- Training
- Training Live Events
- Training Without Travel
- Security Courses
- Security Curricula
- Certified Instructors
- Training Calendars
- SANS vLive!
- SANS OnDemand
- Community SANS
- SANS Mentor Program
- Coins
- SANS Onsite
- SANS SelfStudy
- SANS Summit Series
- SANS Partnership Series
- Webcasts
- Work Study
- Events Archive
- DoD 8570
- Voucher Credit Program
- group discounts
- Certification
- Resources
- List of Resources
- Top Security Risks
- Top 25 Programming Errors
- 20 Coolest Jobs
- Application Security Procurement Language
- Top 10 Security Trends
- Top 5 Essential Log Reports
- Reading Room
- Webcasts
- AudioCasts
- WhatWorks
- Newsletters
- RSS Feeds
- Calendar Feeds
- Security Thought Leaders
- Security Policy Project
- Security+ Study Guide
- SANS Buyers Guide
- Security Tool Demos
- 2008 Salary Survey
- Vendor
- Portal
- Storm Center
- College
- Developer
- About
The most trusted source for computer security training, certification and research.
select a course
Washington, DC - December 9 - 16, 2006
- Vendor Events
- Special Events
- SANS @Night
- Brochure (PDF)
SANS has opened my eyes to things I never would have considered on my own research.
-Doug Wells, Media General, Inc.
Special Offer: Register for CDI East 2006 and receive 10% discount on Secure Storage & Encryption Summit. Send your CDIEAST2006 invoice number to tuition@sans.org and request your discount.
Special
2 Day Course
SANS Hosted is a series of classes presented by outside partners to complement your needs for training outside of our current course offerings.
Enterprise Network Instrumentation
Thursday, December 14, 2006 - Friday, December 15, 2006 : 6pm - 9pmRichard Bejtlich, TaoSecurity
6 CPE Credits Per Day
Most network architecture and security books assume that gaining access to network traffic is a trivial endeavor. In reality, it can be difficult (and in some cases, nearly impossible) to monitor packets for performance, fault, security, and compliance reasons.
This seminar presents the world's only class devoted exclusively to enterprise network instrumentation. The class was originally built to meet a security product vendor's private requirements, and now Mr. Bejtlich is pleased to share it with the SANS community.
The class starts with a brief examination of network transmission technologies. It introduces the network infrastructure components, design basics, and access options found in modern networks. The course continues by offering advice on practical access techniques, best practices, open source network monitoring, and simple troubleshooting.
This class is for you, if:
- You want to know which of over a dozen varieties of network taps you should use to meet an assortment of monitoring tasks
- You need to measure packet loss for any application collecting network traffic through Berkeley Packet Filters
- You've always wanted to build a cross-over cable yourself
- You don't know the difference between a multi-mode fiber cable with LC connectors and a single-mode fiber cable with SC connectors
- You've run out of SPAN ports and need to see traffic using another approach
- And more! This is a practical class with solutions you can implement immediately, based on Mr. Bejtlich's consulting, research, and writing experiences.
Course Plan
Session One:
- Introduction
- Justifying network instrumentation
- Network transmission technologies
- Network infrastructure components
- Network infrastructure design basics
- Network access options Part 1
Session Two:
- Network access options part 2
- Practical access
- Common issues and best practices
- Open source network monitoring
- Simple troubleshooting
Intended Audience
This tutorial is designed for junior through advanced network security architects who must design, implement, and operate monitoring and visibility solutions.
- © 2000-2010 The SANS™ Institute
- Web Privacy Policy | Web Contact |
- Press Room | Trademark Usage Policy