Course

NSA - Network Security and Automation


PDF Course Catalog Deutsche Version: NSA

Version: 7 | Last Change: 09.12.2022 13:03 | Draft: 0 | Status: vom verantwortlichen Dozent freigegeben

Long name Network Security and Automation
Approving CModule NSA_BaTIN, NSA_BaET
Responsible
Prof. Dr. Andreas Grebe
Professor Fakultät IME
Level Bachelor
Semester in the year summer semester
Duration Semester
Hours in self-study 60
ECTS 5
Professors
Prof. Dr. Andreas Grebe
Professor Fakultät IME
Requirements Knowledge and Competences of Module Networks and Protocols (NP)
alternate requorements: knowledge and competences of IP networking courses or CCNA (ITN and RSE)
Networking Fundamentals
TCP/IP Protocol Family
ISO/OSI Model and Protocols
IPv4/IPv6 Addressing, Subnetting, and Routing
Switching Techniques
TCP/UDP Transport Techniques
Application Protocols
Network Implementation Competences (Client, Server, Switch, Router)
Language German
Separate final exam Yes
Literature
J. Kurose, K. Ross: Computernetzwerke - Der Top-Down-Ansatz, Pearson Studium, 6. Auflage, 2014
A. Tanenbaum: Computernetzwerke, Pearson Studium, 5. Auflage 2012
G. Schäfer: Netzsicherheit: - Grundlagen & Protokolle - Mobile & drahtlose Kommunikation - Schutz von Kommunikationsinfrastrukturen, dpunkt.verlag, 2. Auflage 2014
W. Stallings: Foundations of Modern Networking, Pearson Education, 2016
J. Doherty: SDN and NFV Simplified, Pearson Education, 2016
J. Edelman: Network Programmability and Automation, O'Reilly 2018
Internet-Standardisierung: IETF Standards (RFCs), www.ietf.org
LAN-Standards: IEEE, ieeexplore.ieee.org (freier Zugang über TH Köln)
Telekommunikationsstandards: ITU-T Standards, www.itu.int
Web-Standardisierung: W3C Standards, www.w3c.org
Final exam
Details
In a final examination (written, optionally oral), the students demonstrate their competences in summary form. The exam comprises the following sub-areas, in which six taxonomy levels (reproduce, understand, apply, analyze, synthesize, and evaluate) are included.
1.) A good command of basic concepts, concepts and techniques. Typical tasks are multiple-choice questions, open questions, evaluation of statements regarding their correctness.
2.) Application of planning and valuation techniques. Typical tasks are planning tasks of networks or subsystems.
3.) Examination of proposed solutions for correctness, identification of errors in statements or given networks. Typical tasks include the analysis of given network architectures and system statements.
Minimum standard
Achievement of the individual minimum score per exam, typically 50% of maximum score.
Exam Type
In a final examination (written, optionally oral), the students demonstrate their competences in summary form. The exam comprises the following sub-areas, in which six taxonomy levels (reproduce, understand, apply, analyze, synthesize, and evaluate) are included.
1.) A good command of basic concepts, concepts and techniques. Typical tasks are multiple-choice questions, open questions, evaluation of statements regarding their correctness.
2.) Application of planning and valuation techniques. Typical tasks are planning tasks of networks or subsystems.
3.) Examination of proposed solutions for correctness, identification of errors in statements or given networks. Typical tasks include the analysis of given network architectures and system statements.

Learning goals

Knowledge
Fundamentals for the construction of hierarchically structured networks, corporate networks with redundancy techniques, wireless LAN (WLAN), cross-location communication, WAN techniques. Introduction to network security with details on attacks, security targets, cryptographic procedures, encryption, packet filters, secure infrastructures, virtual private networks. Introduction to distributed network management and service quality techniques. Techniques for network virtualization, software-defined networking and network automation.
Excerpt of the contents:
Hierarchical networks, redundancy, STP, EtherChannel, FHRP, Single-area and Multiarea OSPF, OSPF security technologies, WLAN, WAN connection, PPP, xDSL
Network security with security goals, cryptographic methods, algorithms, packet filters, ACL, NAT, FireWall, DMZ, VPN, IPsec
SNMP, Syslog, QoS - Quality of Service
Software Defined Networking (SDN), SDN Controller, Cloud, Virtualization, Ansible, JSON, YAML, REST API

Skills
Students acquire the skills to analyse medium-sized, cross-location corporate networks using suitable tools, to select suitable architectures and to plan and implement corresponding networks. They name and identify hazard situations for corporate networks. Suitable security mechanisms are to be selected, designed and implemented. Tasks and methods of software-controlled networks including virtualization are known and mechanisms for network automation are planned and implemented.
Expenditure classroom teaching
Type Attendance (h/Wk.)
Lecture 2
Exercises (whole course) 2
Exercises (shared course) 0
Tutorial (voluntary) 0
Special literature
keine/none
Special requirements
keine
Accompanying material
Online materials:
Slides for the lecture
Exercises sheets
Tutorials for tools (e.g. Wireshark)
Material collections such as IOS command list, ASCII character table
Optional: Network simulator tool Cisco PacketTracer

Optionally, participation in two Cisco Academy CCNA (Cisco Certified Network Associate) modules is possible. The contents of the CCNA 2 and CCNA 3 modules are then also available as material.
Separate exam
none

Learning goals

Knowledge
Identify, structure and classify concepts and technologies for medium-sized, cross-location corporate networks. Master network analysis techniques and tools, know network design steps and methods for network planning. Identify security-relevant network gaps and know suitable measures for network security and their implementation. Know the tasks of network automation and virtualisation and master their implementation for suitable network areas.

Skills
Planning, implementation and analysis of VLAN architectures, WLAN networks, cross-site VPN and packet filter firewall.
Implementation and analysis of network management with SNMP and Syslog.
Implementation and analysis of network automation on network elements (e.g. router, switch, host, SDN controller) via REST API with Phython scripting or Ansible YAML scripting.
Expenditure classroom teaching
Type Attendance (h/Wk.)
Practical training 1
Tutorial (voluntary) 0
Special literature
keine/none
Special requirements
ULP NP passed or comparable knowledge
Accompanying material
Online materials:
Self-learning tasks
Practical instruction per test date
Tutorials for tools (e.g. Wireshark)
Material collections such as IOS command list, ASCII character table
RFC standards (www.ietf.org)
Optional: Network simulator tool Cisco PacketTracer

Optionally, participation in two Cisco Academy CCNA (Cisco Certified Network Associate) modules CCNA 2 and CCNA 3 is possible. The successful completion of the module-accompanying labs is recognized.
Separate exam
Exam Type
working on practical scenarion (e.g. in a lab)
Details
There are several lab dates with different tasks.
The following tasks have to be completed for each date:
Independent solution of the preparatory self-learning tasks (homework).
Solution of the network design, implementation and analysis tasks in a small team (typically 2 students), if necessary with the help of assistance.
Optional participation in Cisco Academy CCNA (Cisco Certified Network Associate) modules is possible. The successful completion of selected CCNA 1 and CCNA 2 labs is recognized for the internship.
Minimum standard
Successful participation in all lab dates, correct solution of all self-learning tasks and completion of all tasks of the lab date.

© 2022 Technische Hochschule Köln