...

Home
Book Store
Search Classes
Consulting
Partner Program
News
About Us
Contact Information
Site Map

Is TrainingCity Right for your Team?

Talk directly to our satisfied references!  Call today for details

I highly recommend TrainingCity for training services. I took a workshop for one week for training on VoIP technologies. After taking the course, I knew enough about the technology to set up my own VoIP system at home, and am qualified to get a VoIP job.

TrainingCity's course is organized, the topics are covered thoroughly and they have deep knowledge of the subject. In addition, my instructor was very personable and kept the class interested. I plan on taking future courses with TrainingCity. Yvonne Young March 26, 2007

 
Detailed Course Outline
VoIP Security Course: Hands ON Workshop
Course: 2019
Duration: 4 Days
Register
View Schedule
Course Outline
Suggested Prerequisites
Suggested Follow-Ons
Overview
Enterprise VoIP deployments are sweeping the corporate landscape. But what about Security? From Eavesdropping to DoS attacks, Phreaking, & more, the migration of mission critical voice services & applications in a converged infrastructure presents an ever expanding risk of massive operational exposure.
Overview of Enterprise Networking, VoIP & VPN
  • Enterprise Network Architecture
    • Access layer
    • Core layer
    • Distribution layer
  • Enterprise Voice Network Architecture & Design
    • VoIP end points (handsets)
    • IP PBX processing
    • Gateways
  • Enterprise VPN (Virtual Private Networks) and VoIP
    • IPsec
    • SSL based VPNs
  • Service Provider Voice Network Designs
    • Softswitches
    • Session Border Controllers (SBC)
  • Public VoIP Service Providers
    • Skype
    • Vonage
Enterprise Network Security Issues
  • Sources of attacks
    • Internal
    • External
  • Types of attacks
    • Denial of Service (DoS)
    • TCP/IP insecurity
    • Eavesdropping
    • Sniffing/Snooping/Wiretapping
    • Packet Spoofing
    • Replay
    • Message Integrity
    • Phreaking
  • Toolsets
    • Ethereal
    • Wireshark
    • Etherpeek
  • Network Management Tools
  • Enterprise Security Best Practices
Operating System Security Issues
  • Operating System Security
  • User Authentication
  • Application authentication
  • OS security / Networking protocols
    • HTTP
    • DHCP
    • DNS
    • Active Directory
    • Secure Telnet
    • Secure ftp
    • SNMP
    • Terminal Services
Network Access Security
  • VoIP Requirements on network access infrastructure
    • Firewalls
    • NATs
    • Proxy Servers
    • Gateways
    • IP Phones
  • Firewalls
    • Types of Firewalls
    • Overview of Vendor Firewalls
  • NATs
    • Full Cone NAT
    • Restricted Cone NAT
    • Port Restrict Cone
    • Symmetric NAT
  • VoIP Issues with Firewalls & NATs
    • Call Setup
    • Media Stream
    • Delay
  • Application Level Gateways
  • Firewall configuration for VoIP traffic
  • NAT configuration for VoIP traffic
  • Overcoming NAT Issues
    • STUN
    • TURN
    • ICE
  • Proxy Servers
    • Proxy Server deployment
  • Gateways
    • Gateway deployment
  • Session Border Controllers
Carrier Infrastructure & Security
  • Toll Fraud (Phone Phreaking)
  • Physical Security
  • Access Security
  • User Security (Identity Spoofing)
  • Administrative Access
  • Physical Security
  • Vendor specific IP PBX Security
    • Cisco
    • Nortel
    • Avaya
    • Siemens
    • Mitel
    • Aastra
VoIP Protocols and Security
  • H.323
    • Architecture
    • Components
    • Gatekeeper
    • Gateways
    • MCU
    • Endpoints
  • H.323 Operation
  • H.323 Protocols & standards
    • H.225
    • H.245
    • RAS
    • Q.931
    • RTP & SRTP
    • H.235 (v2, Annex D, E, F, v3, G)
    • H.323 Security issues
    • Port Usage
    • Firewall Considerations
    • NAT Considerations
SIP Protocol and Security
  • SIP Architecture
  • SIP components
    • Proxy Server
    • Redirect Server
    • Location Server
    • Registrar
    • Endpoints
  • SIP Operation
  • SIP Security Features
    • HTTP Digest Authentication
    • MIME & SMIME
    • Confidentiality
    • RTP & SRTP
    • SDP
    • TLS
    • IPSec
    • SIP Authenticated Identity Body
    • SIP Authenticated Identity Management
MGCP, Megaco/H.248
  • Megaco/MGCP/H.248 Architecture
  • Megace/MGCP Components
    • Call Agent
    • Gateways
    • Endpoints
  • Megaco Operation
  • Megaco/MGCP Security Issues
    • IPSec
    • RTP Encryption
User and Application Level Security
  • Unauthorized Access
  • Toll Fraud
  • Denial of Service
  • IP Spoofing
  • Packet Sniffers
  • Caller Identity Spoofing
  • Applications for attacking security
  • Viruses
  • Rootkits
VoIP Security Alliance - Best Practices Overview
  • Threat Taxonomy
  • Best Practices defined
  • Future Threats
 
 
 
 
 
 
 
Hands On Training
Design a VoIP network for small branch office
Design a VoIP network for enterprise network
Design a VPN using Ipsec
Setup VoIP and trace call flow
Trace a DOS attack
Use tools to create packet spoofing
Identify networking protocols for security attacks
Eavesdrop on VoIP calls
Setup authentication for users in windows OS
  • Trace networking protocols
  • Web Browsing
  • DNS
  • DHCP
  • Telnet
  • email
Setup NATs & Firewalls
Trace H.323 calls & Setup H.323 security parameters
Trace SIP calls & Setup SIP security configurations