Support applications and network interfaces. * List circuit provisioning and bandwidth requirements. * Understand upstream & downstream issues. * Describe headend & network elements/OLT-ONT. * Perform network testing with OTDR test sets. GPON AND FTTX NETWORKS TRAINING COURSE DETAILS * Who will benefit: Anyone working with GPON and FTTx. * Prerequisites: Introduction to data communications and networking. * Duration 5 days GPON AND FTTX TRAINING COURSE CONTENTS * FTTN, FTTC, FTTH SMF, MMF, Fibre safety and properties (dispersion/attenuation), Fibre reel cables and types, Fibre installation and air blown fibre, Transmitters and receivers - power budget/laser classes. Fibre to the home (FTTH), FTTC (Fibre to the Cabinet), FTTN (Fibre to the node) , FTTD (Fibre to the desk), FFTH topologies and wavelengths, Active or passive optical network. * WDM equipment and GPON OSP design Wavelength considerations, WDM/DWDM/CWDM, EDFA optical amplification, AWG (Arrayed Waveguide Grating) splitters , Couplers (splitters) and losses, Optical splitters 1x2, 1x4, 1x8, 1x16, 1x32, 1x64, 2x64. * PON variants Gigabit passive optical network (GPON), Gigabit Ethernet passive optical network (GEPON), Time division PON (TDM-PON), Wave Division Multiplexing PON (WDM-PON), 1Gbps, 10Gbps, 40Ggps, 100Gbps FSAN (Full Service Access Network) NGA (Next Generation Access), Strategies for TDM-PON to WDM-PON migration, Architecture of NG-PON (hybrid WDM/TDM PON), Additional services than triple play. * GEPON design GPON OSP centralized and distributed design, GPON PON splitters x4 x8 x32, Fibre splice trays /cassette trays & enclosures, GPON field testing and installation verification, GPON physical layer testing, Optical time domain reflectometer (OTDR), Optical power source & meter, Optical return loss (ORL), APON/BPON/GPON/EPON comparisons. * GPON ITU-T G.984.1 Reference model, terminology & architecture, Access network system management functions. ONT & OLT functional block examples. FTTx scenarios, 4 switching arrangements for external access network backup. * GPON ITU-T G.984.2 Physical layer, Enhancement band, Bit rate and wavelengths, FEC and RAMAN. * GPON ITU-T G.984.3 Frame structure, GPON encapsulation method (GEM), GTC adaptation and framing sublayer protocol stack, Status reporting & traffic monitoring DBA (SR-DBA & TM-DBA), Transmission container (T-CONT) types, Downstream & upstream multiplexing, GEM port identifier, Media access control and ONU registration, Extended bandwidth assignment model scheduling architecture, PLOAM & alarm messages, Downstream & Upstream FEC, Process order in a GTC transmit flow. * GPON ITU-T G.984.4 and G.988 ONT management and control interface (OMCI) Management interface, Reference model, Typical ONT with SCTE 55-1 or SCTE 55-2 compliancy. * GPON ITU-T G.984.5 enhancement band Band options, GPON NGA, Wavelength allocation. * GPON ITU-T G.984.6 optical reach extension (G.984.re) Reach extension (RE), OA-based and OEO-based reach extenders, Protection, Reach extender with OTDR blocking filters (BF) and bypass (BYP) filters. * GPON ITU-T G.984.7 long reach Quiet Window. * 10-GPON ITU-T G.987.1 (XG-PON) Scenarios, reference access network architecture, XG-PON with G-PON through WDM1r, G-PON and XG-PON wavelength allocation, G-PON and XG-PON co-existence with video overlay option, RE migration scenarios. * G.989 40Gbps XG-PON2 Functional reference architecture, NG-PON2 system coexistence with legacy systems, Definitions of legacy compatibility terminology. * GPON issues and standards GPON components GPON OLT / GPON ONT, GPON management, Operational support systems (OSS), Network management systems (NMS), OMCI (ONT Management control interface), RG (Residential gateway), Data and prioritised voice channel product, GPON broadband-forum standards, Broadband-forum , TR-069 and TR-156, HPNA (home phone network alliance), Powerline carrier (PLC), GPON DLNI G.hn or G.9960, MOCA, FTTH council certification standard for network certification. Fibre-connected home badge, Ethernet in the first mile (EFM), GPON frame synchronization to network timing, Direct clock synchronization interface (BITS), Multiservice access platform (MSAP), Software planning tool, Superconnected cities / voucher scheme. * Hands on practical assignments Single and multimode fibre recognition, Fibre Cleaning methods, Checking cleaning with an optical microscope, Optical light source and optical power meter referencing, PON splitter and fibre drum testing with an optical power meter, 6km classroom passive optical network testing with an OTDR at 1310/1550nm, Using decibels (dB's) and decibel milliwats (dBm's), Designing networks up to 20km long using vendor specifications (power budget), Fault finding with a visible fault locator.

NETWORK DESIGN TRAINING COURSE DESCRIPTION This course provides you with the knowledge needed to perform the design of a network infrastructure that supports desired network solutions to achieve effective performance, scalability, and availability. We recognise that the role of design does not normally require hands on skills but hands on sessions are used to reinforce the theory not to teach configuration or troubleshooting. WHAT WILL YOU LEARN * Create HA enterprise network designs. * Develop optimum Layer 3 designs. * Design effective modern WAN and data center networks. * Develop effective migration approaches to IPv6. * Create effective network security designs. NETWORK DESIGN TRAINING COURSE DETAILS * Who will benefit: Anyone involved with network design. * Prerequisites: TCP/IP Foundation for engineers * Duration 5 days NETWORK DESIGN TRAINING COURSE CONTENTS PART I RELIABLE, RESILIENT ENTERPRISE L2/3 NETWORK DESIGN Optimal Enterprise Campus Design: Enterprise campus design principles, hierarchy, modularity, flexibility, resiliency. EIGRP design: EIGRP Design, Should you use EIGRP? OSPF design: OSPF scalability designs, OSPF area design, OSPF Full-Mesh Design, OSPF Hub-and-Spoke Design, OSPF convergence design and optimization techniques. IS-IS Design: The protocol, IS-IS hierarchical architecture, IS-IS vs OSPF, IS-IS Deep Dive, IS-IS Design Considerations. BGP design: BGP overview, Designing Scalable iBGP Networks, BGP Route Reflector Design, Enhancing the Design of BGP Policies with BGP Communities, Case Study: Designing Enterprise wide BGP Policies Using BGP Communities, BGP Load-Sharing Design. PART II ENTERPRISE IPV6 DESIGN CONSIDERATIONS IPv6 Design Considerations in the Enterprise: IPv6 Deployment and Design Considerations, Considerations for Migration to IPv6 Design, IPv6 Transition Mechanisms, Final Thoughts on IPv6 Transition Mechanisms. Challenges of the Transition to IPv6: IPv6 Services, Link Layer Security Considerations. PART III MODERN ENTERPRISE WIDE-AREA NETWORKS DESIGN Service Provider-Managed VPNs: Choosing Your WAN Connection, Layer 3 MPLS VPNs, Case Study: MPLS VPN Routing Propagation, Layer 2 MPLS VPN Services. Enterprise-Managed WANs: Enterprise-Managed VPNs, GRE, Multipoint GRE, Point-to-Point and Multipoint GRE, IPsec, IPsec and dynamic VTI, DMVPN, Case Study: EIGRP DMVPN, DMVPN and Redundancy, Case Study: MPLS/VPN over GRE/DMVPN, SSL VPN. Enterprise WAN Resiliency Design: WAN Remote-Site Overview, MPLS L3 WAN Design Models, Common L2 WAN Design Models, Common VPN WAN Design Models, 3G/4G VPN Design Models, Remote Site Using Local Internet, Remote-Site LAN, Case Study: Redundancy and Connectivity, NGWAN, SDWAN, and IWAN Solution Overview, IWAN Design Overview, Enterprise WAN and Access Management. PART IV ENTERPRISE DATA CENTER DESIGNS Multitier Data Center Designs: Case Study: Small Data Centers (Connecting Servers to an Enterprise LAN), Case Study: Two-Tier Data Center Network Architecture, Case Study: Three-Tier Data Center Network Architecture. Trends and Techniques to Design Modern Data Centers: The Need for a New Network Architecture, Limitations of Current Networking Technology, Modern Data Center Design Techniques and Architectures, Multitenant Data Center. SDN: SDN characteristics, How SDN addresses current Networking Limitations, SDN Architecture Components, SDN Network Virtualization overlays. Data Center Connections: Data Center Traffic Flows, The Need for DCI, IP Address Mobility, Case Study: Dark Fiber DCI, Pseudowire DCI. PART V DESIGN QOS FOR OPTIMIZED USER EXPERIENCE QoS Overview: QoS Overview, IntServ versus DiffServ, Classification and Marking, Policers and Shapers, Policing Tools: Single-Rate Three-Color Marker, Policing Tools: TwoRate Three-Color Marker, Queuing Tools, Dropping Tools. QoS design principles and best practices: QoS overview, classification and marking design principles, policing and remarking design principles, queuing design principles, dropping design principles, Per-Hop behavior queue design principles, RFC 4594 QoS Recommendation, QoS Strategy Models. Campus QoS, WAN QoS, Data Center QoS. MPLS VPN QoS Design: The Need for QoS in MPLS VPN, Layer 2 Private WAN QoS Administration, Fully Meshed MPLS VPN QoS Administration, MPLS DiffServ Tunneling Modes, Sample MPLS VPN QoS Roles. IPsec VPN QoS Design: The Need for QoS in IPsec VPN, VPN Use Cases and Their QoS Models, IPsec Refresher, Encryption and Classification: Order of Operations, MTU Considerations, DMVPN QoS Considerations. PART VI IP MULTICAST DESIGN Enterprise IP Multicast Design: How Does IP Multicast Work? Multicast Protocols, Multicast Forwarding and RPF Check, Multicast Protocol Basics, PIM-SM Overview, Multicast Routing Table, Basic SSM Concepts, Bidirectional PIM. RP discovery, Anycast RP Features, MSDP. PART VII DESIGNING OPTIMUM ENTERPRISE NETWORK SECURITY Designing Security Services and Infrastructure Protection Network Security Zoning, Designing Infrastructure Protection. Designing firewall & IPS solutions: Firewall architectures, virtualized firewalls. Case Study: Application Tier separation, Case Study: Firewalls in a Data Center, Case Study: Firewall High Availability, IPS Architectures, Case Study: Secure Campus Edge Design (Internet and Extranet Connectivity). IP Multicast Security: Multicast Security Challenges, Multicast Network Security Considerations. Designing Network Access Control Solutions: IEEE 802.1X, EAP, 802.1X supplicants, 802.1X phased deployment, Case Study: Authorization Options. PART VIII DESIGN SCENARIOS Design Case Studies: 1: Enterprise Connectivity, 2: Enterprise BGP with Internet Connectivity, 3: IPv6, 4: Data Center Connectivity, 5: Resilient Enterprise WAN, 6: Secure Enterprise Network, 7: QoS in the Enterprise Network.

CENTOS TRAINING COURSE DESCRIPTION This three day hands on course provides a comprehensive coverage of core Linux administration tasks on CentOS Linux. WHAT WILL YOU LEARN * Administer & configure Linux systems. * Maintain Linux by handling disk space and taking regular backups. * Manage software packages. * Perform basic troubleshooting. * Maintain a secure Linux system. * Describe the organisation and implementation of the filesystem. CENTOS TRAINING COURSE DETAILS * Who will benefit: System administrators. Network administrators. * Prerequisites: Linux fundamentals * Duration 3 days CENTOS TRAINING COURSE CONTENTS * Managing software Package Concepts, RPM, rpm Commands, Yum, Dependencies and Conflicts, Startup Script Problems, Shared Libraries, Library Management, Managing Processes, the Kernel: The First Process, Process Lists, Foreground & Background Processes, Process Priorities, Killing Processes. * Configuring hardware Configuring Firmware and Hardware, IRQs, I/O Addresses, DMA Addresses, Boot Disks, Coldplug and Hotplug Devices, Configuring Expansion Cards and PCI Cards, Kernel Modules, USB Devices, Linux USB Drivers, Configuring Hard Disks, Partitioning Systems, LVM, Common Layouts, Creating Partitions and Filesystems, Maintaining Filesystem Health, Tuning, Journals, Checking Filesystems, Monitoring Disk Use, Mounting and Unmounting Filesystems. * Managing files File Management Commands, File Naming and Wildcards, File Archiving, Links, Directory Commands, File Ownership and Group, File access control, Permissions, chmod, Defaults, File Attributes, Disk Quotas, Enabling and setting Quotas, Locating Files, The FHS. * Booting Linux and editing files Installing Boot Loaders, GRUB Legacy, GRUB 2, Alternative Boot Loaders, the Boot Process, Boot Messages, Runlevels and the Initialization Process, Runlevel Functions, Runlevel Services, Alternative Boot Systems , Upstart, system. * Administering the system Managing Users and Groups, Tuning User and System Environments, Using System Log Files, Understanding syslogd , Setting Logging Options, Manually Logging Data, Rotating Log Files, Reviewing Log File Contents, Maintaining the System Time, Linux Time Concepts, Manually Setting the Time, Using NTP, Running Jobs in the Future, Understanding the Role of cron, Creating System cron Jobs, Creating User cron Jobs, Using anacron, Using at. * Configuring basic networking TCP/IP, Network Hardware, Network Addresses, Hostnames, Network Ports, Configuring Linux for a Local Network, Configuring with DHCP, Static IP Address, Configuring Routing, Using GUI Configuration Tools, ifup and ifdown, Diagnosing Network Connections, Testing Connectivity, Tracing a Route, Checking Network Status , Examining Network Traffic, Additional Tools. * Securing your systems Administering Network Security, Super Server Restrictions, Disabling Unused Servers, Administering Local Security, Securing Passwords, Limiting root Access, Setting Login, Process, SUID/SGID Files, Configuring SSH, Using GPG, Generating, Importing and Revoking Keys, Encrypting and Decrypting Data, Signing Messages and Verifying Signatures.