Nokia Network and Service Router Security
Course number: TTP30096
Course duration: 4 days
Price: $3,125 US
Update
Effective March 31st, 2022, the Nokia Network and Router Security course (TTP30096) will be retired and unavailable for delivery.
Course overview
The Nokia Network and Service Router Security course presents the technology, techniques, and best practices for implementing security in a Service Router based network. The course begins with an introduction to the security components, security challenges, and security risks and threats. It then covers in detail various methods, features, and techniques for securing the Nokia Service Router Operating System (SR OS) management plane, control plane, and data plane. Students will participate in many practical hands-on lab exercises throughout the course to ensure implementation-level knowledge of network and router security.
Nokia Service Routing Architect (SRA) (Elective)
Master the knowledge and skills to design and support high performing Nokia Service Router networks.
Get access to the same course materials you would receive in class. Course materials are a great way to learn and prepare for exams at your own pace.
Course objectives
After completing the course, students should be able to:
- Define security and its related terms
- Describe the key components of a secure network: authentication, confidentiality, integrity and availability
- Understand the two types of encryption algorithms
- Understand common security challenges and threats to each layer in the OSI model
- Describe the two management plane access types
- Describe management plane attacks
- Describe and configure various security features to control router access
- Understand how to use filters and logging to restrict management traffic and track user activities
- Explain and implement the configuration management features: configuration rollback, transactional configuration, command accounting, SNMP, and Netconf
- Describe the different control plane threats
- List the various methods and techniques for securing the control plane
- Describe the different features that can be used to protect the CPM, such as CPM filters, CPM queues and CPU protection
- Describe and configure techniques for Layer 2 VPLS security
- Understand and configure techniques for securing Layer 3 protocols and routing information (IGP, MPLS, Multicast, and BGP)
- Understand different data plane security threats such as address spoofing, data snooping, and denial of service attacks
- List various techniques that can be used to protect the data plane such as network monitoring, traffic filters and IPSec tunnels
- Describe passive and active monitoring and list monitoring options
- Describe and configure local and remote mirroring
- Describe and configure Cflowd
- Understand lawful intercept
- Configure traffic filters
- Describe and configure unicast reverse path forwarding (uRPF) for IPv4/IPv6 protocols
- Describe and configure BGP filters
- Describe and configure BGP remote triggered black hole (RTBH)
- Describe and configure BGP Flowspec
- Describe and configure BGP route origin validation (ROV)
- Describe IPSec protocols (IKE, ESP, AH)
- Understand and configure IPSec tunnels used to protect data integrity
Course modules
- Module 1– Introduction to security
- Module 2 – SR OS management plane security
- Module 3 – SR OS control plane security
- Module 4 – SR OS data plane security
Schedule & registration
TTP30096
Nokia Service Routing Certification (SRC) Program and Confidentiality Agreement
Review the confidentiality agreement.