SECURE CONNECTIVITY

SHE Level 5
SCQF Credit Points 15.00
ECTS Credit Points 7.50
Module Code MMI126276
Module Leader Mohammadmehdi Yousefi
School School of Computing, Engineering and Built Environment
Subject Cyber Security and Networks
Trimester
  • B (January start)

Pre-Requisite Knowledge

Programme entry requirements

Summary of Content

This module aims to provide students with the theoretical knowledge and practical skills needed to determine appropriate design choices for virtual private network and security solutions, implement them and verify their operation.

Syllabus

Tunneling Implement and troubleshoot MPLS operations (Label stack, LSR, LSP, LDP,MPLS ping, MPLS traceroute). Implement and troubleshoot basic MPLS L3VPN (L3VPN, CE, PE, P, Extranet (route leaking)). Implement and troubleshoot encapsulation (GRE, Dynamic GRE). Implement and troubleshoot DMVPN single hub (NHRP, DMVPN with IPsec using pre-shared key, QoS profile, Pre-classify). Encryption Implement and troubleshoot IPsec with pre-shared key (IPv4 site to IPv4 site, Virtual tunneling interface (VTI)). Troubleshooting VPN technologies Use IOS troubleshooting tools (debug, conditional debug, ping, traceroute with extended options, Embedded packet capture). Apply troubleshooting methodologies Diagnose the root cause of networking issue (analyze symptoms, identify and describe root cause) Design and implement valid solutions according to constraints Verify and monitor resolution Interpret packet capture (Using wireshark trace analyzer,Using IOS embedded packet capture). Secure connectivity with password authentication protocol and challenge handshake authentication protocol on point-to-point over ethernet links.

Learning Outcomes

On successful completion of this module a student should be able to:1. Evaluate the workings of VPN technologies at an advanced level2. Design and defend complex VPN solutions (MPLS, DMVPN)3. Design and defend complex VPN based security solutions (IPSec)4. Evaluate the relationship between VPN technologies and layer 3 unicast routing protocols and resolve issues caused by their interaction (MPLS LDP, MPBGP)5. Appraise the main types of technologies available to secure network infrastructure and critically analyze their effectiveness in mitigating a range of security threats6. Integrate VPN and network security technologies to fulfill the requirements of a security policy7. Evaluate different VPN design cases and defend design choices8. Appraise a problem situation apply the techniques and tools presented to implement router and switch configurations9. Validate the correct operation of VPN and security technologies10. Support and fix complex VPN and security issues using common commands and diagnostic tools

Teaching / Learning Strategy

Flipped classroom teaching aims to maximise the direct and digitally mediated contact time with students by practicing teaching and learning strategies that use real world scenarios and encourage action learning, enquiry based learning, problem based learning and peer learning. All these approaches aim to directly involve the students in the process of learning and to encourage sharing of learning between students. The module team will determine the level and accuracy of knowledge acquisition at key points in the delivery, inputting when necessary either directly or with the support of external experts who will add to the authenticity, the credibility and application of the education and learning in the workplace. The course material is introduced through lectures in the form of online presentations, which will cover the principles of the subject, will illustrate the relevance of it to the real-world and introduce a range of professional processes and practices. Students will engage with practical assignments and online tutorial material which may include instruction and peer-created content, and there will be seminars on campus which will allow students to discuss key concepts and issues with peers and with instructors. Students will be expected to undertake a significant level of independent study within the workplace, including practical activities, and links will be provided to appropriate external material such as podcasts, MOOCs, videos and literature to supplement the module content. Students will be encouraged to reflect upon the theoretical learning independently. Students will receive feedback on their performance through the module through undertaking the practical assignments and tutorial exercises and participating in the seminars. The material presented in this module is potentially damaging if used maliciously and the capabilities developed in this module have potential for harm. Academics will emphasise the professional expectations of students as well as stressing the students' ethical and moral responsibilities to themselves and others, including the School and the University.

Indicative Reading

Fall, K. R. Stevens, W.R (2011), TCP/IP Illustrated, Volume 1, 2nd edition,Addison Wesley. Comer, D.E. (2013), Internetworking with TCP/IP, 6th edition, Pearson. Minei, I. Lucek, J. MPLS-Enabled Applications: Emerging Developments and New Technologies (Wiley Series on Communications Networking & Distributed Systems), 3rd edition, Wiley. De Ghein, L. (2006) MPLS Fundamentals: A Comprehensive Introduction to MPLS Theory and Practice. Cisco Press. Pepelnjak,I. Guichard, J. (2012), MPLS and VPN Architectures, Cisco Press. Davis, C.R. (2001), IPSec Securing VPNs, McGraw-Hill.

Transferrable Skills

Traditional Academic Skills - specialist knowledge, ability to apply knowledge, logical thinking, critical analysis, problem-solving, written and spoken communication, ability to use numerical data, and research skills Personal Development Skills - self-confidence, self-discipline, self-reliance, awareness of strengths and weaknesses, creativity, independence, knowledge of international affairs, desire to go on learning, ability to reflect, reliability, integrity, honesty and regard for others Enterprise Or Business Skills - ability to prioritise tasks, time management, interpersonal skills, presentational skills, ability to work in teams and leadership.

Module Structure

Activity Total Hours
Seminars (FT) 24.00
Independent Learning (FT) 87.00
Practicals (FT) 24.00
Assessment (FT) 15.00

Assessment Methods

Component Duration Weighting Threshold Description
Course Work 01 n/a 100.00 50% Case study based/multiple choice based assessment