Internationally, many organisations are attempting to future-proof their IT infrastructure by embracing non-traditional network and organizational structures such as Zero Trust Networks. Unfortunately, many Zero-Trust approaches require organization to migrate their entire organization at once – creating significant business disruption and incurring significant costs and, as a result many organizations delay or even decide to stick with their existing flat network structures.
Cyber Toa’s ‘Pathway to Zero Trust’ course introduces what Zero-Trust networks are and how they aid in securing an organization whilst still enabling IT flexibility. We discuss some problematic Zero Trust solutions (such as BeyondCorp), and then present an alternative: Enterprise Software Defined Networks (ESDN). The course focuses on how ESDN on even a small section of an enterprise network can be used to comply with more than half of the NZCERT Critical Controls, for a fraction of the cost of replacing a traditional firewall appliance. We also discuss how ESDN can be used to administer complex networks easily, allowing for both an internal and an external security operations centre (SOC), whilst providing real-time information on all traffic and devices on the SDN network. The ESDN solution we present (Faucet , Poseidon and OpenFlow) is highly scalable and extensible, and allows for the adoption of various Zero Trust policies incrementally.
This course includes a range of interactive scenarios, case studies, videos and activities using real life examples so learners can obtain experience with the principles and technologies that are taught.
Scheduled Dates: 19th October 1-5pm
Duration: ½ day
Delivery: Live Online Course, Instructor led, and Supervised Activities
Module 1: Zero Trust
- Zero Trust Networks
- What are Zero Trust networks
- How do organisations achieve and administer Zero Trust?
- What is Software Defined Networking?
- What are the NZCERT Critical Controls?
Module 2: ESDN
- Openflow, Faucet and Switches
- Network structures
- Network monitoring and visibility
- ESDN for BYOD/IOT management
Module 3: Using ESDN for Zero Trust
- ESDN for Security
- Deny by Default
- Data Loss Prevention
- Network Segregation
- Layer 2 security features
- Network visibility
- NZISM compliance with ESDN
Target audience and course prerequisites
The Cyber Toa ‘Pathway to Zero Trust with ESDN’ course is aimed at professionals from organizations with existing technical teams. Previous networking and IT knowledge is useful for this course, however this course is also suitable for a non-technical audience.
Specifically, it is helpful if you have the following knowledge and experience before starting this course:
- Are familiar with the basics of networking and client-server interactions.
- Are familiar with one or all of docker, GitHub, python and Linux.
This course will teach you the fundamentals of using an enterprise software defined networking solution. Specifically, the course discusses several use cases of ESDN, the most obvious being protecting a legacy or high-value asset. It focuses on ‘core’ technologies necessary for an ESDN or Zero Trust network including: monitoring, visualization, logging, authorization and authentication. Study of the course can also help to build the prerequisites to study other cybersecurity courses, including the “Security Operations Centre on a Budget” course and the Cyber Toa Defensive Network Security Fundamentals course for students wishing to pursue more technical cybersecurity careers.
On course completion, you will be able to:
- Discuss various different approaches to migrating networks to Zero Trust
- Understand what is necessary to use ESDN in an organisation
- Understand the security and compliance implications of using ESDN
- Understand what are realistic expectations for information generated from a network that you own, control or administer.
The course consists of a study volume, containing indexed notes and review questions, a series of supervised practical lab exercises and a comprehensive glossary.