TRAINING

2008 IntrusionWold Training Program

Unatek has arranged the following one day pre-conference training course titled:
“Foundations of Intrusion Prevention: Effective Implementation Strategy.”

Pricing
(All day tutorial May 12th): $675 for conference registrants, $775 for a tutorial without attending either conference.
 [Note: This fee includes breakfast pastries, snacks, and LUNCH]

Location
Conference Venue (Baltimore Convention Center, Baltimore, Maryland)

Course Times
Each class begins at 8:30 AM and runs until 5 PM.

Registration
Registration is available at:
http://www.unatekconference.com/registrationForm2008.php

Tutorial Provider
The tutorials will be provided by Unatek, Inc.
Foundations of Intrusion Prevention: Effective Implementation Strategy (One Day Course– May 12, 2008)

Overview
As the network landscapes have evolved from traditional client-server architectures to now include various platforms and components, including support for mobile, wireless and remote users, today’s enterprise or corporate endpoint security must incorporate a multi-layer threat mitigation strategy that extends beyond application/circuit-level firewalls to include, not only intrusion detection systems but as well, intrusion prevention systems to secure remote access and provide zero-day protection.

The need for a multi-layer mitigation approach has become a mission-critical mandate to cope with the security challenges and advancements brought about by the dissolution of the traditional network perimeter, which have dramatically increased the opportunity for worms and viruses to propagate. Consequently, to better combat these evolving threats, enterprise and corporate network systems must look beyond traditional security architectures, which weren't designed for internal network security threats.

The latest technology in information security is Intrusion Prevention. Rather than relying on human intervention to respond to an attack, Intrusion Prevention Systems automatically stops hackers, worms, and disgruntled employees before their attacks can complete. This all happens before they can cause damage, potentially saving your organization millions.

Thus, Intrusion Prevention Systems (IPS) plays a crucial role as essential security components in combating not just external but internal threats for both wired and wireless (Wi-Fi) enterprise networks. They both enable comprehensive security monitoring and management capability which makes them attractive as risk management tools and endears them to enterprises and organizations.

As with any new automated technology, there are many perils to avoid when implementing it. Just as Intrusion Prevention Systems can prevent hackers and worms, they can easily be configured incorrectly which can block legitimate users from doing their jobs. The intrusion prevention training you receive in this course will enable you to deploy intrusion prevention systems safely.

The Intrusion Prevention training offered by Unatek, Inc. covers all areas of intrusion prevention. Host Intrusion Prevention and Network Intrusion Prevention is covered in great detail.

You will learn:

  • How this groundbreaking IPS technology works,
  • How to deploy it,
  • How to manage it efficiently and effectively.
  • The technical details that make Intrusion Prevention Systems so effective.
  • Much of technical learning is best done by doing, so you will experience a multitude of hands on lab exercises using popular technologies like Entercept, Okena, Inline Snort, Netscreen, Internet Security Security Systems, and Top Layer.
  • Additionally, you will learn how to enable Intrusion Prevention features built into operating systems such as OpenBSD, Solaris, Linux and even Tru64.

Some of the topics you will learn to master during the course:

  • Understanding buffer overflows
  • Anatomy of an exploit
  • Network protocol based attacks
  • Intrusion Prevention vs. Intrusion Detection
  • Intrusion Prevention deployment strategies
  • The stack and heap data structures
  • The role the Kernel plays in attacks
  • Linux, Solaris and Windows Kernels
  • Unix system calls and the Windows API
  • Vulnerability development and discovery
  • Malicious worm internals
  • Host Intrusion Prevention
  • Syscall Interception
  • Non-executable stacks
  • Non-executable heaps
  • Page protection
  • Heuristic and behavioral blocking
  • Network Intrusion Prevention
  • Web application IPS
  • Layer 7 Intrusion Prevention
  • Packet scrubbing
  • Shunting and session sniping
  • Attack signature development
  • Mixed mode IPS
  • DDoS Prevention
  • Calculating ROI for Intrusion Prevention

Some of the instructor-led hands-on lab exercises:

  • Hack into an unprotected system
  • Utilize a buffer overflow
  • Implement a no-exec stack
  • Attack a no-exec stack
  • Implement an no-exec heap
  • Attack a no-exec heap
  • Syscall Redirection
  • Implement page protection in Linux
  • Page protection on Windows
  • Page protection on OpenBSD
  • Kernel hardening with PaX
  • grsecurity Lockdown
  • Use a stack canary
  • Implement a Host Intrusion Prevention System
  • Attempt two previous attacks against the Host
  • Attempt two previous attacks against the Host Intrusion Prevention System
  • Deploy Network Intrusion Prevention
  • Capture an attack and write an IPS rule
  • Build in web server layer 7 IPS
  • Session sniping exercise
  • Data correlation and multiple firewall blocking
  • Shunting with routers

How You Benefit:

  • Get practical skills planning, implementing and maintaining the hottest information security technology, IPS.
  • Prevent hackers, worms, and disgruntled employees from destroying your organizations information assets, a skill that could be worth millions to your current or potential employer.
  • More than interesting theories and lecture, get your hands dirty in our dedicated intrusion prevention training (IPS) lab.
  • Learn hands-on skills that are difficult to gain in a corporate or government working environment, such as deploying multiple intrusion prevention systems (IPS) and attacking them.

What's Included?

  • 1 Day of Expert Instruction from our instructors with real-world intrusion prevention experience with deep knowledge of intrusion prevention training strategies.
  • Guaranteed good class size, you get an intimate learning setting.
  • All meals, snacks and refreshments included.
  • Lecture, Lab Exercise and Text book
  • CD-ROM with every tool and custom script used in course.

Required Prerequisites:

  • Understanding of the Windows Operating System
  • Grasp the Linux Operating System or other Unix-based OS
  • Understanding of the TCP/IP protocols
  • Exposure to network reconnaissance and associated tools (nmap, nessus, netcat)
Desire to learn about ethical hacking, and get great intrusion prevention training!

 
 WSSC Organizational Sponsor
 Media Sponsor
 
     
 
Copyright © 2007, Unatek, Inc.
Privacy Statement
Web Design by Liquid Web Designs