Description
AWS Advance Networking Course
With the promptly growing Amazon Web Services (AWS) networking community, many new networking elements and frameworks have emerged, creating plenty of opportunities for network specialists. If you are someone looking to pursue a career, or even an interest, in AWS Advance Networking, now is the time!
The data transition from drives and disks to clouds and virtual disks has caused a mega shift in various matured organizations and companies. Other organizations have substantial network maps up and running but lack the cloud network frameworks. Although changes on such a massive scale are a nightmare, a skilled and well-versed Networking expert can save the day. Therefore, organizations are trying to track down Networking personnel who know their way around cloud network infrastructure and IP networking. Well, that is where you come in, an Advanced Networking professional, upskilled with our AWS Advance Networking Course!
With all the tremendous career opportunities being highlighted, now is an excellent chance to polish your cloud and hybrid access networking skills by signing up for our AWS Advance Networking. Even if you aspire to be an Advanced Networking expert as a hobby, this course is as engaging as it is educative, and an Advanced Level Cisco Certification is the best perk. The minimum requirement for enrollment in this course is CCNP certification, and it is recommended to have a basic knowledge of some in-demand networking subjects like simple IP routing and subnetting before the start of the course.
Here at Networkers Home, India’s most prominent Cisco training school, each course is carefully crafted under the supervision of highly experienced subject experts and scholars. Our AWS Advanced Networking course is designed with the fusion of essential, in-demand networking skills that help you crack complex and stubborn networking riddles in no time. The abundance of resource material, including lectures and demos, and its captivating content will help you level up your AWS Networking game and grow as an Advance Networking expert before you know it!
- Course Introduction
- Introduction to AWS Networking
- AWS Networking fundamentals
- Section Introduction
- VPC Addressing (CIDR)
- VPC Route Tables
- IP Addresses – Private vs Public vs
- Elastic & IPv4 vs IPv6
- Elastic Network Interfaces (ENI)
- VPC Firewall – Security Group
- VPC Firewall – Network Access Control List (NACL)
- Default VPC
- Hands On: Creating VPC with Public Subnet
- Hands On: Add Private subnet
- NAT Gateway
- Hands On: Create NAT Gateway
- NAT Gateway High Availability
- NAT Instance (EC2 based NAT)
- Exam Essentials
- VPC Fundamentals
- Extending VPC address space
- Revisiting Elastic Network Interface (ENI)
- Bring Your Own IP
- VPC Traffic Monitoring
- VPC Traffic Mirroring
- VPC Features
- Basics of Network performance – Bandwidth, Latency, Jitter, Throughput, PPS, MTU
- Placement Groups and EBS Optimized EC2 instances
- Enhanced Networking
- DPDK and Elastic Fabric Adapter (EFA)
- Bandwidth Limits inside and outside of VPC
- Network I/O credits
- Summary
- Exam Essentials
- Network Peformance
- Amazon VPC DNS Server
- Default EC2 Public and Private DNS Names
- EC2 Customer domain name
- VPC DHCP Options sets
- Hands On: Custom DNS with Route53 Private Hosted zone
- Hands On: Custom DNS with DNS server
- Hybrid DNS resolution – VPC to On-premises and On-premises to AWS
- Summary
- VPC DNS
- Introduction to VPC endpoints
- VPC Gateway Endpoint
- Hands On: VPC gateway endpoint
- VPC endpoints and S3 bucket policy
- Accessing VPC gateway endpoint from remote network
- VPC Endpoints
- Introduction to VPC private connectivity Options
- VPC Peering
- Hands On: VPC Peering across AWS regions
- VPC Peering invalid scenarios
- VPC Peering
- Introduction to
- Transit Gateway
- Transit Gateway VPC attachments and Routing
- Hands On: Transit Gateway & VPCs with full routing
- Hands On: Transit Gateway & VPCs with restricted routing
- Transit Gateway VPC Network Patterns
- Transit Gateway AZ considerations
- Transit Gateway AZ affinity & Appliance mode
- Transit Gateway Peering
- Transit Gateway Connect Attachment
- Transit Gateway & Direct Connect
- Transit Gateway Multicast
- TGW Architecture: Centralized outbound internet using NAT
- TGW Architecture: Centralized IPS/IDS with Gateway Load Balancer
- TGW Architecture: Centralized VPC interface endpoints
- VPC Peering vs Transit Gateway
- Transit Gateway Sharing
- Introduction to VPC Interface endpoint
- Hands On: Create
- VPC interface endpoint and access SQS
- VPC Interface endpoint for Customer service (PrivateLink)
- VPC PrivateLink architecture
- Hands On: VPC PrivateLink
- VPC interface endpoint DNS
- Accessing VPC interface endpoint from remote network
- VPC PrivateLink vs VPC Peering
- Summary
- Exam Essentials
- VPC PrivateLink and Interface endpoints
- Introduction to AWS Site-to-Site VPN
- Hands On: Setup AWS Site-to-Site VPN
- VPN NAT Traversal (NAT-T)
- VPN Route Propagation (Static vs Dynamic)
- VPN Transitive Routing scenarios
- VPN Tunnels – Active/Passive Mode
- VPN Dead Peer Detection (DPD)
- VPN Monitoring
- AWS Site-to-Site VPN Architectures
- AWS VPN CloudHub
- EC2 based VPN
- EC2 based VPN – High Availability
- EC2 based VPN – Horizontal Scaling
- AWS Transit VPC
- Introduction to Hybrid Networking
- OSI Layers refresher
- How IPSec VPN works?
- Static Routing vs Dynamic Routing
- How BGP works?
- BGP Route selection – ASPATH, LOCAL_PREF, MED
- Introduction to AWS Client VPN
- Hands On: Setup the AWS Client VPN
- Hands On: Accessing VPC internet gateway over the Client VPN connection
- Hands On: Client VPN Split Tunnel
- Hands On: Accessing VPC peering connection over a Client VPN
- Introduction to
- Direct Connect
- Direct Connect Components
- Direct Connect Requirements
- Direct Connect Connection Types – Dedicated vs Hosted
- Steps to create Direct Connect Connections
- Walkthrough: Creating a DX Connection
- Introduction to DX Virtual Interfaces (VIFs)
- DX Virtual Interfaces (VIF) creation parameters
- Public VIF
- Private VIF
- Direct Connect Gateway
- Direct Connect with Transit Gateway (TGW)
- DX and Transit VPC
- DX Routing policies and BGP communities
- Public VIF Routing policies
- Public VIF routing scenarios
- Public VIF BGP Communities
- Private VIF routing policies and BGP communities
- DX LAG (Link Aggregation Group)
- DX Connection Resiliency
- DX Failure detection with BFD – Bidirectional Forwarding Detection
- DX Security & Encryption (VPN over DX and MACSec)
- MTU and Jumbo Frames for DX
- DX Billing
- DX Monitoring using CloudWatch
- DX Troubleshooting – Layer1-4
- Summary and Exam Essentials
- Direct Connect
- CloudFront Overview
- CloudFront Origins
- Hands On: Origin Groups
- CloudFront Origin Headers
- CloudFront Origin Security
- Hands On: Restrict an ALB to
- CloudFront
- CloudFront and HTTPS
- End-to-End Encryption in
- CloudFront
- CloudFront Geo Restrictions
- CloudFront Functions and Lambda@Edge
- Hands On:
- CloudFront Functions
CloudFront Cleanup - AWS Global Accelerator
- Hands On: AWS Global Accelerator
- CloudFront
- What is a DNS ?
- Route 53 Overview
- Route 53 – Registering a domain
- Route 53 – Creating our first records
- Route 53 – EC2 Setup
- Route 53 – TTL
- Route 53 CNAME vs Alias
- Routing Policy – Simple
- Routing Policy – Weighted
- Routing Policy – Latency
- Route 53 – Health Checks
- Route 53 – Health Checks Hands On
- Routing Policy – Failover
- Routing Policy – Geolocation
- Routing Policy – Geoproximity
- Routing Policy – Traffic Flow & Geoproximity Hands On
- Routing Policy – Multi Value
- 3rd Party Domains & Route 53
- DNS Migration in Route 53
- Common Route 53 Records
- Route 53 – Subdomain Zones
- Route 53 – DNSSEC
- Route 53 Resolvers & Hybrid DNS
- Hands On: Route53 Resolvers – Part 1 – Setting up VPN
- Hands On: Route53 Resolvers – Part 2 – DNS configuration
- Hands On: Route53 Resolvers – Part 3 – Resolver endpoints
- Route 53 Logging
- Route 53 DNS Firewall
- Solution Architectures for DNS
- Route 53 – Cleanup
- Route 53
- ELB Overview
- Classic Load Balancer
- Application Load Balancer
- Network Load Balancer
- Connection Idle Timeout
- Request Routing Algorithm
- Sticky Sessions (Session Affinity)
- Cross-Zone Load Balancing
- ELB SSL/TLS
- Connection Draining
- X-Forwarded Headers
- Hands On: ALB X-Forwarded Headers
- Proxy Protocol
- Hands On: NLB Proxy Protocol
- gRPC & ALB
- Hybrid Connectivity
- Load Balancer
- Introduction to AWS Network Security Services
- Recap – Security Groups and Network ACL
- AWS Web Application Firewall (WAF)
- Hands On: Cross-Site Scripting (XSS) attack simulation and prevention with WAF
- Introduction to AWS Network Firewall (2021)
- AWS Network Firewall – VPC and Route tables
- AWS Network Firewall Components & Rule groups
- Hands On: AWS Network Firewall
- The legacy way of using the Network appliances
- Gateway Load Balancer and Traffic flow
- Hands On: Gateway Load Balancer
- Summary: Gateway Load Balancer
- Exam Essentails
- THANK YOU!
- Bonus Lecture
- Overview of the Course
- Our Community
- Introduction to Domain 1
- Case Study of Hacked Server
- AWS Abuse Reports
- AWS GuardDuty
- Update – Guard Duty
- Whitelisting Alerts in AWS GuardDuty
- Document – GuardDuty Alert Lists
- Centralized Dashboards for GuardDuty Findings
- Incident Response
- Incident Response Use-Cases for Exams
- Use Case – Dealing with Exposed Access Keys
- Use Case – Dealing with compromised EC2 Instances
- Amazon Detective
- Incident Response in Cloud
- Penetration Testing in AWS (New)
- Introduction to Vulnerability, Exploit, Payload
- VEP Practical – Hacking inside a test farm
- Understanding Automated Vulnerability Scanners
- Common Vulnerabilities Exposures & CVSS
- Introduction to AWS Inspector
- New EC2 GUI
- AWS Inspector Vulnerability Scans
- AWS Security Hub
- Overview of Layer 7 Firewalls
- Understanding AWS WAF
- Deploying AWS WAF
- Overview of AWS Systems Manager
- Configure SSM Agent
- Overview of Sessions Manager
- SSM – Run Command
- Overview of Patch Manager
- Parameter Store
- Systems Manager Automation
- Systems Manager Inventory
- Creating our First Inventory in SSM
- Overview of Unified CloudWatch Agent
- Unified CloudWatch Agent – Practical
- Document – Unified CloudWatch Agent
- Amazon EventBridge
- Amazon Athena
- Revising AWS Config
- Revising AWS Config – Practical
- Trusted Advisor
- Understanding CloudTrail
- Creating First CloudTrail Trail
- CloudTrail Event Types
- CloudTrail – Log File Integrity Validation
- Document – S3 Log File Validation
- Digest Delivery Times
- Overview of Amazon Macie
- Detecting Sensitive Files with Macie
- S3 Event Notification
- Revising VPC Flow Logs
- VPC Flow Logs In-Detail
- Centralized Logging Architecture
- Cross-Account Logging for CloudTrail
- Document – Centralized Logging Policy
- Considerations – S3 Bucket Policy for Cross Account CloudTrail
- Document – Conditional S3 Bucket Policy for CloudTrail
- AWS SNS
- Streaming Data & Amazon Kinesis
- Amazon Kinesis Service Offerings
- Bastion Hosts & SSH Agent Forwarding
- Document – Commands for SSH Agent Forwarding
- Introduction to Virtual Private Networks
- Understanding AWS Client VPN Endpoints
- Creating Client VPN Endpoints
- Document – Commands to Setup ClientVPN Endpoint
- Overview of AWS
- VPN Tunnels
- VPC Peering
- Overview of VPC Endpoints
- Implementing Gateway VPC Endpoints
- VPC Endpoint Policies
- Overview of Interface VPC Endpoints
- Implementing Interface Endpoints
- Overview of VPC Endpoint Services
- Network ACLs
- NACL – Rule Ordering
- Understanding Stateful vs Stateless Firewalls
- IDS / IPS in AWS
- EBS Architecture & Secure Data Wiping
- Understanding the Content Delivery Networks
- Demo – CloudFront Distribution
- Understanding Edge Locations
- Deploying CloudFront Distribution
- Origin Access Identity
- Overview of CloudFront Signed URLs
- Implementing CloudFront Signed URLs
- Field Level Encryption in CloudFront
- Real World example on DOS Implementation
- AWS Shield
- Mitigating DDOS Attacks
- Document – DDoS References
- Introduction to Application Programming Interface (API)
- Understanding the working of API
- Building Lambda Function for our API
- Building our first API with API Gateway
- Lambda & S3
- EC2 Key-Pair Troubleshooting
- EC2 Tenancy Attribute
- AWS Artifact
- Lambda@Edge
- Lambda@Edge Demo
- DNS Attributes in VPC
- DNS Query Logging
- Implementing Route53 Query Logging
- Step Function
- Overview of Network Firewall
- Deploying Network Firewall
- Overview of AWS Organizations
- Creating our first AWS Organization & SCP
- Organizational Unit (OU) in AWS organization
- IAM Policy Evaluation Logic
- Identity and Resource Based Policies
- Understanding IAM Policies
- IAM Policies – Part 02
- Identity Account Architecture
- Creating Cross-Account IAM Roles
- Cross Account IAM Policy Document
- External ID in Delegation
- EC2 Instance Meta-Data
- Revising IAM Role
- Understanding working of an IAM role
- IPTABLES & Instance Meta-Data
- Document – Commands
- IAM – Version Element
- IAM Policy Variables
- Document – IAM Policy Variable
- Principal and NotPrincipal Element
- Document – Resource Policy for Principal Element
- Implementing NotPrincipal Element
- Document – NotPrincipal S3 Bucket Policy
- Conditionl Element
- Document – Condition Policy Examples
- AWS Security Token Service
- Federation
- Understanding SAML for SSO
- Overview of AWS Single Sign-On
- Implementing AWS SSO
- Integrating AWS SSO with AWS CLI
- Amazon Cognito
- Understanding Active Directory
- Introduction to AWS Directory Service
- Domain Joining EC2 instance with Directory Service
- Document – Joining Linux Instance with SimpleAD
- Trusts in Active Directory
- S3 Bucket Policies
- Bucket Policy Document
- Regaining Access to Locked S3 Bucket
- Bucket Policy Document – Deny Statements
- Cross Account S3 Bucket Configuration
- Document – Cross Account S3 Bucket Policy.
- Canned ACLs
- Document – Canned ACLs Commands
- Understanding Presigned URLs
- S3 Versioning
- S3 – Cross Region Replication
- S3 Object Lock
- MFA Protected API Access
- Document – MFA CLI Commands
- IAM Permission Boundaries
- IAM and S3
- Document – IAM Policies Troubleshooting IAM Policies
- Document – Troubleshooting Policies
- Troubleshooting Answers – Solution 01
- Troubleshooting Answers – Solution 02
- Troubleshooting Answers – Solution 03
- Troubleshooting Answers – Solution 04
- Troubleshooting Answers – Solution 05
- AWS Control Tower
- IAM Service Role and Pass Role
- Document Code – Pass Role Policy
- Amazon WorkMail
- Introduction to Cryptography
- Understanding communication Protocols
- Plain Text vs Encrypted Text Based Protocols
- Understanding the Disk Level encryption schemas
- AWS CloudHSM
- Important Pointers – CloudHSM
- AWS Key Management Service
- Creating our first Customer Managed Key (CMK)
- Document – CMKs References
- Envelope Encryption with KMS
- Schedule Key Deletion
- Overview of
- Asymmetric Key Encryption
- Asymmetric Keys with KMS
- Document – Asymmetric Encryption Commands
- Digital Signing with KMS
- Document – Digital Signing with KMS Commands
- AWS Key Management Service – Data Key Caching
- AWS Key Management Service – CMK Deletion & EBS Use-Case
- Reducing Risk of Unmanageable CMK
- KMS – Authentication and Access Control
- KMS Policy Evaluation Logic – Use Case Solution – 01
- Document – KMS Use Case 01
- KMS Policy Evaluation Logic – Use Case Solution – 01
- KMS Policy Evaluation Logic – Use Case 02
- Document – KMS Use Case 02
- KMS Policy Evaluation Logic – Use Case Solution – 02
- KMS Policy Evaluation Logic – Use Case – 03
- Document – KMS Use Case 03
- KMS Policy Evaluation Logic – Use Case Solution – 03 (New)
- KMS Grants
- Document – KMS Grants Commands
- Importing Key Material to KMS
- Document – Imported Key Material Commands
- KMS ViaService
- Document – KMS ViaService Policy
- Migrating Encrypted KMS Data Across Regions
- Multi-Region KMS
- Benefits of CloudHSM over KMS
- S3 Encryption
- Load Balancing in AWS
- OSI Model & AWS ELB
- Classic Load Balancers
- Overview of Application Load Balancers
- Listener and Target Groups
- ALB Practicals
- Network Load Balancers
- ELB Access Logs
- Understanding HTTPS Connections
- Overview of AWS Certificate Manager
- Issuing Certificates with ACM
- Glacier Vault and Vault Lock
- DynamoDB Encryption
- Overview of AWS Secrets Manager
- RDS Integration with AWS Secrets Manager
- Encryption Context in KMS
- Document – Encrypted Context Commands
- DNS Cache Poisoning Attack
- Document – External Link
- Overview of DNSSEC
- PCAP Files – DNS and DNSSEC
- Configuring DNSSEC in Route53
Please write to us at [email protected] for the price and upcoming schedule.
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Sed do eiusmod tempor incididunt ut labore et dolore magna aliqua.
Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat.
Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur.
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Sed do eiusmod tempor incididunt ut labore et dolore magna aliqua.
Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat.
Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur.
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Sed do eiusmod tempor incididunt ut labore et dolore magna aliqua.
Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat.
Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur.
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Sed do eiusmod tempor incididunt ut labore et dolore magna aliqua.
Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat.
Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur.
