Course Name:	IPv6 Security Training
Deployment Options:	Onsite - Instructor-Led Training
Course Duration:	3-4 days depending on audience background and options.

Introduction:

The introduction of IPv6 has changed the network landscape forever. And any organization integrating the next generation protocol must contend with the new security paradigm IPv6 creates. Even organizations not deploying IPv6 today may find their security policies challenged by the widespread availability of IPv6 support in operating systems and network hardware and the ease with which it can be enabled. Irregardless of an organizationís IPv6 adoption plan, the key to securing tomorrowís network is an understanding of the relationship between IPv4 and IPv6 on multi-protocol networks, security issues associated with transition, and knowing the current mitigation techniques and best practices for a successful and secure IPv6 deployment.

Audience:

This course IPv6 Security is designed for Network and system security engineers and administrators that will be responsible for the rollout of secure IPv6-based networks

Customize it:

This 3-4-day course will be customized to your needs and specifications. Eno.com will assist you in identifying those needs and specifications. A word to the wise, there are many vendors of wireless training. They will typically have a broad and general course, one size fits all, already developed and just put your organization’s name on the title slide. This minimizes their effort and time investment. At Eno.com, every course is made to your exact and exacting specifications. We help you ensure what you are getting is what you really need even if at the beginning you weren’t too sure of what that was. We fit the class to your needs. We never fit you into our “standard”, one size fits all, class.

Course Aim:

After attending this course, you will be able to: Understand the basics of IPv6 Understand the basics of IPv6 Security Secure IPv6 networks against threats and attacks Analyze and react to denial-of-service (DoS) attacks Implement security standards and processes to protect your IPv6 network Create a secure IPv6 infrastructure

Course Outline

Introduction to IPv6 IPv6 in a nutshell Larger address space Hierarchical addressing Stateless and stateful address configuration Built-in security Extensibility New IPv6 header Mobility Large address space IPv6 Header Format IPv4 Compatibility IPv6 Operation IPv6 Addressing Architecture ICMPv6 and Neighbor Discovery Protocol Using DNS and DHCP with IPv6 Supporting Security and Mobility with IPv6 Routing in IPv6 Networks Using IPv6 services IPv6 operation and Architecture Basic transition mechanisms Tunneling protocols create new risks IPv6 autoconfiguration Introduction to IPSec and Mobile IP IPv4 security issues Denial of service attacks (DOS) Man-in-the-middle attacks ARP poisoning and ICMP redirect Port scanning as one of the best known reconnaissance Techniques IPv6 Features and benefits Authentication and Confidentiality IPsec architecture The Security Policy Database (SPD) Security Association Database (SAD) Peer Authorization Database (PAD) SA and Key Management IP Traffic Processing AH and ESP Headers AH and ESP security protocols Tunnel mode and transport mode Security policy (SP) Selector Security Association (SA), Key exchange protocols Security Protocols AH and ESP Security Parameter Index (SPI) Sequence Number Virtual Private Networking (VPN) Mobile IPv6 Wireless IP mobility Roaming with IPv6 Mobile IPv6 applied to Wireless LANs, MANS and WANs Basic Wireless LAN and cellular networks security Mobile IP protocols and design IPv6 deployment and migration Introduction to IPv6 Security IPv6 Security Essentials Fundamental Principles and Strategies Physical Security Encryption Digital Signatures Public Key Infrastructure Dealing with Technology Evolution Network Security Awareness Developing Security Policies, Assessments and Procedures IPv6 Security Considerations and Recommendations IPv6 Neighbor Discovery trust models and threats Implementing Security for IPv6, Cisco Documentation Security Implication of Mixed IPv4/IPv6 Network IPv6 end-to-end security IPv6 headers IPv6 Extension Headers Fragmentation Routing Header Privacy Managing privacy extensions IPsec, VPNs, IKE, PKI IPv6 autoconfiguration creates addressing complexity IPv6 and IPv4 Threat Comparison Best-Practice Evaluation Overview of IPv4 Topology and Best-Practice Security Rules Threat Analysis Attacks with New Considerations in IPv6 Reconnaissance Unauthorized Access Header Manipulation and Fragmentation Layer 3-Layer 4 Spoofing ARP and DHCP Attacks Broadcast Amplification Attacks (smurf) Routing Attacks Viruses and Worms IPv6 and IPv4 Threat Comparison Translation, Transition, and Tunneling Mechanisms Attacks with Strong IPv4 and IPv6 Similarities Sniffing Application Layer Attacks Rogue Devices Man-in-the-Middle Attacks Flooding IPv6 and IPv4 Threat Comparison IPv6 Security Considerations Authorization for Automatically Assigned Addresses and Configurations Protection of IP Packets Host Protection from Scanning and Attacks Control of What Traffic is Exchanged with the Internet Reconnaissance Tools IPv6 Network Vulnerabilities and Attacks Detailed analysis of IPv6 headers Elimination of NAT Denial of Service (DoS) and Distributed Denial of Service (DDoS) Ethernet LAN Security Frame Relay Network Security: Vulnerabilities and Mitigations ICMP Attacks IPv6 Spoofing ICMP, ICMP Attack, Ping Attack, Smurf Attack, PING Flood, Ping of Death Land Attack Network Security at the Data Link Layer (Layer 2) of LAN Network Security at the Network Layer (Layer 3: IP) Network Security at the Transport Layer (Layer 4: TCP and UDP) Pharming and Anti-pharming Mitigations and Technologies Phishing and Anti-phishing Mitigations and Technologies Port Scan Attack Public-Key or Asymmetric Cryptography RIP Routing Attacks Smurf Attack and Fraggle Attack SPAM and Anti-Spam Technologies Spyware and Anti-Spyware Mitigations and Technologies TCP Connecting Hijacking: MAN-In-The-Middle Attack TCP "SYN" Attack TCP/IP Network Vulnerability and Security UDP Flood Attack Widely Used Attack Tools Virus and Antivirus Technologies Top Information and Networking Threats IPV6 Security Audit & Control Host- and Network-based Intrusion Detection Firewalls and Honeypots Vulnerability Scanners Computer Security Policies Password Managemen Incident Handling Information Warfare Encryption VPN's, PKI, and PGP Common Vulnerabilities in Wireless IPSec/VPN Deployments Firewall Test, Port Scan, Spy Ware and Security Audit Find Security Holes IP VPN Services Attacking IPsec VPNs Check Point VPN Security Issues Microsoft PPTP VPN Services Countermeasures IPv6 Risk Assessment and Auditing Host and Network Based Intrusion Detection Honeypots, Firewalls and Perimeter Protection Security Policy Information Warfare Web Security Network Fundamentals and IP Concepts and Behavior Cisco Router Filters Four Primary Threats for Perimeter Protection PGP, Steganography Anti-Viral Tools Windows (2000, XP, NT, 98) IPv6 Security Administration and Auditing IIS Security Unix IPv6 Security Firewalls, Perimeter Protection, and VPNs IPv6 Stimulus/Response and Fragmentation Complex IP Transports and Services TCPdump, WINdump, Ethereal and Other Sniffers Static Packet Filtering Stateful Packet Filtering and Inspection Proxies Popular IPv6 Firewall Products Implementing Security with Cisco Routers Intrusion Detection Centralized Logging Firewall Log File Analysis Log File Alerting IPSec, SSL, and SSH Designing a Secure Perimeter Network and Host Based Auditing

For organizational purchases, please send us a message at salesinfo@eno.com or complete and submit this form .

Other Expertise:

CBT's and Online Training Catalog Oracle Applications Training and Consulting Peoplesoft Applications Training and Consulting SAP Applications Training and Consulting Security Technologies Training and Consulting Telecommunications Training and Consulting Wireless Technology Training and Consulting