The purpose of this course is to prepare network engineers and administrators to configure, troubleshoot and implement ProCurve security features used for device management access control, control of user access to the network and protecting the network from a variety of security breaches.

• 4-day instructor-led class
• 60% lecture, 40% hands-on labs

Attendees will be able to sell and perform services which include design, deployment and support of secure ProCurve networks.

The Elms code for this course is 37798.

• Adaptive EDGE Fundamentals (AEF v6.11 or higher)
  

• ProCurve Security overview
  - Security challenges
  - Layers of network security
  - Network security process and framework
  - Security standards-based foundation
  - ProCurve ProActive Defense
• ProCurve Device Management Security
  - ProCurve switch physical security
  - ProCurve switch local passwords
  - Authorized IP managers
  - RADIUS authentication of management users
  - SNMPv3 management access
  - SSH management access
  - SSL management access
  - Secure Management VLAN
• ProCurve Network Protection
  - Access Control Lists (ACLs)
  - MAC Lockdown
  - MAC Lockout
  - ProCurve Port Security
  - ProCurve Instrumentation monitor
  - BPDU filtering and protection
  - SNMP trap message throttling
  - DHCP snooping protection
  - Dynamic ARP protection
  - Connection-rate filtering
  - Traffic monitoring
• ProCurve Network Access Control Security
  - 802.1X user authentication
  - 802.1X user authentication with Open VLAN
  - 802.1X user authentication with dynamic VLAN assignment
  - Web-based user authentication
  - MAC-based user authentication
  - Introduction to IDM
  - Implementing per-user access controls using IDM
• ProCurve Troubleshooting
  - Troubleshooting basics
  - Information resources and tools
  - Troubleshooting access control security
• ProCurve Network Security Design
  - ProCurve security design procedure
  - Customer, infrastructure and software requirements
  - Network segment layouts and integration
  - Design scenarios
  

After completing ProCurve Security, students will be able to:

• Describe and implement basic management security for ProCurve switches using local passwords, front panel security options and IP authorized managers

• Describe and implement advanced management security features for ProCurve switches using RADIUS authentication, SNMPv3, SSH, SSL and a Secure Management VLAN

• Describe and deploy network protection features using port-based ACLs, user-based ACLS, port security settings, SNMP trap throttling, DHCP protection, Dynamic ARP protection and connection-rate filterin

• Track network problem events using the ProCurve instrumentation monitor and traffic mirroring features

• Describe and implement access control security using ProCurve device support for 802.1X, Web-based and MAC address-based authentication

• Perform basic troubleshooting of the deployed security features

• Design and implement a solution for network security based on the wide variety of ProCurve security features presented in this course
  

The material taught in this course will prepare the participant for one of the required exams for ASE ? ProCurve Networking certification within the HP Certified Professional program. The exam number for ProCurve Security is HP0-Y11. For more information on ProCurve Networking training and certification, go to www.hp.com/go/procurvetraining.

The certification test is offered at Prometric testing centers. Refer to your local ProCurve representative for information on how to register to take a test or go to www.prometric.com.