Choose your region and languages

Some content is only available in English

Didn't find your region or language?

Nokia Network and Service Router Security

The Nokia Network and Service Router Security course presents the technology, techniques, and best practices for implementing security in a Service Router based network. The course begins with an introduction to the security components, security challenges, and security risks and threats. It then covers in detail various methods, features, and techniques for securing the Nokia Service Router Operating System (SR OS) management plane, control plane, and data plane. Students will participate in many practical hands-on lab exercises throughout the course to ensure implementation-level knowledge of network and router security.

View schedules and locations below

Credit Towards Certification

  • Satisfies the elective exam requirement for the Nokia Service Routing Architect certification


4 days


Nokia Network and Service Router Security (4A0-111)

Course Number


Recommended Prerequisites

  • Nokia Scalable IP Networks
  • Nokia Interior Routing Protocols
  • Nokia Multiprotocol Label Switching
  • Nokia Services Architecture
  • Nokia Border Gateway Protocol

Course Objectives

After completing the course, students should be able to:

  • Define security and its related terms
  • Describe the key components of a secure network: authentication, confidentiality, integrity and availability
  • Understand the two types of encryption algorithms
  • Understand common security challenges and threats to each layer in the OSI model
  • Describe the two management plane access types
  • Describe management plane attacks
  • Describe and configure various security features to control router access
  • Understand how to use filters and logging to restrict management traffic and track user activities
  • Explain and implement the configuration management features: configuration rollback, transactional configuration, command accounting, SNMP, and Netconf
  • Describe the different control plane threats
  • List the various methods and techniques for securing the control plane
  • Describe the different features that can be used to protect the CPM, such as CPM filters, CPM queues and CPU protection
  • Describe and configure techniques for Layer 2 VPLS security
  • Understand and configure techniques for securing Layer 3 protocols and routing information (IGP, MPLS, Multicast, and BGP)
  • Understand different data plane security threats such as address spoofing, data snooping, and denial of service attacks
  • List various techniques that can be used to protect the data plane such as network monitoring, traffic filters and IPSec tunnels
  • Describe passive and active monitoring and list monitoring options
  • Describe and configure local and remote mirroring
  • Describe and configure Cflowd
  • Understand lawful intercept
  • Configure traffic filters
  • Describe and configure unicast reverse path forwarding (uRPF) for IPv4/IPv6 protocols
  • Describe and configure BGP filters
  • Describe and configure BGP remote triggered black hole (RTBH)
  • Describe and configure BGP Flowspec
  • Describe and configure BGP route origin validation (ROV)
  • Describe IPSec protocols (IKE, ESP, AH)
  • Understand and configure IPSec tunnels used to protect data integrity

Course Modules

  • Module 1– Introduction to Security
  • Module 2 – SR OS Management Plane Security
  • Module 3 – SR OS Control Plane Security
  • Module 4 – SR OS Data Plane Security


Schedule and Locations

Nokia Network and Service Router Security

Price for this course is $3125 (USD) per seat
Start Date End Date Location Delivery Provider
29 Mar 21 01 Apr 21 USA - Plano Virtual NOKIA Register
12 Apr 21 15 Apr 21 India - Bangalore Virtual NOKIA Register
21 Jun 21 24 Jun 21 France - Paris Virtual NOKIA Register
20 Sep 21 23 Sep 21 India - Bangalore Virtual NOKIA Register
27 Sep 21 30 Sep 21 USA - Plano Virtual NOKIA Register
29 Nov 21 02 Dec 21 France - Paris Virtual NOKIA Register
  • Page 1 of 1

SRC Confidentiality

Review the SRC confidentiality agreement.