Czech

Not applicable.

The graduate is able to:
- list the various network threats and attacks and provide their basic characteristics,
- compare two basic AAA protocols,
- select and configure an appropriate security strategy for the network,
- Prepare configuration of secure routing, switching,
- Configure the IPsec VPN network including a description of the required cryptographic protocols,
- operate the Cisco ASA firewall and use it to secure the network.

Student, which is going to attend this course, should be able to:
- use several numeral systems and conversions between them,
- explain and use elementary units common in area of information and communication technologies (ICT), e.g. data size, transmission speed,
- use elementary terms from ICT area, e.g. operating system, memory, process,
- describe architecture of basic network models, i.e. TCP/IP and ISO/OSI,
- describe basic application protocols for user data transfer from TCP/IP suite,
- configure devices and protocols used on local-area level on Cisco CCNA knowledge level.
One of the three following conditions is required: Completed XCA3 course at FEEC BUT, or valid CCNA certification (up-to-date version), or successfully finished CCNA3 even at another Cisco Academy.

Not applicable.

Teaching methods include practical laboratories. Course is taking advantage of e-learning (Moodle) system.

Up to 16 points from partial tests.
Up to 24 points from final theoretical test.
Up to 60 points from final practical exam.

1. Securing administrative access to the router, social engineering.
2. Configuring administrative roles, automated security features, and routing security.
3. Configuring Authentication, Authorization, and Accounting (AAA) on Cisco devices.
4. Radius-based authentication, ACLs for IPv4.
5. ACLs for IPv6, packet flow.
6. Zone Policy Firewall and local SPAN.
7. Security on L2 devices (switches).
8. Cryptography for VPNs - symmetric and asymmetric ciphers, hash algorithms.
9. Creating IPsec VPNs.
10. Basics of configuring Cisco ASA firewalls using the command line.
11. Basic configuration of Cisco ASA firewalls using ASDM.
12. Comprehensive configuration in a Cisco ASA firewall environment.
13. Final theoretical test, practical exam.

Not applicable.

The aim of the course is to provide students with a comprehensive orientation in the field of security of network active devices. In addition to the theoretical concepts, they will be familiar with Authentication, Authorization and Accounting (AAA) technology, ways of setting security on routers and also second layer devices. They will learn how to configure Virtual Private Network (VPN) networks and the Cisco Adaptive Security Appliance (ASA) firewalls.

Attendance on laboratories is compulsory, properly excused laboratories can be filled after talking to the lecturer.

Not applicable.

Not applicable.

Lecture slides and lab manuals (freely available for students of course) (EN)

Not applicable.