Home    |    Instructor-led Training    |    Online Training     
         
 
Courses
ADA
Adobe
Agile
AJAX
Android
Apache
AutoCAD
Big Data
BlockChain
Business Analysis
Business Intelligence
Business Objects
Business Skills
C/C++/Go programming
Cisco
Citrix
Cloud Computing
COBOL
Cognos
ColdFusion
COM/COM+
CompTIA
CORBA
CRM
Crystal Reports
Data Science
Datawarehousing
DB2
Desktop Application Software
DevOps
DNS
Embedded Systems
Google Web Toolkit (GWT)
IPhone
ITIL
Java
JBoss
LDAP
Leadership Development
Lotus
Machine learning/AI
Macintosh
Mainframe programming
Mobile
MultiMedia and design
.NET
NetApp
Networking
New Manager Development
Object oriented analysis and design
OpenVMS
Oracle
Oracle VM
Perl
PHP
PostgreSQL
PowerBuilder
Professional Soft Skills Workshops
Project Management
Rational
Ruby
Sales Performance
SAP
SAS
Security
SharePoint
SOA
Software quality and tools
SQL Server
Sybase
Symantec
Telecommunications
Teradata
Tivoli
Tomcat
Unix/Linux/Solaris/AIX/
HP-UX
Unisys Mainframe
Visual Basic
Visual Foxpro
VMware
Web Development
WebLogic
WebSphere
Websphere MQ (MQSeries)
Windows programming
XML
XML Web Services
Other
VPN Deep Dive - IKE IPsec ISAKMP
Networking Training Overview

This course is a deep dive into the world of VPNs. The class is split into two portions, the first covers the basics of Cryptography. This serves as a review of the basic building blocks of a VPN and how each individual part works together to achieve the goal of secured communication. The second part of the class offers an in-depth look at the VPN Negotiation process, and what two peers must agree upon before a VPN tunnel will successfully build.

This is an advanced level class intended for students who can build VPNs without any assistance, and who have started troubleshooting VPNs using the available VPN Debugging.

By the end of class, the student will be able to:
  • Speak confidently about each of the Security services and how they are provided in a VPN tunnel
  • Explain the concept of Confidentiality and how it is provided
  • Explain the concept of Integrity and how it is provided
  • Explain the concept of Authenticity and how it is provided
  • Explain the concept of Anti-Replay and how it is provided
  • Understand the uses of the Diffie-Hellman Key Exchange
  • Describe and Contrast the two protocols that provide IP Security
  • Understand the two Modes to deploy IPsec and how they differently modify the original packet
  • Describe ISAKMP and its various functions
  • Describe a Security Association and its contents
  • Explain the function of the Internet Key Exchange (IKE) in the overall VPN negotiation process
  • Illustrate the 6 messages in Main Mode
  • Illustrate the 3 messages in Aggressive Mode
  • Illustrate the 3 messages in Quick Mode
  • Explain the Lifetime and how the Rekey process works
  • Understand PFS and what it does
  • Understand NAT Traversal and what it does
Networking Training Audience

Engineers who operate, deploy, and troubleshoot VPNs on any Cisco firewall platform
Engineers who want to understand everything that is happening in the VPN Negotiation

Networking Training Course duration

1 day

Networking Training Course outline
  • Cryptography Fundamentals
    • What is a VPN?
    • Confidentiality
      • Symmetric Encryption
      • Asymmetric Encryption
      • Public and Private Keys
    • Integrity
      • Hashing
      • HMAC
    • Authentication
    • Anti-Replay
    • Diffie-Hellman
  • VPN Negotiation
    • IPsec
      • Functionality
      • Authentication Header (AH)
      • Encapsulated Security Payload (ESP)
      • Transport Mode -
      • Tunnel Mode
    • ISAKMP
      • Functionality
      • Key Management
      • Policy Suites
      • Security Association
      • Key Generation
    • Internet Key Exchange (IKE)
      • Functionality
      • Tying together IPsec and ISAKMP
    • IKE Phase 1
      • Main mode & Aggressive Mode
      • Main Mode – First Exchange
      • Main Mode – Second Exchange
      • Main Mode – Third Exchange
      • Aggressive Mode – Message 1
      • Aggressive Mode – Message 2
      • Aggressive Mode – Message 3
    • IKE Phase 2
      • Quick Mode
      • Quick Mode – Message 1
      • Quick Mode – Message 2
      • Quick Mode – Message 3
      • Data Transfer
      • Tunnel Termination
    • IKE
      • NAT Traversal
      • Perfect Forward Secrecy

 

Please contact your training representative for more details on having this course delivered onsite or online

Training Outlines - the one stop shopping center for IT training.
© Training Outlines All rights reserved