Hands-on tutorial for system administrators on network monitoring and security
source: Tonga Govt news portal
The Asia Pacific Network Information Center (APNIC) and the APNIC Foundation are visiting Tonga for consultations with key stakeholders. As part of the visit the team will gather input from network operators, the private sector, public enterprises and government ministries to scope a technical training plan that supports the development of the internet in up to five Pacific Island economies, including Tonga. The consultation process also seeks advice on how technical training for network operators can enhance their capacity to reap the benefits of the increased connectivity facilitated by the deployment of submarine cables and other connectivity initiatives.
One of the project’s aim is for countries like Tonga to have an open, stable and secure internet run by local network operators who are well equipped with the necessary skills to manage the network.
A common theme identified by IT professionals during the consultations was the need for more training in network monitoring and security. The technical training plan will support the development of training workshops in 2020, but taking advantage of the opportunity, a three-hour hands-on tutorial on network monitoring and packet analysis was quickly organized by the team in collaboration with CERT Tonga.
APNIC Senior Network Analyst and Technical Trainer Mr. Warren Finch conducted the tutorial. The event was attended by more than 30 local system and network administrators from private sector, government ministries and public enterprises.
“Tonight was a result of talking to different people that we’ve met through this week and working out that a lot of people were interested in network monitoring and security. This session was pretty impromptu, but the team was really excited about providing a training opportunity there and then. Is not that often that we get to respond to a community need so quickly, so we are glad it was possible to do” said Cherie Lagakali, project manager for the APNIC Foundation.
The tutorial focused on examining elements involved in establishing and maintaining security for a network and building familiarity with the operations. Participants were taken through the practical approach to Overview of Intrusion Detection systems, Packet Analysis using tcpdump and Session and Signature Analysis using Security Onion (a free and open source Linux distribution) for intrusion detection, enterprise security monitoring and log management.
Participants were also introduced to packet analysis and different tools critical to dissect network packets related to security incidents.
The tutorial was facilitated by APNIC staff as part of an APNIC Foundation project funded by the Australian Cyber Cooperation Program. The event was supported by the Australian Government funded CERT Tonga Development Support Project and the Ministry of MEIDECC.