In this course, participants learn about distributed denial of service (DDoS) attacks and how the Peakflow SP solution can detect, trace and report on the anomalous network activity caused by these attacks. The course provides a comprehensive overview of how to use the Peakflow SP graphical user interface (GUI) and how to interpret data collected by the system to determine where and when attacks are occurring. The mitigation options available to lessen the impact of attacks are also covered. In addition, the course equips participants with the knowledge and skills needed to use the traffic analysis and visualization functionality of Peakflow SP. Specifically, participants learn how to use Peakflow SP to produce reports that support network peering analysis, capacity planning functions, BGP policy management and customer accounting.

Target Audience: Network operations and security staff responsible for monitoring network anomalies.

Location: Available as a private, on-site course at your company location.

Duration: 2 days

Course Topics:

• Peakflow SP Technical Overview
• Hardware and Software Architecture
• User Interface
• Using Peakflow SP for Infrastructure Security - DDoS
• Traffic and Routing Overview
• Peering Use Case
• Capacity Planning

• Understand DDoS attacks and the typical attack methods used
• Detect and classify different types of attacks
• Explain how anomaly detection can identify malicious network behavior
• Know how anomalies are presented in the GUI and how to interpret anomaly data
• Correlate the attack information with the appropriate mitigation methods
• Perform comprehensive searches through the anomaly database to pick out specific events
• Describe the use of managed objects (e.g., customer, profile and VPN) within the system
• Navigate the GUI to produce desired reports
• Download reports into XML or PDF formats
• Automate the creation and distribution of custom reports that run hourly, daily or weekly
• Produce peering reports that enable network operations to adjust route policy around congestion
• Utilize information provided by the system to evaluate peering relationships and enter into peering relationships with other ASNs when it makes sense
• Ensure that your backbone/peering is utilized properly
• Identify points of network congestion and describe how to alleviate the congestion