Troika Network Security Associate (TNSA)
Overview
Troika NSA Security workshop program is aligned specifically to the job role of network security engineer responsible for security management functions of firewalls. NSA module has been customized and is in line with industry requirements. This course offers in-depth technology understanding and hands-on experience on various network security modules i.e. Firewall, NAT, authentication, failover, IPSec VPN & SSL VPN and enables candidate to appear for Checkpoint, Juniper/Cisco certification exams.
Troika NSA Prerequisites
- Valid CCNA Security certification
Key Technologies to be Covered
- Basic overview on various technical controls – Firewall, IPS, Load balancers, forward & reverse proxies, two factor authentication.
- Firewall – Checkpoint & Juniper / Palo Alto
- Firewall Cluster / Failover – Checkpoint & Juniper / Palo Alto
- IPsec & Secure socket layer VPN – Checkpoint / Cisco ASA
- End point security SSL module / NAC (network access control)
- Network based intrusion prevention system
- Web security gateway – Checkpoint/Palo Alto
Course Outline
- Firewall architecture – Understating on firewall architecture and deployment scenarios – Juniper Net screen& checkpoint firewall
- Security policy & NAT – Understating access control policies, policy designing and implementation on rule base on firewalls
- User authentication – Integration with AD / LDAP for user and group based policy enforcement.
- IPsec VPN basics – Understating on IKE phase-1 & phase-2, ESP & AH protocol, Transport mode, tunnel mode operation
- IPsec VPN implementation – Implementation and troubleshooting of site-2-site VPN using pre-shared key and certificates.
- SSL VPN – Understating on basic SSL connection, SSL messages and SSL features and network deployment scenarios.
- SSL VPN implementation – SSL portal, resource publishing, AD integration, End point security / NAC for end point compliance, role based access control
- Clustering – Basics of cluster technology, high availability and load balancing topologies. Firewall implementation in active-standby and active-active mode
- Troubleshooting – Understanding and troubleshooting network/ apps issues using diagnostic tools i.e. tcpdump, ethereal, snoop, fw monitors etc.
- NIPS – Understanding of IPS architectural, detection techniques, deployment scenarios, designing aspects and implementation details.
- NIPS Implementation – Network and application threat mitigation using IPS policies, signature fine-tuning, and event correlation
