Skip to main content

APNIC 60 Home

APNIC 60 Home

#apnic60

DA NANG,
VIET NAM
4 - 11 September 2025

APNIC Academy Training

  1. Advanced Routing Workshop (Train-the-Trainer)
  2. Network Management, Monitoring & Security Workshop

Advanced Routing Workshop (Train-the-Trainer)

Instructors:

Imtiaz Sajid, Makito Lay

Academy link

Synopsis

This Workshop is part of the Train-The-Trainer program which is catered for participants who are community champions planning to conduct training and leading the capacity building efforts in their own local community.

The Advanced Routing Workshop is a comprehensive, hands-on program designed for experienced network professionals seeking to deepen their understanding of BGP and advanced routing concepts. This Workshop assumes a good working knowledge of routing fundamentals and builds upon these to explore sophisticated BGP implementations, traffic engineering techniques, and security considerations in today's complex network environments.

Participants will develop practical skills through extensive lab exercises that mirror real-world scenarios encountered in service provider and enterprise networks. The Workshop covers critical topics including BGP policy implementation, route redistribution, scaling techniques, security mechanisms, and the integration of IPv6 into existing routing infrastructures. Special emphasis is placed on BGP best practices, RPKI deployment, and traffic engineering strategies that optimise network performance and resilience.

By the end of this intensive Workshop, participants will be equipped with advanced routing expertise to design, implement, and troubleshoot complex routing infrastructures that meet the demands of modern network environments.

Target Audience

This Workshop is intended for network engineers working in active operational environments within service providers or multi-homed enterprise networks. Ideal participants include:

  • Technical staff who would be providing local training

  • Network engineers responsible for BGP routing design and implementation

  • Systems administrators managing complex routing infrastructures

  • Technical staff involved in Internet exchange point operations

  • Network architects planning service provider network expansions

  • Security professionals focusing on routing infrastructure protection

Pre-requisites

Participants are expected to have:

  • Working knowledge of routing protocols, particularly BGP

  • Practical experience with Internet operations

  • Familiarity with basic networking concepts and the TCP/IP model

  • Experience with router configuration (Cisco IOS XE, Juniper Junos OS, MikroTik RouterOS, or similar platforms)

  • Understanding of IP addressing and subnetting

We recommend the following APNIC Academy courses be completed before attending this Workshop:

Course Outline

  • Introduction to BGP

  • BGP Working Mechanism

  • BGP Path Attributes & Best Path Selection

  • BGP Address Families

  • Dual-Stack BGP Routing

  • BGP Relationship between Networks

  • BGP Security

  • BGP Routing Policies

  • Route Redistribution

  • IBGP Scaling

  • EBGP Load Sharing and Failover

  • BGP Traffic Engineering

  • Securing Internet Routing with RPKI

  • BGP Best Common Practices

  • Multihoming Techniques

  • Train-The-Trainer

Learning Objectives

Upon completion of this workshop, participants will be able to:

  1. Design and implement sophisticated BGP routing policies for various network requirements

  2. Deploy effective BGP security measures to protect routing infrastructure

  3. Implement RPKI and ROV to enhance routing security against prefix hijacking

  4. Configure advanced BGP traffic engineering techniques to optimise network paths

  5. Deploy scalable IBGP architectures for large networks

  6. Implement BGP for IPv6 and manage dual-stack routing environments

  7. Troubleshoot complex BGP routing issues using systematic approaches

  8. Apply industry best practices for BGP configuration and management

  9. Design redundant and resilient routing infrastructures

  10. Develop effective BGP peering strategies for optimal Internet connectivity

Other Requirements

Participants are advised to bring their own laptop or desktop computer with:

  • Intel i5 or i7 processor (or equivalent)

  • Minimum 8GB of RAM

  • At least 30GB of free hard disk space

Pre-workshop setup:

  • Create an APNIC Academy account at https://academy.apnic.net/ (if you do not already have one)

  • Get your self familiarise with Virtual Labs at APNIC Academy

Note: All hands-on exercises will be conducted using virtual lab environments.

Network Management, Monitoring & Security Workshop

Instructors:

Shane Hermoso, Awal Haolader

Academy link

Synopsis

In today’s rapidly evolving IT landscape, ensuring a secure and efficient network infrastructure is critical. This workshop will provide practical skills and knowledge for securing networks, managing complex systems, and effectively monitoring performance to minimize downtime and risks. The two key topics covered in this workshop include:

  • Network security, a broad topic that affects many aspects relating to end-users, applications, and infrastructure. This workshop will examine key concepts, protocols, policies, and practices to protect data and assets from potential attacks or abuse. It will also cover network infrastructure security with a focus on establishing robust, stable networks with secure routing. This workshop will also discuss security operations and examine common security incidents/breaches, countermeasures and mitigation tools.
  • Network management and monitoring, a critical process for ensuring the reliability, performance, and security of the network infrastructure. It includes managing network devices, monitoring their performance, resolving alerts and securing the network from threats.

This workshop dives deep into network security and network management and monitoring concepts and protocols. Participants will explore different security and monitoring tools, including security controls, configuration management, and network telemetry.

Target Audience

This workshop is intended for network administrators, system administrators and security professionals who are interested to learn about the latest technologies and best practices in network security and NMM, and would like to gain further understanding of network and security operations.

Pre-requisites

It is assumed that participants have a basic understanding of:

  • Network operations, Internet technologies, OSI reference model and TCP/IP
  • Basic command line (CLI) skills

We recommend the following Academy courses be completed before the start of the tutorial:

Course Outline

  • Intro to Network Security
  • Device & Infrastructure Security
  • Packet Analysis
  • Intrusion Detection
  • DDoS Attacks and Countermeasures
  • BGP Route Hijack, Leak Detection & Prevention
  • IPv6 Security
  • Secure Internet Routing
  • Security Operations & Monitoring
  • Vulnerability Assessment and Penetration Testing
  • Honeypots and Honeynet
  • Log Management & Flow Monitoring
  • Time series database
  • Model-driven Telemetry

Expected Learning Outcomes

  • Identify and explain fundamental network security concepts, common threats and vulnerabilities.
  • Understand the core concepts of IDS, demonstrate practical skills in configuring IDS/IPS to analyze network threats.
  • Demonstrate comprehensive understanding of RPKI ROA, Validators and RPKI based Route Origin Validation.
  • Identify different types of DDoS attacks and implement DDoS mitigation techniques.
  • Apply practical skills to implement log management system for network devices and servers.
  • Understand flow monitoring and deploy monitoring tools with time series database and model-driven telemetry.
  • Apply structured methodologies for packet analysis to enhance network security monitoring and incident response.
  • Demonstrate the ability to conduct vulnerability assessments and penetration tests to identify security weaknesses.
  • Build knowledge of honeypots and honeynets for network threat detection and analysis.

Other Requirements

  • Participants are advised to bring their own laptop or desktop computers with high-speed internet access and administrative access to system. It is also recommended that computers have Intel i5 or i7 processor, >=8GB of RAM and 30GB of free hard disk space.
  • Software: SSH Client, Telnet Client (PuTTy)
  • Confirm Secure SHell (SSH) is allowed from the office or home network to access the lab infrastructure. Test SSH connectivity, try to connect to route-views.routeviews.org.For example, from the CLI type: ssh rviews@route-views.routeviews.org
  • Attendees must have an APNIC Academy login account. If you don't have one already, you can create an account for free at https://academy.apnic.net/
  • Please test the speed of your Internet connection to the servers where the Virtual Machines (VMs) are hosted at the Learn on Demand data centres, using the speed test tool at https://www.learnondemandsystems.com/speedtest/