There are many misconceptions when it relates to how IPSEC works. This class will take the student from the basics to a full understanding of IPSEC. Foundational concepts are explained thoroughly with details beyond what is typically used to explain the topic. This leads to knowledge gaps for typical network engineers. Having the thorough understanding on how things work is crucial in being able to troubleshoot IPSEc issues.
Often times, network security engineers struggle to troubleshoot IPSec issues and the main reason is a lack of understanding on how the protocol stack works. This class is aimed towards getting deeper into the topics and expalin details that are buried within RFCs.
This class explains the concepts of ISAKMP, Encryption and hashing, the purpose of Diffie Hellman. The class explains the Phase 1 main mode and aggressive mode. The class progresses into phase 2 by explaining the relationship between Phase 1 and Phase 2 and the Authentication Header and Encapsulation Security Payload protocols. Other topics are discussed: informational messages, DPD and NAT traversal.
This lecture explains the concepts of ISAKMP, Encryption and hashing
This lecture explains the purpose of Diffie Hellman
This lecture explains IKEv1 main mode
This lecture explains Phase 2 of IKE protocol
This lecture explains components of IPSec IKEv1
This lecture explains AH and ESP
This lecture provides an example of AH using a packet capture
This lecture provides and example of ESP using a packet capture
This lecture explains ISAKMP informational messages
This lecture describes the purpose of dead peer detection.
This lecture describes and expalins NAT discovery and NAT Traversal
Classes offered by instructor with industry proven experience. He started his career as a help desk technician and progressed to desktop support then systems administration. With interest into networking, he obtained his CCNA and CCNP - 15 years ago. After obtaining his certification he moved to a technical manager position managing both systems and network infrastructure. He shifted his focus to security as his specialization and obtained the CISSP certification. The CISSP is the industry leading information security certification.
Technical hands-on passion led him to move back to the ranks and become an engineer honing his skills in the network security field. He mastered the Cisco ASA firewalls and Cisco security components and obtained the CCIE security, CCNP security and other security specialization certification.
For the past several years he has been working for a value added re-seller supporting Cisco, PaloAlto, and Fortinet security solutions. He became PaloAlto certified and sourcefire SSFIPS and SSFAMP certified.
"It is difficult and expensive to get hands on material covering the latest products like Sourcefire, PaloAlto, and Fortinet. I am making those classes to give students the education they need at a reasonable cost - with practical experience backing it."