Security Gateway (SEG) 5 Training Programs Catalog of Course Descriptions
Catalog of Course Descriptions INTRODUCTION... 3 SECURITY GATEWAY (SEG) 5 OVERVIEW... 4 SECURITY GATEWAY (SEG) 5 OPERATION AND CONFIGURATION... 7 Commercial in Confidence 2 2017
Introduction Ericsson has developed a comprehensive Training Programs service to satisfy the competence needs of our customers, from exploring new business opportunities to expertise required for operating a network. The Training Programs service is delineated into packages that have been developed to offer clearly defined, yet flexible training to target system and technology areas. Each package is divided into flows, to target specific functional areas within your organization for optimal benefits. The delivery of the Learning Products is realized by various Services: Icon Service Instructor Led Training (ILT) Virtual Classroom Training (VCT) elearning (WBL) Workshop (WS) Short Article (SA) Structured Knowledge Transfer (SKT) mlearning Job duty analysis (JDA) Competence GAP Analysis (CGA) Commercial in Confidence 3 2017
Security Gateway (SEG) 5 Overview LZU1082591 R1A Description If you are interested to learn about Ericsson Security Gateway (SEG)? If so, then this is the right course for you. This course provides an introduction to SEG, its positioning in the network and various interfaces and functions.the course also talks about the SEG software architecture and hardware platforms. Learning objectives On completion of this course the participants will be able to: 1 Describe the Ericsson Security Gateway (SEG) 1.1 Explain the need of Security Gateway in the network 1.2 Review Security Gateway positioning and various interfaces in the network 1.3 List Security Gateway characteristics 2 Explain the deployment alternatives as virtual Security Gateway and native SSR based Security Gateway 2.1 Introduce Security Gateway hardware architecture 2.2 Discuss Security Gateway deployment options 2.3 Identify the application architecture for Security Gateway 2.4 Outline the concept of single IP 2.5 Discuss load balancing in the Security Gateway 2.6 Explain traffic path in Security Gateway 2.7 Determine scale-in and scale-out functionality 3 Discuss different functions and features of the Ericsson Security Gateway 3.1 Recognize IPSec Remote Access Server (IRAS) 3.2 Review site to site VPN responder 3.3 Indicate Security Gateway RBS auto-integration 3.4 Explain Security Gateway IKEv2 3.5 Elaborate Security Gateway IPsec ACL and TS 3.6 List multiple IPsec interfaces 3.7 State the concept of dead peer detection 3.8 Determine perfect forwarding security 3.9 Explain NAT traversal and IKEv2 fragmentation 3.10 Describe certificate management and enrollment 3.11 Relate Security Gateway ESP and concept of extend sequence number
3.12 Discuss MTU and tunnel MTU 3.13 Review CPU usage monitoring and overload protection 3.14 Explain high availability 3.15 Outline tunnel management and fault management in Security Gateway 4 Explore the management of Ericsson Security Gateway 4.1 Explain configuration management 4.2 Recognize performance management 4.3 Discuss security management 4.4 Introduce hardware management 4.5 Explore backup and restore procedure Target audience The target audience for this course is: Network Deployment Engineer, Service Deployment Engineer, System Technician, Service Technician, System Engineer, Service Engineer, System Administrator Prerequisites Successful completion of the following courses: The participants should have prior knowledge of EPC, IP, IP routing and IP Security. Attending EPC System Survey course will be an added advantage. Duration and class size The length of this course is 1 day and the maximum number of participants is 16. Learning situation This course is based on theoretical instructor-led lessons given in a classroom environment. Commercial in Confidence 5 2017
Time schedule The time required always depends on the knowledge of the attending participants and the hours stated below can be used as estimate. Day Topics in the course Estimated Time (hours) 1 Describe Ericsson Security Gateway (SEG) 1 2 Explain deployment alternatives 1 3 Discuss different functions and features of Security Gateway 3 4 Elaborate management of Security Gateway 1 Commercial in Confidence 6 2017
Security Gateway (SEG) 5 Operation and Configuration LZU1082590 R1A Description This hands-on course explains the Security Gateway (SEG) position in the network, its functionalities, hardware and software architecture. In this course, participants will learn about the Security Gateway operation and configuration in a native and/or cloud environment. Learning objectives On completion of this course the participants will be able to: 1 Review the Ericsson Security Gateway basic configuration 1.1 Demonstrate the procedure for SSC configuration 1.2 Elaborate the procedure for package installation 1.3 Check client service status 1.4 Examine the procedure for installing application 1.5 Practice configuring ASP 1.6 Discuss how to configure user management 1.7 Configure a context and an interface 1.8 Demonstrate the method to configure board allocation 1.9 Configure logical interface 1.10 Enable the IP stack filter 1.11 Show how to save configuration 2 Demonstrate the Security Gateway software configuration 2.1 Determine how to find the Network Environment and IP addresses 2.2 Configure link groups, contexts, interfaces and bindings 3 Discuss operation and configuration tasks 3.1 Outline the parameter list 3.2 Show how to configure AAA interface 3.3 Demonstrate how to configure a certificate 3.4 Configure IP pool, IPsec and IP stack 3.5 Navigate the procedure to configure IPsec Remote Access Server 3.6 Perform IPsec site-to-site VPN configuration 4 Illustrate the single IP solution 4.1 List how to configure single IP 4.2 Discuss how to configure SSCs and ASPs 4.3 Show how to configure contexts and interface
4.4 Configure board allocation and logical interfaces in Security Gateway 5 Examine tunnel management 5.1 List tunnel showing commands 5.2 Discuss the procedure for tunnel termination and tunnel dumping 6 Recognize Intelligent load balance 6.1 Identify CPU usage-based load balance and tunnel weight-based load balance 6.2 Introduce redistribution of tunnels 6.3 Analyze the impact on other applications 6.4 Show how to configure intelligent load balance 7 Discuss certificate enrollment and installation 7.1 Run certificate enrollment 7.2 Perform certificate installation 7.3 Determine certificate request and installation 7.4 Explain certificate Renewal 8 Establish the procedure for scaling out the Security Gateway 8.1 Indicate the procedure to configure an added SSC 8.2 Configure ASP and add a new ASP into ASP pool 8.3 Show how to check ASP state 8.4 Illustrate how to configure board allocation 8.5 Determine how to check system state 9 Describe procedure for scaling in the Security Gateway 9.1 Show how to check SSC states 9.2 Illustrate how to shut down the SSC 9.3 Practice how to remove the ASP from ASP pool and board allocation 9.4 Perform system check 10 Implement backup and restore Ericsson Security Gateway configuration 10.1 Enable client services 10.2 Backup the Security Gateway configuration 10.3 Restore the Security Gateway configuration 10.4 Show how to backup and restore certificates 11 Review upgrade and roll back procedure for Ericsson Security Gateway 11.1 Outline how to upgrade IPOS 11.2 Indicate the procedure to upgrade Security Gateway application 11.3 Examine the procedure to roll back Security Gateway application 12 Describe fault management 12.1 List platform alarms and application alarms 12.2 Identify application alerts 13 Determine Security Gateway performance operations 13.1 Review how to monitor SC performance 13.2 Indicate how to monitor AAA interface and IPsec interface performance 13.3 Discuss how to monitor IPsec interface performance 13.4 Illustrate how to monitor IP stack performance Commercial in Confidence 8 2017
13.5 Show how to monitor system performance 14 Explore emergency recovery guide 14.1 Identify emergency problem types 14.2 Describe recovery actions 14.3 Show how to access the system components 14.4 Review the procedure for password recovery 15 Explain licensing in Security Gateway Target audience The target audience for this course is: Network Deployment Engineer, Service Deployment Engineer, System Technician, Service Technician, System Engineer, Service Engineer, System Administrator Prerequisites Successful completion of the following courses: Security Gateway (SEG) 5 Overview, LZU1082591 Ericsson SSR 8000 Family R16 System Operation and Maintenance - LZU1082481 Ericsson Cloud System Overview - LZU1089909 Duration and class size The length of the course is 4 days and the maximum number of participants is 8. Learning situation This course is based on theoretical and practical instructor-led lessons given in both classroom and in a technical environment using equipment and tools, which are accessed remotely. Commercial in Confidence 9 2017
Time schedule The time required always depends on the knowledge of the attending participants and the hours stated below can be used as estimate. Day Topics in the course Estimated Time (hours) 1 Ericsson Security Gateway basic configuration 2 Security Gateway software configuration 1 Configuration and operation Tasks 3 2 Single IP solution 1 Tunnel management 1 Intelligent load balance 2 Certificate Enrollment and Installation 2 3 Scaling out the Security Gateway 2 Scaling in the Security Gateway 1 Backing Up and Restoring Ericsson Security Gateway Configurations 4 Upgrade and Roll Back Ericsson Security Gateway 2 Fault Management 1 Security Gateway Performance Operations 1 Emergency recovery guide 1 Licensing 1 2 Commercial in Confidence 10 2017