SECURE CONNECTIVITY

SHE Level 5
SCQF Credit Points 15.00
ECTS Credit Points 7.50
Module Code MMI125979
Module Leader Ayyaz-Ul-Haq Qureshi
School School of Computing, Engineering and Built Environment
Subject Cyber Security and Networks
Trimesters
  • B (January start)
  • A (September start)

Pre-Requisite Knowledge

Programme entry requirements

Summary of Content

This module aims to provide students with the theoretical knowledge and practical skills needed to determine appropriate design choices for virtual private network and security solutions, implement them and verify their operation. The percentage of Work Based Learning for this module, as represented by the proportion of the Activity Types which take place off campus, is 74%. The percentage of Work Based Assessment for this module is 10%.

Syllabus

Tunneling Implement and troubleshoot MPLS operations (Label stack, LSR, LSP, LDP,MPLS ping, MPLS traceroute). Implement and troubleshoot basic MPLS L3VPN (L3VPN, CE, PE, P, Extranet (route leaking)). Implement and troubleshoot encapsulation (GRE, Dynamic GRE). Implement and troubleshoot DMVPN single hub (NHRP, DMVPN with IPsec using pre-shared key, QoS profile, Pre-classify). Encryption Implement and troubleshoot IPsec with pre-shared key (IPv4 site to IPv4 site, Virtual tunneling interface (VTI)). Troubleshooting VPN technologies Use IOS troubleshooting tools (debug, conditional debug, ping, traceroute with extended options, Embedded packet capture). Apply troubleshooting methodologies Diagnose the root cause of networking issue (analyze symptoms, identify and describe root cause) Design and implement valid solutions according to constraints Verify and monitor resolution Interpret packet capture (Using wireshark trace analyzer,Using IOS embedded packet capture). Secure connectivity with password authentication protocol and challenge handshake authentication protocol on point-to-point over ethernet links.

Learning Outcomes

On successful completion of this module a student should be able to:1. Evaluate the workings of VPN technologies at an advanced level2. Design and defend complex VPN solutions (MPLS, DMVPN)3. Design and defend complex VPN based security solutions (IPSec)4. Evaluate the relationship between VPN technologies and layer 3 unicast routing protocols and resolve issues caused by their interaction (MPLS LDP, MPBGP)5. Appraise the main types of technologies available to secure network infrastructure and critically analyze their effectiveness in mitigating a range of security threats6. Integrate VPN and network security technologies to fulfill the requirements of a security policy7. Evaluate different VPN design cases and defend design choices8. Appraise a problem situation apply the techniques and tools presented to implement router and switch configurations9. Validate the correct operation of VPN and security technologies10. Support and fix complex VPN and security issues using common commands and diagnostic tools

Teaching / Learning Strategy

The module will be delivered using a flipped classroom approach where students independently access learning resources using online methods with a weekly seminar session. Work Based Education aims to maximise the direct and digitally mediated contact time with students by practicing teaching and learning strategies that use authentic work based scenarios and encourage action learning, enquiry based learning, problem based learning and peer learning. All these approaches aim to directly involve the students in the process of learning and to encourage sharing of learning between students. The module team will determine the level and accuracy of knowledge acquisition at key points in the delivery, inputting when necessary either directly or with the support of external experts who will add to the authenticity, the credibility and application of the education and learning in the workplace. The course material is introduced through lectures in the form of online presentations, which will cover the principles of the subject, will illustrate the relevance of it to the real-world and introduce a range of professional processes and practices. Students will engage with practical assignments and online tutorial material which may include instruction and peer-created content, and there will be seminars on campus which will allow students to discuss key concepts and issues with peers and with instructors. Students will be expected to undertake a significant level of independent study within the workplace for the work based learners, including practical activities, and links will be provided to appropriate external material such as podcasts, MOOCs, videos and literature to supplement the module content. Students will be encouraged to reflect upon the theoretical learning (for example, within the workplace) and the application of newly learned concepts to the work environment, and this will form part of the module assessment. Students will receive feedback on their performance through the module through undertaking the practical assignments and tutorial exercises and participating in the seminars.

Indicative Reading

Fall, K. R. Stevens, W.R (2011), TCP/IP Illustrated, Volume 1, 2nd edition,Addison Wesley. Comer, D.E. (2013), Internetworking with TCP/IP, 6th edition, Pearson. Minei, I. Lucek, J. MPLS-Enabled Applications: Emerging Developments and New Technologies (Wiley Series on Communications Networking & Distributed Systems), 3rd edition, Wiley. De Ghein, L. (2006) MPLS Fundamentals: A Comprehensive Introduction to MPLS Theory and Practice. Cisco Press. Pepelnjak,I. Guichard, J. (2012), MPLS and VPN Architectures, Cisco Press. Davis, C.R. (2001), IPSec Securing VPNs, McGraw-Hill.

Transferrable Skills

Traditional Academic Skills - specialist knowledge, ability to apply knowledge, logical thinking, critical analysis, problem-solving, written and spoken communication, ability to use numerical data, and research skills Personal Development Skills - self-confidence, self-discipline, self-reliance, awareness of strengths and weaknesses, creativity, independence, knowledge of international affairs, desire to go on learning, ability to reflect, reliability, integrity, honesty and regard for others Enterprise Or Business Skills - ability to prioritise tasks, time management, interpersonal skills, presentational skills, ability to work in teams and leadership.

Module Structure

Activity Total Hours
Independent Learning (FT) 111.00
Assessment (FT) 15.00
Seminars (FT) 24.00

Assessment Methods

Component Duration Weighting Threshold Description
Coursework 1 n/a 100.00 50% Case study based/multiple choice based assessment