NCI - Palo Alto Seminar and Luncheon

NCI and Palo Alto Networks Present: Leveraging the Firewall to Regain Secure Network Control
	Date: Friday, July 23, 2010 Time: 11 A.M. to 2 P.M. Location: NCI Main Office 43-4120 Ridgeway Dr Mississauga, Ontario Canada L5L 5S9	Join Other IT Professionals and See What You've Been Missing at This Luncheon Seminar There is a new generation of Internet applications that traditional firewalls cannot see. They play host to various malware and find creative ways to penetrate your firewall by disguising themselves, hiding in SSL tunnels, and targeting multiple ports to find entry points. Regain control of these apps before they take control of your business! Join NCI and Palo Alto Networks executives for a private luncheon seminar where you'll learn practical strategies to safeguard your network. The seminar is free, but attendance is by invitation only and seating is limited to 30 IT professionals. We look forward to seeing you there!
		_____
		IT & Network Security Specialists: PCI Compliance | Threat Risk Assessments | Physical Security & Digital Forensics

Vancouver Luncheon

Please join us for an Executive Presentation and complimentary luncheon.

Thursday, June 3, 2010, 10:00 AM - 1:00 PM Coast Coal Harbour Hotel, Ballroom B, Vancouver, BC Complimentary Hot Buffet Lunch

Are you responsible for IT Security or Privacy in your organization? Learn how leading organizations are dealing with security and privacy issues, including: Strategies to deploy and centrally manage data security solutions to protect against Web 2.0 threats. Industry trends to use 'Cloud Computing' to address branch office and mobile worker data loss risks. Learn about 'Information Life Cycle' management and Data Leakage Prevention (DLP) principles and approaches. Appreciate how to respond to web application dangers and develop strategies for application security. Discuss strategies to help you meet the on-going challenges of PCI and Privacy compliance. Audience: CIOs, CFOs, IT Managers, Privacy Officers, and those responsible for managing IT security and compliance in their organizations.

Please register early as seating is limited. This session will be limited to 2 people per organization.

For more information, please contact Presenters: NCI is one of Canada's leading full service providers of IT security and networking solutions - dedicated to securing the confidentiality, integrity and availability of your network. To NCI 'Secured Intelligence' is about more than protecting your vital information, it's a promise to share our experience. SafeNet is the global leader in information security, protecting data at rest, data in motion, data in use, software and license management with the broadest range of security solutions in the world. The Company protects critical business data, communications, financial transactions, and digital identities through a full spectrum of encryption technologies. Websense is a global leader in integrated Web security, data security, and email security solutions, protecting approximately 40 million employees at more than 40,000 organizations worldwide. Websense security solutions help organizations block malicious code, prevent the loss of confidential information, and enforce Internet use and security policies.

Compliance Workshop

PCI and Privacy Compliance Workshop: Through the Data Lens

Complimentary session to select NCI clients, RCC members, and friends....

Wednesday, April 14, 2010 9:00 a.m. - 2:30 p.m. Mississauga Living Arts Centre Complimentary Hot Buffet Lunch

NCI invites you to be our guest for presentations by experts who will discuss strategies to help you meet the on-going challenges of PCI and Privacy compliance. Presenters are NCI experienced consultants. There will also be brief presentations from a few of our best-of-breed technology partners. Attend this workshop to: • Learn about Data Leakage Prevention (DLP) principles and approaches. • Understand how to deal with new technologies like virtualization. • Appreciate web application dangers and strategies. • Discover effective means of risk mitigation through data flow reduction. Those who attend will receive a complimentary copy of Trend Micro's "Internet Security - Smart Protection for Your Family" which offers protection for up to 3 PCs for you household. Audience: CIOs, CFOs, IT Managers, Privacy Officers, and those responsible for managing compliance in their organizations.

Please register early as seating is limited. This session is only open to select clients and will be limited to 2 people per organization.

For more information, please contact Presenters: Mario Morel is a Privacy Expert with 20 years of experience in information security and personal information privacy. He provides advanced personal and health information privacy consulting services. Mario is the founder and president of YourPrivacy. He served in the Canadian Forces counter-intelligence and was chief technology officer of the VeriSign business unit of the Canadian Imperial Bank of Commerce. Jason Thompson is an IT Security Expert with more than 10 years experience. As Senior Security Consultant for NCI and one of our many PCI Qualified Security Assessors (PCI QSA) Jason leads our security and PCI assessment services teams. He has assisted numerous clients with their PCI challenges. Jason holds numerous security certifications and is a member of the SANS / GIAC GCIA Certification Board. Eugene Ng, VP of Technical Services at NCI, is a senior IT professional with extensive experience, who has successfully completed major security, education and network consulting assignments for the provincial government, federal government, municipal governments, large utilities and health care organizations. He is a hands-on Security Specialist with in-depth technology training and a broad range of certifications. You will also have the opportunity to meet with the following sponsors at the vendor showcase:

Check Point Security Administration (CCSA) R70

NEW! This is a 5-day course that provides a foundation for Check Point's flagship product, VPN-1 with the newest release, R70. This course provides an understanding of basic concepts and skills necessary to configure VPN-1. During this course, students will configure a Security Policy, and learn about managing and monitoring a secure network. This course prepares you for CCSA (Check Point Certified Security Administrator) Exam #156-215.70.

Please register at least 2 weeks in advance - this lead time is required for us to order course material for you.

This course will cover: Blade architecture Deploying Check Point solutions using SecurePlatform or IPSO Network policy management SmartUpdate & licensing Firewall IPSEC VPN IPS Logging and Status User Directory Anti-malware and anti-virus Anti-spam and e-mail security URL filtering

Course Outline: Chapter 1 – Check Point Technology Overview Chapter 2 – Check Point Software Blades Chapter 3 – Deployment Platforms Chapter 4 – Introduction to the Security Policy Chapter 5 – Monitoring Traffic and Connections Chapter 6 – Using SmartUpdate Chapter 7 – Upgrading to R70 Chapter 8 – User Management and Authentication Chapter 9 – Encryption and VPNs Chapter 10 – Introduction to VPNs Chapter 11 – Messaging and Content Security Chapter 12 – Check Point IPS

Check Point Provider-1 NGX

This course offers in-depth training on deploying and managing Check Point Provider-1 NGX. You'll learn how to configure Security Policies for multiple remote security Gateways using the Multi-Domain GUI (MDG), and learn about managing multiple firewall-secured environments using the Multi-Domain Server (MDS). You will also learn how to perform advanced configuration tasks, such as establishing redundant Multi-Domain Servers for High Availability management functions and migrating existing servers into the Provider-1 database.

Prepares you for exam #156-815 as part of Check Point Certified Managed Security Expert NGX (CCMSE NGX) certification.

Endpoint Security with Pointsec

This two-day course incorporates the full disk encryption and media encryption all in one course. This course is for the system administrator, network engineer, or security manager who is responsible for Pointsec deployment and management. Installation, classification levels, deployment, configuration, and troubleshooting are covered.

You will learn

• Install Pointsec with a Pointsec Master (Administrative) installation.
• Use each Pointsec management-console subsection for its designed tasks.
• Classify the different profile types in Pointsec.
• Classify levels of access for Pointsec users, and create user profiles.
• Select the suitable authentication method for a given deployment.
• Select an installation type and method for Pointsec, depending on user access level.
• Prepare a strategy to deploy Pointsec to all company endpoints.
• Uninstall Pointsec.
• Troubleshoot user-login problems with Remote Help.
• Troubleshoot Pointsec issues using Pointsec tools.
• Install and configure SmartCenter for Device Protector.
• Install and configure Device Protector.
• Select the appropriate section of SmartCenter for Device Protector to configure a specific function in Device Protector.
• Select the appropriate Device Protector component, and configure it correctly for a specific function.
• Create and apply profiles, users, computers, and user and computer groups for Device Protector.
• Create advanced configurations of profiles, users, computers, and user and computer groups.
• Use Device Protector’s internal logging and auditing functions to track user actions.

Exercises

• Installing Pointsec
• Creating configuration sets and profiles
• Deploying Pointsec
• Removing user profiles
• Using Remote Help
• Upgrading Pointsec
• Uninstalling from removable media
• SmartCenterfor Pointsec Protector installation
• Working with the Pointsec Protector Administration Console
• Pointsec Protector client installation
• Pointsec Protector client functionality
• Program Security Guard
• Working with Pointsec Protector logs

Paraben Cell Phone & SIM Card Advanced Forensics -Level 2

Now that you can process a cell phone, are you sure you’re getting the most out of the information you’ve acquired? With full data dumps available for many supported phone models in Paraben’s Device Seizure and other tools, advanced training can help give you much needed knowledge.

Paraben’s Cell Phone & SIM Card Advanced Forensics class picks up where Paraben’s Handheld Forensics class and MFI’s Mobile Forensics Workshop left off. From network tracing & systems, to interpreting provider data, to advanced analysis of data dumps using cell phone flashers, this course will prepare you for whatever you may face when it comes to cell phones and cell phone data.

The course runs from 9:00 AM to 5:00 PM for four days.  Students will have the option to complete a written examination covering both theory & application of course concepts. Students must pass with 85% to receive certification.

Paraben Handheld Forensics - Level 1

PDAs and Cellular phones have quickly become a primary source of evidence. Rarely do you see someone walking around today without a cell phone. The “line” between a PDA and mobile phones has quickly blurred to the point where it is difficult to tell one device from the other. So what does this mean to the world of forensics? A plethora of mobile forensic evidence. Paraben’s Handheld Forensic Training has been designed to educate and give examiners practical experience in dealing with the myriad of handheld devices.

This four-day training course will allow any examiner to understand the fundamentals of the operating systems associated with the main PDA devices - Palm, Windows CE, and RIM Blackberry, common cellular handsets, and a basic understanding of SIM cards. In addition to this, the course teaches about the hybrid versions of these devices for acquisition and analysis.

The certification exam is included and can be completed within the course time. 

Check Point Security Administration I NGX R65

This 3-day course that provides a foundation for Check Point’’s flagship product, VPN-1 (NGX R65). This course provides an understanding of basic concepts and skills necessary to configure VPN-1. During this course, students will configure a Security Policy, and learn about managing and monitoring a secure network. This course prepares you for CCSA (Check Point Certified Security Administrator) certification.

You will learn

• How to use NGX tools to upgrade to VPN-1 NGX, from VPN-1/FireWall-1 NG or VPN-1 NG with Application Intelligence
  
• How to use NGX tools to install VPN-1 NGX on Windows Server 2003 and SecurePlatform
  
• How to work with Security Policy rules and NGX objects, using NGX object cloning and Database Revision Control features
  
• How to use VPN-1 SecuRemote/SecureClient to configure remote access
  
• How to use monitoring tools to track, monitor, and account for all connections logged by Check Point components
  
• How to implement LDAP, and integrate it with an NGX SmartCenter Server
  
• How to allocate bandwidth, given a variety of Check Point QoS configurations
  
• How to identify the features and limitations of Check Point High Availability solutions

Exercises

• Upgrading NG with AI R55 to VPN-1 NGX
  
• Installing VPN-1 NGX in a distributed deployment
  
• Installing VPN-1 Pro Gateway on SecurePlatform Pro
  
• Creating objects using object cloning
  
• Using Database Revision Control
  
• Configuring remote access in an IKE VPN
  
• Installing VPN-1 SecuRemote
  
• Using VPN-1 SecuRemote in an IKE VPN
  
• Implementing Office Mode
  
• Blocking intruder connections
  
• Setting up a Suspicious Activity Rule in SmartView Monitor
  
• Checking status in SmartView Monitor
  
• Configuring LDAP authentication with SmartDirectory
  
• Configuring a Check Point QoS Policy
  
• Deploying Management High Availability
  
• Deploying New Mode High Availability
  
• Configuring Load Sharing Unicast (Pivot) mode
  

eToken 3 Day Boot Camp

The eToken Certification Course provides you with an understanding of the eToken product offering, its benefits, how it works and its full capabilities. The training includes presentations with study material and practical “hands-on” sessions in a lab environment. You will familiarize yourself with technical aspects of actual eToken implementations using various scenarios and will be able to install and configure most of the currently available eToken solutions designed for use in the computer security market. Upon completion of the course you will be knowledgeable in all aspects of eToken architecture, design, and available solutions as well as acquire knowledge about Public Key infrastructure (PKI), and hardware based authentication.

Course Objectives

• Define desired authentication and data protection solutions
  
• Prepare a preliminary plan for installing and configuring eToken products on a network
  
• Understand the physical resources and system support necessary to install and configure eToken products
  
• Install and configure eToken in a controlled test environment
  
• Install and configure eToken in a live environment

Check Point Security Administration II NGX R65

This is a 2-day course that provides an understanding of upgrade procedures and advanced configuration of VPN-1 (NGX R65), installing and managing VPN-1 (on both internal and external networks), gaining the maximum security from Security Gateways, and resolving Gateway performance issues. This course prepares you for the CCSE (Check Point Certified Security Expert) exam.

You will learn

• How to use NGX tools to upgrade to VPN-1 (NGX R65)
  
• How to configure VPNs, using IKE encryption and Check Point’s simplified VPN setup
  
• How to use VPN-1 SecuRemote/SecureClient to configure remote access
  
• How to identify the features and limitations of Check Point High Availability solutions

Exercises

• Updating VPN-1 using SmartUpdate
  
• Two-Gateway IKE encryption configuration (using a shared secret)
  
• Two-Gateway IKE encryption configuration (using Certificates)
  
• Configuring remote access in an IKE VPN
  
• Installing SecuRemote
  
• Using SecuRemote in an IKE VPN
  
• Implementing Office Mode
  
• Using SSL Network Extender for remote-network access
  
• Deploying New Mode High Availability
  
• Configuring Load Sharing Unicast (Pivot) mode
  
• Configuring Load Sharing Multicast Mode

Aladdin eSafe v6 Gateway/Mail

Aladdin eSafe training will give you the in-depth technical information necessary to become an expert on Aladdin’s eSafe Gateway and Mail products. It provides the technical details necessary to configure, install, and support Aladdin’s eSafe Gateway and Mail products.

Course objectives:

• Analyze the current state of a network environemtn
  
• Prepare a preliminary plan for installing and configuring eSafe products
  
• Understand the physical resources and system support necessary to install and configure eSafe products
  
• Install and configure eSafe in a controlled test environment
  
• Install and configure eSafe in a live environment.

Penetration Testing & Ethical Hacking

This course will provide security professionals with a solid foundation in penetration testing techniques (ethical hacking). A lab intensive environment will give each participant the opportunity to learn through interactive classroom instruction, demonstrations and hands-on workshops. Participants will be trained in the processes and tools used by professional hackers and crackers, and how these techniques can be used to perform security assessments on an organization. Participants will learn:

• Methodologies for conducting Vulnerability Assessments and Penetration Tests.
• Canadian and US law with respect to hacking, and how it relates to pen testing.
• Stealth techniques to hide from intrusion sensors and other security measures.
• Escalating privileges and using systems as jumping points into networks.
• Evading detection by eliminating footprints in systems and logs.
• Social engineering, DDoS attacks, buffer overflows, root kits, trojans, bots, and virus / worm behavior.
• Web and application attacks.
• Other techniques used by professional hackers and criminals to penetrate and compromise information systems.