[EMAIL PROTECTED] wrote:
>
> As SANS/GIAC slowly revamps their course material especially Firewalls 101
> :) it will be well worth attending.
Spoken like someone who is helping to generate the new material. ;)
> It really depends on what you are
> looking for.. If you are looking for a real hands-on course, enroll in a
> vendor course first to get a taste of the product,
Here I would have to agree. The SANS course is heavy on theory, design &
troubleshooting. While specific products are presented, its more from a
"this is the good stuff and this is the bad" perspective. I also try to
keep it generic enough that it can be applied to other products. I agree
with Mark that the best way to learn a vendor's product inside and out
is to attend vendor training.
Actually, the course material is in the process of a rewrite with most
of the vendor specific stuff being moved to the evening. That way people
can pick and choose the products they want to hone in on.
> then attend a SANS/GIAC course to understand at 30,000 level.
Actually, I would probably recommend the other way around. The GIAC
training gives you the foundation you need to:
A) Pick the right product
B) Ask the right questions
C) Tell the difference between geek speak & market hype
> Some of the material in Firewalls
> 101 is very applicable to every day use, some of it is conceptual.
Since we've gone this far... ;)
A brief outline of the new material:
TCP/IP in depth (frags, bits, etc.)
Firewall technology (static, stateful, proxy, SI)
Preparing for an implementation
Design considerations
Overview of different products
Reading logs
Troubleshooting
Designing rule bases
split DNS
Cisco ACL's (static & reflexive)
Defense in depth (running layered firewalls)
Host based IDS
Logging options
More than you ever wanted to know about VPN's
The above is broken up over four days. Day 1 was generated by Stephen
Northcutt & is complete. Day 3 was done by Lance Spitzner and has just
finished final tweaking. The VPN class (day 4) had input from a bunch of
people and Mark T. is helping me tweak day 2.
> Marcus Ranum used to teach an awesome (and I do mean AWESOME) Introduction
> to Firewalls and Practice No Theory course a couple of years back.
Agreed. Marcus kicks butt. :)
> Chris Brenton also teaches the SANS/GIAC Firewalls 101 course, and is
> working on improving the material so that attendees can utilize the
> material at their workplace.
Don't get me wrong, the current material is very good. I'm just trying
to take feedback from previous students in order to make it better. The
new material should be done in time for Monterey.
> The whole idea of attending a conference like SANS/GIAC is to pick the
> tutorial sessions that can be applied to your normal day at work and show
> that the amount of money spent will definitely have an instant ROI..
Its also to get a vendor neutral spin on the whole thing. As I'm fond of
telling my students "I'm equal opportunity. I'll flame as well as sing
the praises of product on the market". ;)
Cheers,
Chris
--
**************************************
[EMAIL PROTECTED]
* Mastering Cisco Routers
http://www.amazon.com/exec/obidos/ASIN/078212643X/
* Mastering Network Security
http://www.amazon.com/exec/obidos/ASIN/0782123430/
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
