Unatek has arranged
the following one day pre-conference training
course titled:
“Foundations of Intrusion Prevention:
Effective Implementation Strategy.”
Pricing
(All day tutorial May 12th): $675 for
conference registrants, $775 for a tutorial
without attending either conference.
[Note: This fee includes breakfast
pastries, snacks, and LUNCH]
Location
Conference Venue (Baltimore Convention
Center, Baltimore, Maryland)
Course
Times
Each class begins at 8:30 AM and runs
until 5 PM.
Tutorial Provider
The tutorials will be provided by Unatek, Inc. Foundations of
Intrusion Prevention: Effective Implementation
Strategy (One Day Course–
May 12, 2008)
Overview
As the network landscapes have evolved from
traditional client-server architectures to now
include various platforms and components, including
support for mobile, wireless and remote users,
today’s enterprise or corporate endpoint
security must incorporate a multi-layer threat
mitigation strategy that extends beyond application/circuit-level
firewalls to include, not only intrusion detection
systems but as well, intrusion prevention systems
to secure remote access and provide zero-day
protection.
The need for a multi-layer mitigation approach
has become a mission-critical mandate to cope
with the security challenges and advancements
brought about by the dissolution of the traditional
network perimeter, which have dramatically increased
the opportunity for worms and viruses to propagate.
Consequently, to better combat these evolving
threats, enterprise and corporate network systems
must look beyond traditional security architectures,
which weren't designed for internal network
security threats.
The latest technology in information security
is Intrusion Prevention. Rather than relying
on human intervention to respond to an attack,
Intrusion Prevention Systems automatically
stops hackers, worms, and disgruntled employees
before their attacks can complete. This
all happens before they can cause damage, potentially
saving your organization millions.
Thus, Intrusion Prevention Systems (IPS) plays
a crucial role as essential security components
in combating not just external but internal
threats for both wired and wireless (Wi-Fi)
enterprise networks. They both enable comprehensive
security monitoring and management capability
which makes them attractive as risk management
tools and endears them to enterprises and organizations.
As with any new automated technology, there
are many perils to avoid when implementing it.
Just as Intrusion Prevention Systems can prevent
hackers and worms, they can easily be configured
incorrectly which can block legitimate
users from doing their jobs. The intrusion
prevention training you receive in this course
will enable you to deploy intrusion
prevention systems safely.
The Intrusion Prevention training offered by
Unatek, Inc. covers all areas of intrusion prevention.
Host Intrusion Prevention and Network
Intrusion Prevention is covered in
great detail.
You will learn:
How this groundbreaking IPS technology works,
How to deploy it,
How to manage it efficiently and effectively.
The technical details that make Intrusion
Prevention Systems so effective.
Much of technical learning is best done
by doing, so you will experience a multitude
of hands on lab exercises using popular
technologies like Entercept, Okena, Inline
Snort, Netscreen, Internet Security Security
Systems, and Top Layer.
Additionally, you will learn how to enable
Intrusion Prevention features built into operating
systems such as OpenBSD, Solaris, Linux and
even Tru64.
Some of the topics
you will learn to master during the course:
Understanding buffer overflows
Anatomy of an exploit
Network protocol based attacks
Intrusion Prevention vs. Intrusion Detection
Intrusion Prevention deployment strategies
The stack and heap data structures
The role the Kernel plays in attacks
Linux, Solaris and Windows Kernels
Unix system calls and the Windows API
Vulnerability development and discovery
Malicious worm internals
Host Intrusion Prevention
Syscall Interception
Non-executable stacks
Non-executable heaps
Page protection
Heuristic and behavioral blocking
Network Intrusion Prevention
Web application IPS
Layer 7 Intrusion Prevention
Packet scrubbing
Shunting and session sniping
Attack signature development
Mixed mode IPS
DDoS Prevention
Calculating ROI for Intrusion Prevention
Some of the instructor-led
hands-on lab exercises:
Hack into an unprotected system
Utilize a buffer overflow
Implement a no-exec stack
Attack a no-exec stack
Implement an no-exec heap
Attack a no-exec heap
Syscall Redirection
Implement page protection in Linux
Page protection on Windows
Page protection on OpenBSD
Kernel hardening with PaX
grsecurity Lockdown
Use a stack canary
Implement a Host Intrusion Prevention System
Attempt two previous attacks against the
Host
Attempt two previous attacks against the
Host Intrusion Prevention System
Deploy Network Intrusion Prevention
Capture an attack and write an IPS rule
Build in web server layer 7 IPS
Session sniping exercise
Data correlation and multiple firewall blocking
Shunting with routers
How You Benefit:
Get practical skills planning,
implementing and maintaining the hottest
information security technology,
IPS.
Prevent hackers, worms, and disgruntled
employees from destroying your organizations
information assets, a skill that could be
worth millions to your current or
potential employer.
More than interesting theories and lecture,
get your hands dirty in our
dedicated intrusion prevention training (IPS)
lab.
Learn hands-on skills that are difficult
to gain in a corporate or government working
environment, such as deploying multiple intrusion
prevention systems (IPS) and attacking them.
What's Included?
1 Day of Expert Instruction from
our instructors with real-world intrusion
prevention experience with deep knowledge
of intrusion prevention training strategies.
Guaranteed good class size, you get an intimate
learning setting.
All meals, snacks and refreshments included.
Lecture, Lab Exercise and Text book
CD-ROM with every tool and custom script
used in course.
Required Prerequisites:
Understanding of the Windows Operating System
Grasp the Linux Operating System or other
Unix-based OS
Understanding of the TCP/IP protocols
Exposure to network reconnaissance and associated
tools (nmap, nessus, netcat)
Desire to learn about ethical hacking, and get
great intrusion prevention training!
