Person in charge: Yousra Chabchoub

Prerequisite: IR.1101 / IR.1201 Networks

Organization: 30 h Lectures ; 16 h Labs

Evaluation: Labs + Written exam

ECTS: 5 credits

 

Context

This module presents the methods and tools that ensure the three fundamental and complementary principles of security (integrity, authenticity and confidentiality), in the context of computer networks and wireless networks.

It allows to deepen the global notions of security addressed in the module "Cybersecurity" and to apply them to the domain of the networks, at different scales (local and wide networks). Morevover, this module relies on the routing and switching concepts and protocols presented in the "Routing and switching" module.

Objectives

Skills

In terms of skills, this module aims to enable students to:

·         Implement different security methods:

o   authentication: AAA / RADIUS server, 802.1X, EAP, ...

o   remote access: Virtual Private Network (VPN) including in particular VRF protocols, IPsec, SSL / TLS, ...

·         Securise access using firewalls and select the associated network architectures (DMZ, NAT)

·         Securise Wireless Networks: cellular (2g to 4G), personal (Bluetooth) and local (Wi-Fi), using integrity, authentication and data encryption adapted protocols.

Knowledge

This module enables students to develop the following concepts and skills.

·         Concepts

o   Security and reliability of network architectures.

o   Authentication and access control.

o   Integrity of the data sent by the various networking tools.

o   Confidentiality of exchanges provided by tunneling tools.

 

·         Know-How

o   Identify, mechanisms and security vulnerabilities and threats in a computer and a wireless network.

o   Protect access using firewalls and the associated network architectures (demilitarized zone, NAT)

o   Set up the main security tools for a remote access (VPN, RADIUS, IPsec, TLS / SSL)

 

 

Pedagogical Approach

In terms of organisation and evaluation, this module is made of several lectures, grouped by major themes (security of wireless networks, security of computer networks…). The evaluation will be based on labs and written exams.

 

References

  • Lectures handouts
  • Book: « Network Security Architectures (Networking Technology) », Sean Convery, Cisco Press.