Course detail

Design and Security of Enterprise Networks

FIT-CCSAcad. year: 2022/2023

Designing network topology with security. BPG, MPLS, MPLS VPN and VxVLAN technologies. Multihoming, mobility, renumbering. IPv6 native implementation and transition techniques. Optical networks. Automated network configuration using IPAM, DevOps and NetOps.

Language of instruction

Czech

Number of ECTS credits

5

Mode of study

Not applicable.

Guarantor

doc. Ing. Petr Matoušek, Ph.D., M.A.

Department

Department of Information Systems (UIFS)

Learning outcomes of the course unit

Students learn concepts of network design, security and management of enterprise networks. They will understand network technologies like BPG, MPLS, VxVLAN, VPN tunneling, QoS and others.

Prerequisites

Student are expected to be familiar with configuration of active network devices and advanced configuration of Linux systems. Cisco courses CCNA Routing and Switching or CCNP Route are recommended as prerequisities.

Co-requisites

Not applicable.

Planned learning activities and teaching methods

Not applicable.

Assesment methods and criteria linked to learning outcomes

  • Home preparation and hands-on labs (max 26 points).
  • Skills exam (max 20 points).
  • Final configuration and theoretical test (max 54 points)

Course curriculum

Not applicable.

Work placements

Not applicable.

Aims

The course is focused on advanced networking technologies employed in ISP and telcom networks. It includes interdomain routing, IPv6 transitions technologies, L2 virtual technologies and quality of services. Hands-on lab training will be provided on active network devices and Linux stations.

Specification of controlled education, way of implementation and compensation for absences

  • Home preparation and active participation in hands-on labs.
  • Missed classes will not be replaced.

Recommended optional programme components

Not applicable.

Prerequisites and corequisites

Not applicable.

Basic literature

Not applicable.

Recommended reading

Omar Santos, John Stuppi. CCNA Security 210-260 Official Cert Guide. Cisco Press, 2015.
Anthony Bruno, Steve Jordan. CCDA 200-310 Official Cert Guide, 5th Edition. Cisco Press, 2016.
Ivan Pepelnjak, Jim Guichard, MPLS and VPN Architectures, 2000 by Cisco Press.

Přednáškový text v angličtině.

Classification of course in study plans

  • Programme MITAI Master's

    specialization NADE , 0 year of study, winter semester, elective
    specialization NBIO , 0 year of study, winter semester, elective
    specialization NCPS , 0 year of study, winter semester, elective
    specialization NEMB , 0 year of study, winter semester, elective
    specialization NGRI , 0 year of study, winter semester, elective
    specialization NHPC , 0 year of study, winter semester, elective
    specialization NIDE , 0 year of study, winter semester, elective
    specialization NISD , 0 year of study, winter semester, elective
    specialization NISY up to 2020/21 , 0 year of study, winter semester, elective
    specialization NMAL , 0 year of study, winter semester, elective
    specialization NMAT , 0 year of study, winter semester, elective
    specialization NNET , 0 year of study, winter semester, elective
    specialization NSEC , 0 year of study, winter semester, elective
    specialization NSEN , 0 year of study, winter semester, elective
    specialization NSPE , 0 year of study, winter semester, elective
    specialization NVER , 0 year of study, winter semester, elective
    specialization NVIZ , 0 year of study, winter semester, elective
    specialization NISY , 0 year of study, winter semester, elective

  • Programme IT-MSC-2 Master's

    branch MSK , 0 year of study, winter semester, compulsory-optional

  • Programme MITAI Master's

    specialization NEMB up to 2021/22 , 0 year of study, winter semester, elective

Type of course unit

 

Laboratory exercise

52 hod., compulsory

Teacher / Lecturer

Ing. Matěj Grégr, Ph.D.
Ing. Vladimír Veselý, Ph.D.

Syllabus

  1. Introduction to TCP/IP networking.
  2. Stateful firewalls, IDS/IPS systems.
  3. Cisco ASA - Adaptive Security Appliance.
  4. BGP routing.
  5. BGP - filering, communities.
  6. LISP - Locator ID Separation Protocol
  7. IPv6 in enterprise networks. Transition mechanisms, autoconfiguration.
  8. MPLS a and packet switching in ISP networks.
  9. MPLS VPN, ATOM
  10. VxVLAN
  11. QoS.
  12. Optical connections and links.
  13. IPAM, automated management, devops