Prerequisites: Minimum Knowledge!
Course Level: Bachelor
Learning effort: min. of 150 hours of study (30 hrs. e-learning directed study, 15 hrs. collaborative online lab, 15 hrs. collaborative project, 60 hrs. preparation/follow up of labs/project, 30 hrs. follow up independent study and individual preparation for exam).
Credits: 6 ECTS
Teaching method:Blended Learning
The instructor answers students’ questions (Q&A), presents demos and moderates the presentation of case studies conducted by industry experts, moderates discussions using interactive systems e.g. webinar or video conference. These weekly supportive sessions are announced a priori to the participants.
After completing this course students will be able to:
- Understand the role and the objectives of network management (NM) for an organization
- Learn how to investigate various standard/private Management Information Bases (MIB) and Remote MIBs
- Analyze various types of network management protocols: SNMPv2/v3, NetFlow, OpenFlow
- Diagnose security problems and use diagnostic/auditing tools
- Investigate attacks on network components and on network management tools
- Use tools and techniques for protecting the network components: FW, IPS, VPN, TSL
- Plan and implement secure management concepts, e.g. migration to secure SNMPv3
- Be aware of the security assurance requirements of the organizations for network protection.
The course focuses on practically oriented concepts related to secure network management and computer networks. It includes topics related to configuring, monitoring and controlling network components such as switches, routers, servers, as well as the secure local and remote management of network components. The core topics include secure network management protocols for querying, installing, manipulating and deleting the configuration of network devices (SNMPv3, NetFlow, NetCONF, OpenFlow), type of attacks on network components, methods and tools for simulating attacks on network management components, as well as concepts and tools (commercial and open source) for network and network management protection (Firewalls, IPS-Snort, VPN, OpenNMS). Case studies by industry partners.
- Chap.1. Surveys of Fundamentals on Computer Networks: Medium Access Control, TCP/IP Protocol Stack, Spanning Tree Protocol, Virtual LANs, Addressing/Subnetting within the TCP/IP Networks, Routing Algorithms and -Protocols as well as -Tables, Quality of Service (QoS), Class of Service (CoS), Standard 802.1q, Policy-based QoS, DiffServ/ IntServ QoS.
- Chap.2. Network Management Architecture: Reference Model, Legacy Network Management Functionalities (Monitoring, Performance, Fault, Configuration, Accounting), Distributed Network Management, Proxy Architecture, Policy Governed Architecture, EVAS Network Management Architecture (Endpoint Visualization, Access, and Security), Software Defined Networks (SDN), Mininet.
- Chap.3. Management Information Bases (MIBs): Standard and Private MIBs structure, MIB II, ASN.1 formal Language, Structure of Management Information (SMI) using ASN.1, Basic Encoding Rules (BER), Remote Network Monitoring MIBs (RMON), RMON1&2, Configuring a Network Management Systems (NMS) using OpenNMS.
- Chap.4. Network Management Protocols: SNMPv1 & SNMPv2-Protocols, Secure Network Management Protocol SNMPv3, NetFlow Protocol and NetFlow Collector NfSen, SNMP vs. NetFlow and other NM protocols, NetCONF Protocol, OpenFlow Protocol for SDN Networks, Case Study based on Mininet.
- Chap.5. Managing Computer Network Security: Network Security Overview (Confidentiality, Integrity, Availability Model), Managing Network Access Control (NAC), Case Study: Legacy NAC using Std. IEEE 802.1x and RADIUS, Case Study: NAC using Policy Governed Network CISCO-ISE, Managing Transport Layer Secure Connections: SSL, TSL, Managing Network Layer Security: IPSec and VPNs, Managing Network Access Decision Control using Policy Engines.
- Chap. 6. Managing Protection against Network Attacks: Network Attacks: Reconnaissance (Reconn), Denial of Service (DoS), Distributed DoS, Case studies of Network Attacks; Managing protection methods: Packet filtering, Access Control List (ACL), Port and Network Address Translation (PAT/NAT), Planning and Configuration of Firewalls, VLAN Security, Honeypots, New Generation FW (NGFW) and New Generation IPS (NGIPS), Case study using Snort IDS-IPS Tool, Managing Sandboxing Network Protection, NM Protection Regulation Guides.
Collaborative and cumulative project:
A project will be assigned to the students: “Program and implement a secure Software Defined Network (SDN) using Snort as the intrusion attacks detector” The project will be carried out in a collaborative manner by international teams of 2-3 students. It will be presented in a form of a wiki. The project will be cumulative, i.e. each project step is based on the framework provided by the prior steps. The project is mandatory for being admitted to the exam.
Throughout the course, students will be involved in e-discussions related to the course content through means specific to e-learning, such as forums, wikis, e-portfolios, etc. As part of the virtual community, each student will give feedback to at least two colleagues in the forums.
- Lab performance = 30% of the final grade.
- Project performance = 20% of the final grade.
- Discussions performance = 10% of the final grade.
- Written presence exam (60 min.) = 40% of the final grade. (conducted at the home university with a help of a trusted teacher)
- William Stallings: “SNMP, SNMPv2, SNMPv3 and RMON 1 and 2“, 3rd Ed. Addison Wesley Inc., Reading, MA, 2006
- William Stallings & Larie Brown: "Computer Security: Principle and Practice", 3rd Ed., Pearson Education Ltd., 2015
- T. Alpcan, T. Bas: “Network Security”, Cambridge University Press, 2010
- Richard Burke: “Network Management : Concepts and Practice: A Hands-On Approach”, Prentice Hall, Upper Saddle River, NJ 07458, 2004
- James Kurose and Keith Ross: "Computer Networking, A Top Down Approach", 7th Edition, Pearson, Addison Wesley, New York, 2016
- Niels Provos, T. Holz: “Virtual Honeypots: from botnet tracking to intrusion detection”, Addison-Wesley, 2008
- Diego Kreutz, et. Co: “Software-Defined Networking: A Comprehensive Survey”, 2014, http://arxiv.org/pdf/1406.0440.pdf
- Introduction to NetFlow (CISCO) http://www.cisco.com/c/en/us/products/collateral/ios-nx-os-software/ios- netflow/prod_white_paper0900aecd80406232.html
Professor Dr.- Ing. Alexandru Soceanu Munich University of Applied Sciences, Dept. of Computer Science and Mathematics, Munich, Germany Research interests: Network Security, eHealth "I have many years of teaching and consulting in the field of Network Management and Network Security. For me, it is always fun to work with international teams because of the challenges of sharing experiences and the different cultural aspects. One of my passions apart from networks is Renaissance architecture, including one of its greatest masters, Andrea Palladio. Willkommen in unserem Kurs!”