Difference between revisions of "Bandwidth Management and Optimisation Training"
(→Port security) |
(→Traffic STorm Control) |
||
Line 209: | Line 209: | ||
===Traffic STorm Control=== | ===Traffic STorm Control=== | ||
+ | The port should be configured so that broadcast traffic is blocked when its volume exceeds a pre-defined | ||
+ | acceptable threshold (e.g. 10 %). | ||
===Port security=== | ===Port security=== |
Revision as of 07:04, 6 July 2013
Contents
Bandwidth Management and Optimisation Training
This will be an intense hands-on five (5) day training to teach skills required for bandwidth management and optimization at the Campus environment
Objective
The main objective of the training is to empower the various network administrators from the various institutions with skills that will enable them to effectively manage the networks of the various institutions that they represent. This will enable them to ensure the bandwidth they are been provided with is been used for academic work and not been consumed by viruses, spam, peer-to-peer traffic and other malware.
Who Should Attend?
This course is designed for technical staff that operates a TCP/IP network and intends to provide connectivity to both students and faculty.
Requirements
The participants are required to be conversant with Linux/Unix commands. All participants are required to submit current network diagrams for discussion during the Case Studies. Each participant is also required to bring a laptop.
Course content
This is a hands on training experience where the participants will setup a Bandwidth Management and Optimization Box using a wide variety of tools in both Unix and Linux.
The training will begin by introducing the students to the importance of network management and best campus design principles. The training will also give them skills on how to troubleshoot common campus network problems and teach them how to install and manage network monitoring tools. They will also be taught bandwidth management principles within a campus environment and how to develop and implement bandwidth policies.
Course Cost
This is a cost recovery based training and the Participants will contribute an amount to cater for their accommodation and the trainers time. This cost will cost USD...... Per Participant.
Registration
All participants will be nominated by the ICT Director/ ICT Head at the Institution . All nominations should be received by 15th July 2013
Timetable
DAY/TIME |
8.00-10.00am |
10.00-10.15am |
10.15am-1.00pm |
1.00pm-2.00pm |
2.00pm-4.00pm |
4.00pm-4.15pm
|
4.15pm-6.00pm |
|
Monday |
Introduction |
Tea break |
Why Network Management |
Lunch |
Campus Network design |
Tea break |
Campus Network design | |
Tuesday |
Network management Basics |
Tea break |
The bandwidth Challenge |
Lunch |
Solving network Problems |
Tea break |
Case Study: Campus A and B |
|
Wednesday |
Network Monitoring tools |
Tea break | Network Monitoring tools |
Lunch |
Network Monitoring tools |
Tea break |
Case Study: Campus C and D |
|
Thursday |
Network Monitoring tools |
Tea break |
Network Monitoring tools |
Lunch |
Squid: Delay Pools |
Tea break |
Case Study: Campus E and F |
|
Friday |
Policy development |
Tea break |
Policy development |
Lunch |
Network Monitoring tools |
Tea break |
Case Study: Campus G and H |
|
Saturday |
Network Monitoring tools |
Tea break |
Closing Ceremony |
Lunch | |
|
|
|
|
|
|
|
|
|
|
|
|
BMO Tools
Cacti
Nagios
Smoking
mtr
Iperf
Smokeping
Wireshark
Dig
DHCP Snooping
Traffic STorm Control
The port should be configured so that broadcast traffic is blocked when its volume exceeds a pre-defined acceptable threshold (e.g. 10 %).
Port security
The port security functions can be used to enable better access control to a given switch port. This allows only a certain number of machines (MAC addresses) behind a given port. The configuration should be such that authorised machines still have network access after any additional machines are connected. Only the additional machines are blocked. The function is recommended especially in connection with printers in open areas, so that these switch ports are not misused. As a minimum requirement, all client ports should be configured with a high value which exceeds practical usage, so as to prevent flooding of the CAM table. Note that network ports (ports connecting to other network equipment) must not have this type of configuration.
IP source gaurd/ Dyanmic IP lockdown
This is a mechanism which prevents forgery of IP addresses from the client machine. Only the IP address assigned to the client by DHCP or any statically registered address can be used behind the port. If a switch supports this function, it is recommended that it be actuated on client ports. The function may require that DHCP snooping is also being used.