DESIGNING SECURE NETWORKS

SHE Level 2
SCQF Credit Points 20.00
ECTS Credit Points 10.00
Module Code M2G421127
Module Leader n/a
School School of Computing, Engineering and Built Environment
Subject Cyber Security and Networks
Trimester
  • B (January start)

Pre-Requisite Knowledge

Introduction to Computer Networking

Summary of Content

This module aims to develop an in-depth understanding of network security principles as well as the tools and configurations available. The module provides an introduction to the core security concepts and skills needed for the installation, troubleshooting and monitoring of network devices to maintain the integrity, confidentiality and availability of data and devices. The module emphasizes the practical application of skills needed to design, implement and support network security through a programme of laboratory work and self study, including analysis of relevant case studies. The module additionally introduces WAN technology relevant to understanding Network Security in its wider context.

Syllabus

-360 Selected WAN technologies. Network threats, mitigation techniques and the basics of securing a network. Secure administrative access on a router. Standard ACLs and how to configure them Examine the deeper complexity of extended ACLs and how to configure them. Examine named ACLs, sequence numbers and additional ACL concepts. Requirements of NAT Variations of NAT and how they operate Exploration of firewall technologies. Introduction to Cryptography Implement firewall technologies to secure the network perimeter. Methods for implementing data confidentiality and integrity. IDS and IPS function and operation. Categories of IPS and IDS. Introduction to Biometrics. An introduction to DHCP. An introduction to IPv6. High level design. Monitoring network operations.

Learning Outcomes

On completion of this module, students should be able to:Describe selected WAN technologies.Understand and describe network architectures.Describe the role of crytography tools in the design of secure networks.Describe network threats, mitigation techniques and the basics of securing a network.Explain the importance of and implement secure administrative access on routers.Explain and implement standard, extended and named Access Control Lists (ACLs).Explain and implement Network Address Translation (NAT) concepts.Explain and implement firewall technologies to secure the network perimeter.Describe the main goals and benefits of Virtual Private Networks (VPNs).Explain how the IP Security (IPSec) protocol architecture provides the main features needed in both site-to-site and access VPNs and how to implement these.Describe the function, difference between and categories of intrusion detection and intrusion prevention systems.Create a comprehensive security policy for the security needs of an organisation.

Teaching / Learning Strategy

The module material will be introduced through lectures, while practical exercises, based on the lecture material, will be given to students for their laboratory sessions. The two-hour laboratory sessions will be student centered. self study will be used to help explain and elaborate on both the lecture material and the laboratory exercises through case studies and discussions groups. Students are directed to study appropriate texts and articles, both paper based and web based, as appropriate to consolidate their knowledge of the topics covered. The module will also make use of a number of virtual learning environments including Netlab, a unique online lab environment whereby all laboratory exercises can be completed at any time. All related module material and student communication will be conducted through GCULearn. The module covers material aligned to CCNA 4 Connecting Networks and introduces material from CCNA security. Assessment is achieved through a written exam that will test the student's theoretical knowledge and a practical lab test which will test the student's ability to build a secure network design.

Indicative Reading

Odom, W. "CCNA ICND 2". Cisco Press, 2008. Cisco Networking Academy Programme. "CCNA4 Exploration, Accessing the WAN", <http://netlab.gcal.ac.uk> Graziani, R & Vachon, B., Connecting Networks Companion Guide, Cisco Press (2014). ISBN-13: 9781587133329

Transferrable Skills

TRADITIONAL ACADEMIC SKILLS - ability to apply knowledge, logical thinking, problem-solving. PERSONAL DEVELOPMENT SKILLS - self-discipline, self-reliance, awareness of strengths and weaknesses, independence, ability to reflect. ENTERPRISE OR BUSINESS SKILLS - ability to prioritise tasks, time management, flexibility.

Module Structure

Activity Total Hours
Practicals (PT) 18.00
Lectures (PT) 24.00
Practicals (FT) 36.00
Assessment (FT) 4.00
Lectures (FT) 24.00
Independent Learning (PT) 154.00
Independent Learning (FT) 136.00
Assessment (PT) 4.00

Assessment Methods

Component Duration Weighting Threshold Description
Exam (Exams Office) 2.00 70.00 35% Unseen written exam - 2 hours
Coursework 1 0.00 30.00 35% Secure Network Design lab build - 2hrs