Corsi di Laurea Corsi di Laurea Magistrale Corsi di Laurea Magistrale
a Ciclo Unico
Scuola di Ingegneria
INL1001835, A.A. 2017/18

Informazioni valide per gli studenti immatricolati nell'A.A. 2016/17

Principali informazioni sull'insegnamento
Corso di studio Corso di laurea magistrale in
IN0521, ordinamento 2009/10, A.A. 2017/18
porta questa
pagina con te
Crediti formativi 9.0
Tipo di valutazione Voto
Dipartimento di riferimento Dipartimento di Ingegneria dell'Informazione (DEI)
Sito E-Learning
Obbligo di frequenza No
Lingua di erogazione INGLESE
Corso singolo È possibile iscriversi all'insegnamento come corso singolo
Corso a libera scelta È possibile utilizzare l'insegnamento come corso a libera scelta


Dettaglio crediti formativi
Tipologia Ambito Disciplinare Settore Scientifico-Disciplinare Crediti
CARATTERIZZANTE Ingegneria informatica ING-INF/05 9.0

Modalità di erogazione
Periodo di erogazione Secondo semestre
Anno di corso II Anno
Modalità di erogazione frontale

Organizzazione della didattica
Tipo ore Crediti Ore di
Ore Studio
LEZIONE 9.0 72 153.0 Nessun turno

Inizio attività didattiche 26/02/2018
Fine attività didattiche 01/06/2018

Commissioni d'esame
Commissione Dal Al Membri
9 A.A. 2017/2018 01/10/2017 15/03/2019 SOCEANU ALEXANDRU (Presidente)
MORO MICHELE (Membro Effettivo)
8 A.A. 2016/2017 01/10/2016 15/03/2018 SOCEANU ALEXANDRU (Presidente)
MORO MICHELE (Membro Effettivo)

Prerequisiti: Basic knowledge in the area of Computer Networks, Java knowledge
Conoscenze e abilita' da acquisire: Learning objectives:
After completing this course students will be able to:
• Understand the role and the objectives of network management (NM) for an organization
• Learn how to investigate various standard/private Management Information Bases (MIB) and Remote MIBs
• Configure and use various types of network management tools and protocols: SNMPv2/v3, NetFlow, OpenFlow, OpenNMS, NetFlow-Collector
• Diagnose security problems and use diagnostic/auditing tools
• Investigate attacks on network components and on network applications
• Use tools and techniques for protecting the network components and network applications: NGFW, NGIPS, VPN, RADIUS, Sandboxen.
• Understand how to manage Software Defined Network (SDN) using Mininet.
• Be aware of the security assurance requirements of the organizations
Modalita' di esame: Exam: written exam 90 min.; the acceptance to the exam is completion of all lab and project assignments; Final grade evaluation: 60% written exam + 40% lab/project assignments
Criteri di valutazione: The evaluation of the labs/projects are based on following criteria:
- Quality of the running live implementation in the class
- Presentation of the project components (.ppt presentation)
- Short analysis of the Java code
- Evaluation of the project report
- Evaluation of the answers of the member of the team (individually) to the questions during the presentation
Contenuti: Course content:
• Surveys of Fundamentals on Computer Networks: Medium Access Control, TCP/IP Stack, Spanning Tree Protocol, VLAN, Addressing/Subnetting, Routing Alg./Protocols/Tables, QoS, CoS.
• Network Management (NM) Architecture: Reference Model, Legacy NM Functionalities: Monitoring, Performance, Fault, Configuration, Accounting, Distributed NM, Proxy Architecture, Policy Governed Architecture, EVAS NM Architecture (Endpoint Visualization, Access, and Security), Internet of Things (IoT) Architecture, Software Defined Networks Architecture (SDN).
• Management Information Bases (MIBs): Std. and Private MIBs, MIB II, ASN.1 Language, Structure of Management Information (SMI) using ASN.1, Basic Encoding Rules (BER), Remote Network Monitoring MIBs: RMON1&2.
• NM-Protocols and -Systems: SNMPv2&v3, NetFlow, OpenFlow, CoAP, 6LoWPAN, NM Systems: OpenNMS, NetFlow Collector, Mininet (SDN)
• Network Attacks: Type of Attacks: Reconnaissance (Reconn), Denial of Service (DoS), DDoS, Case studies of Network Attacks;
• Network Security Models: Basic Security Model: Confidentiality, Integrity, Availability, Network Access Control (NAC), Transport Layer Security: SSL, TSL, DTLS, Network Layer Security: Packet filtering, Access Control List (ACL), PAT/NAT, IPSec, VPN, Link Layer Security: IEEE 802.15.4
• Managing Protection against Network Attacks: VLAN Security, New Generation FW (NGFW), New Generation IPS (NGIPS), Legacy NAC using Std. IEEE 802.1x and RADIUS, Managing NAC using Policy Engines: Case Study: NAC using Policy Governed Network CISCO-ISE, Managing Sandboxing Protection
• NM Protection Regulation Guides.
Attivita' di apprendimento previste e metodologie di insegnamento: A) Face to face weekly courses
B) Lab/Project assignments:
1. Managing Static/RIPv2/OSPF Routing,
2. Monitoring/Controlling CNs using SNMPv2&v3 and MIBII technology,
3. Monitoring the CN using OpenNMS Tool and SNMP,
4. Monitoring the CN using NetFlow protocol and NetFlow Collector,
5. Monitoring/Controlling SDN-based CNs using Mininet
6. Program CN attacks using Scapy attack generator: Reconn., DoS/DDoS
7. Configure/Analyze VPN method based traffic protection using OpenVPN,
8. Configure/Analyze CN protection using NGFW-(Untangle) and NAT-Tools,
9. Configure/Analyze Network Access Control (NAC) using RADIUS-Server
10. Configure/Analyze IPS based protection using Snort(IPS)-Tool,
11. Configure/Analyze Sandbox based protection using Sandbox Tool Cuckoo

All assignments will be carried out using the virtual lab container with already installed network components and software packages. The network components are based on virtual machines and open source software tools, i.e.: Wireshark, Vyos Router supporting MIBII, SNMPv2&3 and NetFlow Agents, OpenNMS, NetFlow Collector, RADIUS, IPS (Snort), NGFW (Untangle), Sandbox (Cuckoo), OpenVPN, Mininet, OpenvSwitch.
The lab assignments will be carried out in a collaborative manner by teams of 2-3 students. The completion of labs and the projects are mandatory for being admitted to the exam
Eventuali indicazioni sui materiali di studio: References:
1. James Kurose and Keith Ross: "Computer Networking, A Top Down Approach", 6th Ed., Pearson Education, N. Y., 2013
2. William Stallings: „SNMP, SNMPv2, SNMPv3 and RMON 1 and 2“, 3rd Ed., Addison Weslay, 2006
3. William Stallings & Larie Brown: "Computer Security: Principle and Practice", 3rd Ed., Pearson Education., 2015
4. T. Alpcan, T. Bas: “Network Security”, Cambridge University Press, 2010
5. Omar Santos: "Network Security with NetFlow and IPFIX", Pearson Education, 2015
6. O.Santos, P.Kampanakis, A. Woland, N. Hamphrey:"CISCO Next Generation Security Solutions", Pearson Education, 2016
7. Richard Burke: “Network Management : Concepts and Practice: A Hands-On Approach”, Prentice Hall, Upper Saddle River, NJ 07458, 2004
8. Diego Kreutz, et. Co: “Software-Defined Networking: A Comprehensive Survey”, Cornell Univ. Library, 2014,
9. Introduction to NetFlow (CISCO) netflow/prod_white_paper0900aecd80406232.html
Testi di riferimento:
  • see: DEI-UNIPD Moodle of the course "Computer Network Management", Exam Patterns section. Moodle DEI-UNIPD: --, --.