- Training
- Training Live Events
- Training Without Travel
- Security Courses
- Security Curricula
- Certified Instructors
- Training Calendars
- SANS vLive!
- SANS OnDemand
- Community SANS
- SANS Mentor Program
- Coins
- SANS Onsite
- SANS SelfStudy
- SANS Summit Series
- SANS Partnership Series
- Webcasts
- Work Study
- Events Archive
- DoD 8570
- Voucher Credit Program
- group discounts
- Certification
- Resources
- List of Resources
- Top Security Risks
- Top 25 Programming Errors
- 20 Coolest Jobs
- Application Security Procurement Language
- Top 10 Security Trends
- Top 5 Essential Log Reports
- Reading Room
- Webcasts
- AudioCasts
- WhatWorks
- Newsletters
- RSS Feeds
- Calendar Feeds
- Security Thought Leaders
- Security Policy Project
- Security+ Study Guide
- SANS Buyers Guide
- Security Tool Demos
- 2008 Salary Survey
- Vendor
- Portal
- Storm Center
- College
- Developer
- About
The most trusted source for computer security training, certification and research.
Network Security Resources
Network Security is the process of taking physical and software preventative measures to protect the underlying networking infrastructure from unauthorized access, misuse, malfunction, modification, destruction, or improper disclosure, thereby creating a secure platform for computers, users and programs to perform their permitted critical functions within a secure environment.
This document is your guide to SANS paid and free Network Security resources.
SANS Paid Network Security Resources
SECURITY 401: SANS Security Essentials
- Maximize your training time and turbo-charge your career in security by learning the full SANS Security Essentials curriculum needed to qualify for the GSEC certification. In this course you will learn the language and underlying theory of computer security. At the same time you will learn the essential, up-to-the-minute knowledge and skills required for effective performance if you are given the responsibility for securing systems and/or organizations. This course meets both of the key promises SANS makes to our students: (1) You will gain up-to-the-minute knowledge you can put into practice immediately upon returning to work; and, (2) You will be taught by the best security instructors in the industry. As always, great teaching sets SANS courses apart, and SANS ensures this by choosing instructors who have ranked highest in a nine-year competition among potential security faculty.
SECURITY 502: Perimeter Protection In-Depth
- This course is a highly technical hands-on saturation of everything you need to know in order to design, deploy and maintain a secure perimeter, from the idiosyncrasies of TCP/IP to creating your own automated alerting systems. Since most people gain a better understanding though hands on knowledge, over 25% of the class time is spent performing labs that give you real world experience with the tools you can implement for essential network security. You'll even work with some of the tools that are considered to be hostile in nature in order to gain a better understanding of what is required to fully lock down your environment.
SECURITY 503: Intrusion Detection In-Depth
- This is the most advanced program in network intrusion detection where you will learn practical hands-on intrusion detection methods and traffic analysis from top practitioners/authors in the field. All of the course material is either new or just updated to reflect the latest attack patterns. This series is jam-packed with network traces and analysis tips. The emphasis of this course is on increasing students' understanding of the workings of TCP/IP, methods of network traffic analysis, and one specific network intrusion detection system - Snort. This course is not a comparison or demonstration of multiple NIDS. Instead, the knowledge/information provided here allows students to better understand the qualities that go into a sound NIDS and the "whys" behind them, and thus, to be better equipped to make a wise selection for their site's particular needs.
AUDIT 507: Auditing Networks, Perimeters & Systems
- This SANS course is based on known and validated threats and vulnerabilities based on validated information from real world situations that can be used to raise awareness within an organization and build an understanding of why auditing is important. From these threats and vulnerabilities, we build the countermeasures and defenses including instrumentation, metrics and auditing. The course begins with a high-level introduction on methods and audit programs. It then takes you through all the particulars of how to actually audit devices and IT systems that range from firewalls and routers all the way down to the underlying operating systems.
SECURITY 415: Securing and Auditing Cisco Routers and Switches
- Hackers are targeting Cisco routers. It's true - almost 60% of the Internet's routers are running Cisco IOS, and a compromised router opens up countless attack possibilities for a hacker. Fortunately, Cisco IOS can be configured to resist attacks, hardening the configuration of the router. SANS is pleased to offer a hands-on course that combines labs and lecture to teach how attackers compromise routers, and how you can defend against these attacks. In this course, you will use the hacker tools that are being used against routers, and learn how to configure Cisco IOS to defend against these attacks. Using the Router Audit Tool from the Center for Internet Security (CIS), you will practice hands-on auditing techniques to ensure routers meet the CIS requirements and advanced configuration settings to harden router configurations.
SANS Free Network Security Resources
Here are some papers on Network Security you may want to read:
Enhancing IDS using Tiny Honeypot
- The intention of the honeypot installed for this paper is not to be probed, attacked, or compromised nor is it to invite attackers, rather the intention is to try to understand the network traffic that should not be on the network and allow intrusion detection rules to be written that alert upon detecting the unwanted traffic.
Packet Sniffing In a Switched Environment
- This paper focuses on the threat of packet sniffing in a switched environment, and briefly explores the effect in a non-switched environment.
A Reverse Proxy Is A Proxy By Any Other Name
- In this paper you'll learn about reverse proxies and how to protect your web servers. If you are interested in learning more about this topic, we recommend taking the SANS we recommend taking the SANS SEC504 Hacker Techniques, Exploits and Incident Handling course, available both online and via live training events.
Wireless Attacks from an Intrusion Detection Perspective
- This paper discusses wireless intrusion detection systems and explains how to detect common wireless attacks.
VPNScan: Extending the Audit and Compliance Perimeter
- This paper outlines specifically how VPNSCAN was built, with policy and implementation issues found in various customer environments.
To learn more about the latest threats to Network Security, please visit:
Check Them Out!
SANS Training should be attended by all IT staff as they have a wealth of knowledge to give.
-Leigh Lopez, CSVN
- © 2000-2010 The SANS™ Institute
- Web Privacy Policy | Web Contact |
- Press Room | Trademark Usage Policy