Course Summary

Prerequisites: Minimum Knowledge!

  1. Architecture and the operation of a computer networking
  2. Role and operation of various Application layer protocols: FTP, HTTP, DNS
  3. Role and operation of the Transport layer protocols: TCP and UDP
  4. Operation of the Network layer: IPv4 protocol, Subnetting, Subnet-Masks
  5. Routing principles, routing tables, routing protocols: RIPv2
  6. Role and operation of the wired Data Link Layer: CSMA/CD
  7. Java/Python Programming
  8. Course Level: Bachelor

    Learning effort: min. of 150 hours of study (30 hrs. e-learning directed study, 15 hrs. collaborative online lab, 15 hrs. collaborative project, 60 hrs. preparation/follow up of labs/project, 30 hrs. follow up independent study and individual preparation for exam).

    Credits: 6 ECTS

Teaching method:Blended Learning

The instructor answers students’ questions (Q&A), presents demos and moderates the presentation of case studies conducted by industry experts, moderates discussions using interactive systems e.g. webinar or video conference. These weekly supportive sessions are announced a priori to the participants.

Learning objectives:

    After completing this course students will be able to:
  • Understand the role and the objectives of network management (NM) for an organization
  • Learn how to investigate various standard/private Management Information Bases (MIB) and Remote MIBs
  • Analyze various types of network management protocols: SNMPv2/v3, NetFlow, OpenFlow
  • Diagnose security problems and use diagnostic/auditing tools
  • Investigate attacks on network components and on network management tools
  • Use tools and techniques for protecting the network components: FW, IPS, VPN, TSL
  • Plan and implement secure management concepts, e.g. migration to secure SNMPv3
  • Be aware of the security assurance requirements of the organizations for network protection.

General description:

The course focuses on practically oriented concepts related to secure network management and computer networks. It includes topics related to configuring, monitoring and controlling network components such as switches, routers, servers, as well as the secure local and remote management of network components. The core topics include secure network management protocols for querying, installing, manipulating and deleting the configuration of network devices (SNMPv3, NetFlow, NetCONF, OpenFlow), type of attacks on network components, methods and tools for simulating attacks on network management components, as well as concepts and tools (commercial and open source) for network and network management protection (Firewalls, IPS-Snort, VPN, OpenNMS). Case studies by industry partners.

Course content:

  • Chap.1. Surveys of Fundamentals on Computer Networks: Medium Access Control, TCP/IP Protocol Stack, Spanning Tree Protocol, Virtual LANs, Addressing/Subnetting within the TCP/IP Networks, Routing Algorithms and -Protocols as well as -Tables, Quality of Service (QoS), Class of Service (CoS), Standard 802.1q, Policy-based QoS, DiffServ/ IntServ QoS.
  • Chap.2. Network Management Architecture: Reference Model, Legacy Network Management Functionalities (Monitoring, Performance, Fault, Configuration, Accounting), Distributed Network Management, Proxy Architecture, Policy Governed Architecture, EVAS Network Management Architecture (Endpoint Visualization, Access, and Security), Software Defined Networks (SDN), Mininet.
  • Chap.3. Management Information Bases (MIBs): Standard and Private MIBs structure, MIB II, ASN.1 formal Language, Structure of Management Information (SMI) using ASN.1, Basic Encoding Rules (BER), Remote Network Monitoring MIBs (RMON), RMON1&2, Configuring a Network Management Systems (NMS) using OpenNMS.
  • Chap.4. Network Management Protocols: SNMPv1 & SNMPv2-Protocols, Secure Network Management Protocol SNMPv3, NetFlow Protocol and NetFlow Collector NfSen, SNMP vs. NetFlow and other NM protocols, NetCONF Protocol, OpenFlow Protocol for SDN Networks, Case Study based on Mininet.
  • Chap.5. Managing Computer Network Security: Network Security Overview (Confidentiality, Integrity, Availability Model), Managing Network Access Control (NAC), Case Study: Legacy NAC using Std. IEEE 802.1x and RADIUS, Case Study: NAC using Policy Governed Network CISCO-ISE, Managing Transport Layer Secure Connections: SSL, TSL, Managing Network Layer Security: IPSec and VPNs, Managing Network Access Decision Control using Policy Engines.
  • Chap. 6. Managing Protection against Network Attacks: Network Attacks: Reconnaissance (Reconn), Denial of Service (DoS), Distributed DoS, Case studies of Network Attacks; Managing protection methods: Packet filtering, Access Control List (ACL), Port and Network Address Translation (PAT/NAT), Planning and Configuration of Firewalls, VLAN Security, Honeypots, New Generation FW (NGFW) and New Generation IPS (NGIPS), Case study using Snort IDS-IPS Tool, Managing Sandboxing Network Protection, NM Protection Regulation Guides.

Lab assignments:

  • Managing Static/RIPv2/OSPF Routing
  • Monitoring/Controlling CNs using SNMPv2 protocol and MIBII technology
  • Monitoring/Controlling CNs using secure SNMPv3 protocol
  • Monitoring the CN Security using OpenNMS Tool and SNMP
  • Monitoring the CN Security using NetFlow protocol and NetFlow Collector
  • Configuring/Analyzes CN protection using Firewall and NAT-Tools
  • Program and Deploy various CN attacks: Reconnaissance and Denial of Service
  • Configure/Analyze VPN based traffic protection using OpenVPN
  • Configure/Analyze IPS protection using Snort-Tool
  • Configure/Analyze Network attacks using Sandbox Cuckoo Tool
  • Monitoring/Controlling SDN-based CNs
  • All the assignments will be carried out using the virtual lab container with already installed network components and software packages. The network components are based on virtual machines and open source software tools, i.e.: Wireshark, Vyos Router supporting MIBII + SNMPv2&3 and NetFlow Agents, OpenNMS, NfSen (NetFlow Collector), Snort, OpenVPN, Mininet, OpenvSwitch. All the assignments are mandatory for being admitted to the exam.

    Collaborative and cumulative project:

    A project will be assigned to the students: “Program and implement a secure Software Defined Network (SDN) using Snort as the intrusion attacks detector” The project will be carried out in a collaborative manner by international teams of 2-3 students. It will be presented in a form of a wiki. The project will be cumulative, i.e. each project step is based on the framework provided by the prior steps. The project is mandatory for being admitted to the exam.

    Discussions:

    Throughout the course, students will be involved in e-discussions related to the course content through means specific to e-learning, such as forums, wikis, e-portfolios, etc. As part of the virtual community, each student will give feedback to at least two colleagues in the forums.

    Performance:

    • Lab performance = 30% of the final grade.
    • Project performance = 20% of the final grade.
    • Discussions performance = 10% of the final grade.
    • Written presence exam (60 min.) = 40% of the final grade. (conducted at the home university with a help of a trusted teacher)
    The result of the evaluation will be expressed in percentage and transferred to the students’ home university by the instructor.

    Literature:

    1. William Stallings: “SNMP, SNMPv2, SNMPv3 and RMON 1 and 2“, 3rd Ed. Addison Wesley Inc., Reading, MA, 2006
    2. William Stallings & Larie Brown: "Computer Security: Principle and Practice", 3rd Ed., Pearson Education Ltd., 2015
    3. T. Alpcan, T. Bas: “Network Security”, Cambridge University Press, 2010
    4. Richard Burke: “Network Management : Concepts and Practice: A Hands-On Approach”, Prentice Hall, Upper Saddle River, NJ 07458, 2004
    5. James Kurose and Keith Ross: "Computer Networking, A Top Down Approach", 7th Edition, Pearson, Addison Wesley, New York, 2016
    6. Niels Provos, T. Holz: “Virtual Honeypots: from botnet tracking to intrusion detection”, Addison-Wesley, 2008
    7. Diego Kreutz, et. Co: “Software-Defined Networking: A Comprehensive Survey”, 2014, http://arxiv.org/pdf/1406.0440.pdf
    8. Introduction to NetFlow (CISCO) http://www.cisco.com/c/en/us/products/collateral/ios-nx-os-software/ios- netflow/prod_white_paper0900aecd80406232.html

    Professor Dr.- Ing. Alexandru Soceanu
    Munich University of Applied Sciences, Dept. of Computer Science and Mathematics, Munich, Germany
    Research interests: Network Security, eHealth

    "I have many years of teaching and consulting in the field of Network Management and Network Security. For me, it is always fun to work with international teams because of the challenges of sharing experiences and the different cultural aspects. One of my passions apart from networks is Renaissance architecture, including one of its greatest masters, Andrea Palladio. Willkommen in unserem Kurs!