This workshop is intended for network engineers, managers, and policy makers to understand security threats, preventions, and recovery.

Target audience

Technical staff who are now building or operating a wide area service provider network and who also wish to learn more about securing their network infrastructure.

Prerequisites

It is assumed that the workshop participants to have good knowledge of Unix/Linux and understand the general concepts related to networking and computing.
Participants are required to bring laptops with working wireless.

Workshop Topics

  1. Threat Models
    • Types of Attackers
    • Network Infrastructure
    • Service Infrastructure (e.g. DNS, email)
    • Users
  2. Network Infrastructure
    • Router and Switch Protection
    • Routing Protocol Protection
    • Detecting Sick Hosts and Walling Them
  3. Infrastructure Services
    • IDS
    • Firewalls
    • Anomaly Detection
  4. End User Hosts
    • Mac, Unix, and Linux
    • Keeping Up to Date – Patching
    • Keeping Up to Date – Patching
    • Host Based Firewalls
    • Authentication Services
    • PKI Services
    • Checking for Disease: Scanners
    • Preventing Disease: Anti-virus
    • Safe Mail Practices
    • Safe Browsing Practices in Firefox, Chrome, Safari
    • Safe Inter-host Protocols: SSH, RSVC, SFTP and more
    • Personal Encryption of Files and Communications
  5. Administrative
    • Security Plan
    • Inter-network Cooperation
      • NOGS
      • CERT
      • FIRST
    • Security Personnel
    • Planning for Future Changes