Course Description

The 2.6 version of the Linux kernel, with its extended network address translation and new stateful inspection capabilities have accelerated interest in, and adoption of, Red Hat Linux as an enterprise-ready firewall solution. Red Hat's RHCE curriculum provides an introduction to these capabilities.

What you will learn:

RHS342 builds on these skills and introduces new ones that will provide course participants with a more comprehensive understanding of firewalls, penetration, and intrusion detection using Red Hat Linux and other open source tools. The topics covered in this five-day class are listed on the course outline to the right.

Course Outline

1. Firewalling Concepts
2. Packetfilter (stateful)
3. Application Level Gateways
4. Firewall Architectures
5. Screening Router
6. Dual-homed Host
7. DMZ
8. VPN
9. Implementing a Firewall using RHEL
10. Stateful Firewalls using Red Hat Enterprise Linux and iptables
11. Application-level Gateways using Squid and Postfix
12. Firewall testing
13. Testing the firewall using nmap
14. Local Security
15. Filesystem Security
16. Auditing the system using Logwatch and Third Party tools
17. VPN concepts and protocols
18. CiPE
19. IPSec
20. Implementing a VPN using CiPE
21. Implementing a VPN using IPSec
22. Manual keyed connections using setkey
23. Automatic keyed connections using racoon
24. Using preshared keys for authentication
25. Using X.509 certificates for authentication
26. Administering connections using redhat-config-network
27. Implementing VPNs using RHEL in heterogenuous networks
28. Connecting to Windows 2000

Prerequisites:

• RH253 Red Hat Linux Networking and Security Administration, RH300 RHCE Rapid Track Course (and RHCE Exam), or RHCE certification or equivalent work experience is required for this course
• Course participants should already know the essential elements of how to configure the services covered, as this course will be focusing on more advanced topics from the outset.
• RHS333 Red Hat Enterprise Security: Network Services or a strong background in cryptographic technologies is also required.

Audience:

Network administrators, system administrators, consultants, and other IT professionals will benefit from the subjects covered in this course.

Class times:

• 5 days
  • Start: 9:00am
  • End: 4:30 to 5:00pm (depending on class progress)