Security Policy Module

Sponsored by Cisco Systems, Inc.

This module should allow the attendee to understand what he/she needs to put in place in his/her company, what are the issues and what type of products or designs can solve a given problem. This module can be seen as an agenda for the rest of the workshop.

Issues to be resolved:

Encryption technologies (mainly IP SEC)

Definitions

Type of algorithms

Type of keys

Certification authority

X500 architecture

Type of attacks

Cisco's implementation

Designs

Hub and spoke topologies

VPN Clients

Any to any

Mixt topologies

Back-up architectures

Voice integration (maybe)

Authentication

Tacacs+ and Radius protocol

Token card

Public/private keys

Smart cards

Windows NT

Kerberos

Cisco products integration with other vendors solution

Firewall

Access List

Stateful technologies

General design

When to use ACL or Stateful

Cisco IOS Firewall versus PIX firewall

Intrusion detection

Description of well known TCP or UDP attacks

Knowing weaknesses

Security inventory

Active audit

Attack response

Network management

How to secure the network itself

SSH

SNMP 1-3

Access control

E-Commerce (maybe)

SET

SSL

Vendor/user authentication

Digital signature

Non-repudiation

Organization

Computer Emergency Response Team Recovery

August 18, 2000

August 21-25, 2000

San Jose, California

K2-207, K2-209, K2-214, K2-215, K2-216, K2-219