Single Sign On (SSO) for Remote Workforce

Thumbnail for post.

Overview

With more organisations workforces becoming remote, ensuring that your workers are secure from anywhere should be at the forefront of any organisations mindset. This course will cover APNIC’s learnings of why we chose a single sign on solution for the organisation, covering the issues and triumphs we saw, as well as we see this solution growing to assist APNIC staff as they work from multiple locations securely.

Outline

This course will cover the following topics:

  • The corporate network
  • Passwords
  • Home office, working remotely
  • Why zero trust should be considered

Course Materials

Dave Phelan

Thumbnail for post.

Dave comes to APNIC having worked in the Australian ISP and MSP community for the last 20 years in roles as diverse as carrier transmission networks, to System Administration, to core, edge and customer networks.  Having built a corporate ISP network from the ground up, he comes with an understanding of traps and pitfalls that most networks have, and do experience. 

Areas of Interest: 

BGP, IPv6, RPKI/ROA, Transmission Networks, Virtualisation, IP Telephony, Network Security, Automation.

Champika Wijayatunga

Thumbnail for post.

Champika is the Technical Engagement Manager for the Asia Pacific region at Internet Corporation for Assigned Names and Numbers (ICANN). Prior to ICANN, Champika held managerial, specialist and liaison roles at the Asia Pacific Network Information Centre (APNIC), the Regional Internet Registry for the Asia Pacific. He started his career with IBM Corporation as a Technical Specialist and later worked in IT industry, academia, research, and training environments. He also serves in various technical community groups and committees.

Packet Analysis for Network Security

Thumbnail for post.

Overview

This webinar will introduce you to packet analysis, including exposing you to different tools such as squirt, sguil and wireshark, to dissect network packets, related to performing security incident response and investigations.

Outline

This webinar will cover the following topics:

  • Signature and session analysis
  • FOSS tools
  • Intrusion detection tools (e.g. Snort, Suricata)
  • Network monitoring
  • Security Onion
  • Security Onion Lab
  • Exercises on Squert and Sguil

Course Materials

RPKI Deployment

Thumbnail for post.

Overview

Release date: 5 May 2020

The course focuses on the different steps involved in deploying/implementing RPKI (from an operator’s point of view) – how to sign resources (ROA creation) through the MyAPNIC Portal, how to verify/check the ROAs, how to deploy RPKI validators, how to configure a RTR session between BGP speaking routers and the validator, how to interpret the validation states of received routes, and how to act (drop or apply policies) the validation states on the routers.

Course Outline

This course will cover the following topics:

  • What is RPKI
  • Benefits of RPKI
  • RPKI Building Blocks
  • RPKI Profile
  • Trust Anchor (TA)
  • Issuing Party
  • Single Trust Anchor
  • Routing Origin Authorization (ROA)
  • Relying Party (RPKI Validator)
  • Origin Validation
  • Validation States
  • Policies Based on Validation
  • RPKI Caveats
  • Create (Publish) Your ROA
  • Check Your ROA
  • Deploy RPKI Validator
  • RIPE – Validator
  • Dragon Research – Validator
  • Routinator – Validator
  • Configuration (IOS)
  • Configuration (JunOS)

Course Material

To access slides and guides click here.

Quiz & Certificate

Click the link below to go to the Quiz.

Go to Course Quiz

DNSSEC

Thumbnail for post.

Overview

Course Overview

The DNS (or the Domain Name System) is a distributed, hierarchical system for mapping domain names to IP addresses. As it plays a critical role in the functioning of the Internet infrastructure, the DNS is often the target of malicious activities.

This course will outline the DNS Security Extensions (DNSSEC) protocol that protects against data spoofing.

Course Outline

This course will cover the following topics:

  • DNS Vulnerabilities
  • What is DNSSEC?
  • How DNSSEC Works
  • RRs and RRsets
  • DNSKEY
  • RRSIG
  • NSEC Record
  • NSEC RDATA
  • Chain of Trust
  • Types of Keys & Generating Key Pairs
  • Setting up a Secure Zone

Course Materials

Network Security Fundamentals

Thumbnail for post.

Overview

Course Overview

Network security is a critical part in protecting an organisation’s data, assets and resources. This introductory webinar course will focus on the fundamental aspects of security. It will discuss key concepts, protocols and the policies involved in establishing a secure network.

This course will further examine network device and infrastructure security in different layers, as well as take a closer look at common network attacks with tools and tips to combat/mitigate them.

Course Outline

This course will cover the following topics:

  • Information Security Landscape
  • Definitions in Information Security
  • CSIRT/CERT Introduction
  • Infrastructure Security
  • Cryptography
  • VPN and IPsec
  • DoS and DDoS

Course Materials

Quiz & Certificate

Click the link below to go to the quiz.

Go to Course Quiz

IPSec VPN Design

Thumbnail for post.

Overview

Course Overview

IP Security (IPSec) provides the security in the IP layer. It is a fundamental technology used in establishing VPN connections due to the security enhancements it provides, namely confidentiality, authentication and integrity.

This course looks into the details of the IPSec architecture. It will discuss the different IPSec modes, components (AH, ESP, and IKE), and their function. By the end of the class participants will be capable of configuring IPSec, with steps detailed in the lesson.

Course Outline

  • Virtual Private Networks
  • What is IPSec?
  • Benefits of IPSec?
  • Tunnel and Transport Mode
  • IPSec Architecture and Components
  • Setting up an IPSec VPN Tunnel

Course Materials

Adli Wahid

Thumbnail for post.

Adli joined APNIC in February 2014, bringing with him extensive experience and technical leadership in cyber security. He is APNIC’s security evangelist, spearheading security outreach, engagement, and collaboration with the regional community. Adli was elected in 2015 as a member of the FIRST.org Board of Directors.