I.T. Infrastructure | A Workshop on I.T. Infrastructure Conceptual Overview - Beyond Routers


A Workshop on "I.T. Infrastructure Conceptual Overview - Beyond Routers"

Everybody today aspires to work with the Software Giants like TCS, Infosys, Wipro and plans to pursue various Specializations courses like B.Tech, B.Sc, M.Sc, M.Tech. The aspirant's main focus is towards Web Application Code Development, while being a part of these Software Giants.

But beside Web application Code Development, there is another niche area being catered to by these Software Giants -IT Infrastructure Management Talking about IT Infrastructure, we are reminded of the Routers, Switches etc., but IT Infrastructure of any IT Company is much more than this. Besides involving the use of these sophisticated devices, it also involves some more important components which play a vital role while traversing through the Internet. With the help of this Workshop, we intend to make B.Tech, B.Sc, M.Sc, M.Tech. students aware of these components like Firewall, IPS (Intrusion Prevention Device), VPN Device etc.

Alongside this Conceptual Overview, this workshop would also help the students to understand that how they can prevent the Corporate Network from being hacked. We aim to talk about the Security parameters to be configured in these devices that can help circumvent the attack attempts.

Topics to be covered in this Workshop

1. Basic Conceptual Overview of Router, Routing Protocols and Routed Protocols
2. Conceptual Overview of the concept of Zoning

I. Internet
II. Extranet
III. Intranet (Militarized Zone)
IV. De-Militarized Zones

3. IT Infrastructure Components and their associated Zones

I. Firewall
II. IPS (Intrusion Prevention System)
III. VPN (Virtual Private Network)
IV. NATing
V. Servers
a. Domain Name System Server
b. Proxy Server
c. Web Application Server
d. DHCP Server
e. FTP Server
f. Mail Server

4. Firewall

I. Basic Operation of Firewall
II. Types of Firewall
a. Stateless-Static Packet Filtering Firewall
b. Stateful-Dynamic Filtering Firewall
III. Firewall Rule Set
a. Conceptual Overview
b. Standard Firewall Rules
c. How to Create a Firewall Rule
IV. Windows Firewall
a. Configuration of a Windows Based Firewall on PC
b. Host Based Firewall Security Products
V. Modern Firewall Architetcure
a. Deep Packet Inspection
VI. Essence of a Firewall in the Corporate IT Infrastructure
a. How it protects the Servers in the Corporate Infrastructure
VII. Protection to Corporate IT Infrastructure in absence of a Firewall

5. IPS (Intrusion Prevention System)

I. What is an IPS Device
II. Uses of IPS Device
III. Modes of Operation of IPS Device
IV. IPS Device Update Mechanism
V. Advantages of IPS Device
VI. Disadvantages of IPS Device

6. VPN (Virtual Private Network)

I. Leased Line Network and the Advnet of VPN
II. What is VPN (Virtual Private Network?
III. How VPN can be Helpful?
IV. How does VPN Work?
V. Types of VPN - Remote Access
VI. VPN Tunneling
VII. Equipments to set up VPN Connectivity
VIII. VPN Case let - Challenge
IX. VPN Technology - SSL VPN and IPSec VPN
X. Encryption and Security Protocols in VPN
XI. Advantages of VPN
XII. VPN Related Threats
a. End Point Security Posture
b. Split Tunneling
i. Concept,
ii. Advantages,
iii. Configuration
c. ICS Split Tunneling Problem
d. Web Application Attacks
e. Unauthorized Access to Host
f. Insecure Storage of Authentication Credentials by VPN Clients
g. Misconfiguration
XIII. RSA - VPN Implementation
XIV. Setting Client Based VPN Connection

7. NATing

I. Conceptual Overview
II. NATing Operation - How it works?
III. Applications of NATing

8. Domain Name System Server

I. Conceptual Overview
II. DNS Hierarchical Structure, Distributed Database
a. Top Level Domains Classification - Geographical and Organizational
b. Fully Qualified Domain Name
III. DNS Server Classification - Zone Information/ Function
IV. DNS Operation Modes - Recursive and Iterative
V. DNS Caching
a. Conceptual Overview
b. How DNS Resolves Queries
a. Registering DNS Records in Corporate/ ISP DNS Servers
VII. DNS Zone Files
VIII. DEMO:nslookup utility
a. Command Line tool for forward DNS query, Reverse DNS Queryand Extracting Domain Related Information
IX. DNS Threats and Mitigation
a. Split Zone Architecture
b. Zone Information Leakage
i. Unauthorized Zone Zone Transfer
ii. Reverse DNS Lookup
iii. Zone Transfers Applications to keep DNS updated
iv. Security Zone Transfers using DNS/ TSIG
v. Security Zone Transfers using DNSSEC (DNS Security) Protocol
1. How DNSSEC Works?
c. Difference between DNS TSIG and DNSSEC
d. Cache Poisoning Attack
e. Conceptual Overview - How it happens
f. Implications
i. Mail Redirection
ii. Web Redirection
iii. URL Redirection
g. Deletion Attack
h. DoS Attack
i. Demo:DoS Attack on a DNS Server
i. Dynamic Updates using DHCP Client/ Server, Integrated with ADS
j. Wrong Configuration - Non-Authoritative, Recursive Mode
k. Integrity Compromise of ROOT Hints File
l. DNS Amplification Attacks
m. Other Security Parameters
i. Restrict DNS servers to listen on specific addresses
ii. Configure Global Query Block List

9. Proxy Server

I. Conceptual Overview
II. Operation - How Proxy Server Works
III. Applications of Proxy Server

10. Antivirus

I. Types of Malwares - Virus, Worms, Trojans, Spyware, Ghostware, RansomWare etc.
II. What is an Antivirus
a. How does an Antivirus Work?

11. Web Application Server

I. Conceptual Overview
II. Web Application Attacks

12. DHCP Server

I. Conceptual Overview
II. Overview of DHCP Operation
III. Uses of DHCP Server

13. FTP Server

I. Conceptual Overview
II. FTP Operations - Active and Passive FTP
III. Uses of FTP Server

14. Mail Server

I. Conceptual Overview
II. Overview of Email Filter Devices


The duration of this workshop will be two consecutive days, with eight hour session each day in a total of sixteen hours properly divided into theory and hands on sessions


A 'Certificate of Participation' by HoriZON (An Unit of MBS Group) to all Participants of this workshop. At the end of this workshop, a small competition will be organized among the participating students and winners will be awarded with a 'Certificate of Merit'.


Basic Knowledge of Internet is requuired.


Rs. 1000/- (inclusive of all Taxes) per participant