Instructor: Tashi Phuntsho

This workshop is intended for network engineers, managers, and policy makers to understand security threats, preventions, and recovery.

Target audience

Technical staff who are now building or operating a wide area service provider network and who also wish to learn more about securing their network infrastructure.


It is assumed that the workshop participants to have good knowledge of Unix/Linux and understand the general concepts related to networking and computing.
Participants are required to bring laptops with working wireless.

Workshop Topics

  1. Threat Models
    • Types of Attackers
    • Network Infrastructure
    • Service Infrastructure (e.g. DNS, email)
    • Users
  2. Network Infrastructure
    • Router and Switch Protection
    • Routing Protocol Protection
    • Detecting Sick Hosts and Walling Them
  3. Infrastructure Services
    • IDS
    • Firewalls
    • Anomaly Detection
  4. End User Hosts
    • Mac, Unix, and Linux
    • Keeping Up to Date – Patching
    • Keeping Up to Date – Patching
    • Host Based Firewalls
    • Authentication Services
    • PKI Services
    • Checking for Disease: Scanners
    • Preventing Disease: Anti-virus
    • Safe Mail Practices
    • Safe Browsing Practices in Firefox, Chrome, Safari
    • Safe Inter-host Protocols: SSH, RSVC, SFTP and more
    • Personal Encryption of Files and Communications
  5. Administrative
    • Security Plan
    • Inter-network Cooperation
      • NOGS
      • CERT
      • FIRST
    • Security Personnel
    • Planning for Future Changes