Do you have the responsibility for implementing security for TCP/IP? What options are available? You may have heard of IPSec, Secure Sockets Layer, Virtual Private Tunnels or Intrusion Detection Services. What implementation pitfalls will you run into? Would you like to have some hands-on experience? Would you like to see trace packets using such protocols?

What about network cryptography? One of the most critical portions of IPsec and SSL is the initial negotiation (SSL handshake or ISAKMP). These negotiations rely on public / private key encryption and Diffie-Hellman key exchange. How do these really work?

In this class, we will understand:

• Asymmetric encryption / symmetric algorithms
• Public key / private key encryption
• Diffie-Hellman key exchange / groups
• ISAKMP phase 1 and phase 2 negotiation
• Packet flow for ISAKMP
• SSL handshake
• SSL troubleshooting

We will actually implement Policy Agent, SSL, AT-TLS, and IPSec (TRMD and IKED) on z/OS. Then, trace flows! To view the full class description, please click on Face to Face Security Class Description.