sdnog workshops

• Understanding GPON Technology
• مقترح جلسة لطلبة وخريجي الجامعات بمجال تقنية المعلومات والشبكات
• Shift-Left AppSec CI/CD Pipeline
• Master IPv6 Subnetting and Address Planning
• Kubernetes Introduction: Hands-on
• Navigating the LLM Landscape: A Practical Implementation Guide for Engineers
• Optics 101 for Non-Optical (IP) Folks
• Managing the Infrastructure Chaos (IaC)
• From Code to Cloud: Building a DevOps Pipeline Step by Step
• Banking on Innovation: FinTech in Fragile vs. Flourishing Markets
• Different Paths in Mobile Development
• about Cloud Architecture
• The Missing Layer: Network Know-How & NetSec from the App’s Point of View
• Automation with Ansible
• DNS & DNSSEC
 operational best practices
• Getting Started with AI: Tools, Skills, and Pathways for Newbies
• Proxmox Virtual Environment (PVE)
• IPv6 101: Basics & Fundamentals
• IT Infrastructure Roadmap
• Cyber Security Roadmap: What You Need to Know and Do
• DevOps Skills Roadmap
• Load Balancing Strategies: From Theory to Practice with HAProxy
• UNIX Boot Camp
• BGP Resource Management Workshop
• ISOC Chapters collaboration (Sudan & Lebanon) : DNS/DNSSEC Workshop
• ICANN DNS Workshop
• Hardening a web-server for the modern internet
• DNS Workshop
• DNSSEC Workshop
• Ethical Hacking Workshop
• Containerization with Docker
• High Availability in LAMP Stack workshop
• HAProxy Lab Setup Guide : Multi-OS Installation
• How to Secure your Network Workshop
• Internet Governance Forum
• IPv6 Workshop by AFRINIC
• IPv6 Fundamentals Workshop
• IXP Best Practices
• Networks Fundamental Workshop
• Network Management and Monitoring Workshop
• Networking Best Practices Workshop
• UNIX/Linux, Networking and DNS Online Course
• Automation Tool: Ansible
• IPv6 for Services
• Network Services and Monitoring Online Course
• OpenStack Workshop
• Network Monitoring Workshop
• Security Workshop - Ethical Hacking
• Layer 2 Security Workshop
• Build your own e-mail Server
• Introduction to Git Workshop
• Automation with Ansible : The basics
• Automation with Ansible - Online Course
• Introduction to Cloud Computing & AWS

Understanding GPON Technology

This workshop introduces participants to GPON (Gigabit Passive Optical Network) technology ,  one of the most widely adopted fiber-optic access solutions used globally by service providers. The session explains how GPON works, its architecture, real-world use cases, and why it has become essential for modern broadband networks.

The workshop is designed for network engineers, telecom professionals, and ICT students interested in fiber-optic access networks and next-generation broadband technologies.

Delivered by:

Louai Modawi
https://www.linkedin.com/in/louaimodawi/ 

Learning Objectives

By the end of this workshop, participants will:
- Understand what GPON is and how it differs from other fiber technologies.
- Learn the main components of GPON architecture: OLT, splitters, and ONT/ONU.
- Explore GPON features such as bandwidth capabilities, long-reach performance, and cost efficiency.
- Learn how GPON supports triple-play services (voice, video, data).
- Discover key deployment models: FTTH, FTTB, FTTC, enterprise networks, smart cities, and backhaul.
- Understand the evolution toward XG-PON and next-generation fiber technologies.

Key Topics Covered

1. Introduction to GPON
2. GPON Architecture & Components
3. GPON Capabilities
4. Real-World Deployment Scenarios
5. Future of GPON

Target Audience

- Network engineers & NOC teams
- ISP & telecom professionals
- University students in ICT and computer engineering
- Anyone interested in fiber-optic and broadband technologies

Expected Outcomes

Participants will leave with:
- A practical understanding of how GPON networks are designed, deployed, and operated
- Knowledge of different fiber deployment models
- Awareness of GPON’s role in national broadband and smart-city projects
- Insights into future fiber technologies and capacity upgrades

Session Recording 

https://drive.google.com/file/d/1c5UUNXgA76FGAQJr7P312v5LTD5J_bWY/view?usp=share_link 

مقترح جلسة لطلبة وخريجي الجامعات بمجال تقنية المعلومات والشبكات

التاريخ: الأحد 14 ديسمبر
الوقت: 7:00 مساءً بتوقيت السودان
نوع الجلسة: غير تقنية
المدة: 60–90 دقيقة

فكرة الجلسة

تهدف الجلسة إلى مساعدة طلاب وخريجي الجامعة على فهم المجالات الأساسية في نظم وتقنية المعلومات ، و الشبكات، وتزويدهم بصورة واضحة عن التخصصات المختلفة، سوق العمل، المهارات المطلوبة، وكيف يبدأ الخريج الجديد طريقه في المجال بشكل صحيح

الجلسة غير تقنية، وتركّز على التوجيه، تبسيط المعلومات، وفتح المجال أمام النقاش

فيديو الجلسة المسجل

https://drive.google.com/file/d/1kfcUHi2T2yEFJnzLH8esqHgTyZuyaOd3/view?usp=share_link 

 

 الفئة المستهدفة

طلبة السنوات النهائية

الطلبة الخريجون حديثاً

أي شخص مهتم بمجال الشبكات وتقنية المعلومات 

أهداف الجلسة

توضيح المجالات المختلفة داخل الشبكات وتقنية المعلومات

تعريفهم بمتطلبات سوق العمل محلياً وإقليمي

توضيح المهارات التي يجب البدء فيها بعد التخرج مباشرة 

 المحاور المقترحة للجلسة

استقبال المشاركين (3–5 دقائق)	ترحيب سريع بالمشاركين تعريف بسيط بعنوان الجلسة وهدفها تذكير بأن الجلسة غير تقنية وتركّز على التوجيه وفتح النقاش
مقدمة قصيرة عن المجال (5 دقائق)	شرح مبسّط جداً عن مجالات IT ما الذي يجعل هذه التخصصات متنوعة ومهمة تمهيد لما سيأتي في الجلسة
تقديم الخبراء (5 دقائق)	يُقدَّم كل خبير في نصف دقيقة: الاسم المسار المهني أو التخصص
مداخلات قصيرة من الخبراء (10–15 دقيقة)	تفصيل اكتر عن المسار المهارات المطلوبة للتخصص في هذا المسار الوظائف المتاحة
فقرة الأسئلة المفتوحة (Q&A) – الجزء الأساسي (30–40 دقيقة)	أهم فقرة في الجلسة فتح الباب للطلاب لطرح أسئلتهم (مايك – شات)  ⁠يوجّه مدير الجلسة الأسئلة للخبير الأنسب الحفاظ على سرعة الإيقاع وعدم الإطالة في الإجابات (1–2 دقيقة لكل إجابة)
نصائح ختامية من الخبراء	كل خبير يقدم نصيحة واحدة مجهزة مسبقا: مثلاً: كيف يبدأ الطالب؟ أهم مهارة يجب تعلمها؟ خطأ شائع يجب تجنبه؟ نصائح أخذ دورة أساسيات وممكن متخصصة بناء سيرة ذاتية بسيط وموفق أهمية تطوير المهارات بالتطبيق العملي بالجهاز الشخصي او اي بيئة تعليمة  التطوع أو التدريب او المشاركة في اي فعاليات تساعد في تطوير المهارات التقنية

 المسارات المقترحة  و المتحدثين

مسار الشبكات	طارق يس	Profile
مسار أمن المعلومات	محمد الحافظ	Profile
DevOps & Cloud	محمد عشاري او احمد حسن	Profile
مسار البرمجة وتطوير التطبيقات	محمد عصام	Profile
System Administration / Linux Admin	محمد عشاري او احمد حسن	Profile
مسار الذكاء الاصطناعي	محمد يوسف	Profile

مراجع مفيدة للاطلاع عليها 

DevOps Skills Roadmap session	معلومات الجلسة
Cyber Security Roadmap	معلومات الجلسة
IT Infrastructure Roadmap	معلومات الجلسة

ورش اخري مقدمة

https://docs.sdnog.sd/books/activities-calendar/page/workshops-schedule 

Shift-Left AppSec CI/CD Pipeline

This introductory workshop provides a practical foundation in Application Security (AppSec) and demonstrates how to integrate security early in the software development lifecycle using a shift-left approach. Designed for beginners, the session covers essential terminology, key concepts in DevSecOps, and enforcement methods that help maintain secure and high-quality code. The workshop concludes with a hands-on demo of an AppSec-enabled CI/CD pipeline.

Instructor

Omar Aladdin
https://www.linkedin.com/in/omar-aladdin/ 

What You Will Learn

- Types of Application Security Assessments
- Terminologies of AppSec
- What is DevSecOps
- Enforcement Techniques in DevSecOps (Quality Gates)
- Challenges of DevSecOps
- Hands-On Demo - a Shift-Left AppSec CI/CD Pipeline

Who Should Attend

Developers, DevOps engineers, junior security engineers, and anyone new to AppSec or DevSecOps who wants a practical introduction to securing applications early in the development lifecycle.

Outcome

Participants will leave with a solid understanding of basic AppSec concepts, how DevSecOps improves security, and how to implement a simple shift-left AppSec pipeline.

Session Recording 

https://drive.google.com/file/d/1dT1aeX-jQZwM0ZBnHft8xYkZfD1JRMqL/view?usp=share_link 

Master IPv6 Subnetting and Address Planning

This hands-on workshop is designed to give network engineers a solid and practical understanding of IPv6 subnetting, address planning, and deployment strategies. Participants will learn how to design scalable IPv6 address plans, allocate subnets efficiently, and avoid common mistakes seen in real-world networks.

Instructor

Bashir Mudeheri
https://www.linkedin.com/in/bashir-mudeheri/ 

What You Will Learn

• Introduction to IPv6 Addressing
  Understanding IPv6 structure, notation, address types, and how IPv6 differs from IPv4.
• IPv6 Subnetting Fundamentals
  How to create and calculate IPv6 subnets, choose the right prefix sizes, and design hierarchical subnet plans.
• Best Practices for Address Planning
  Techniques for building clean, scalable, and future-proof IPv6 addressing schemes for enterprises, ISPs, and data centers.
• IPv6 Deployment Considerations
  Operational tips, common pitfalls, and practical guidance for integrating IPv6 into existing networks.
• Hands-On Exercises
  Real calculation tasks, subnetting drills, and designing an address plan for a sample network.

Who Should Attend

Network engineers, system administrators, and technical professionals who want to strengthen their IPv6 knowledge and prepare for real operational deployment.

Outcome

By the end of this workshop, participants will be able to confidently design IPv6 address plans, perform accurate subnetting, and apply best practices to their organization’s IPv6 rollout.

Session recording 

https://drive.google.com/file/d/1WWAm4dnsRmsl58oMH1sBLZxrVmOum4Bs/view?usp=share_link 

Kubernetes Introduction: Hands-on

This hands-on session introduces participants to Kubernetes, the industry-standard platform for deploying, scaling, and managing containerized applications. The workshop focuses on core concepts, architecture, and practical deployment methods suitable for engineers working with both on-premises and cloud-based environments.

Instructors

Mohammed Ibrahim Oshari
https://www.linkedin.com/in/mohammed-ibrahim-448905115/ 

Omar Aladdin alhaj Ahmad
https://www.linkedin.com/in/omar-aladdin/ 

Level:

Basic to Intermediate — open to anyone interested in Kubernetes.

Topics Covered

- What is Kubernetes?
An introduction to container orchestration, Kubernetes use cases, and why it has become essential for modern infrastructure management.

- Core Components of Kubernetes (k8s)
Understanding the architecture:

• Nodes

• Pods

• Deployments

• Services

• etcd

• Control Plane components (API server, scheduler, controller manager)

• Add-ons and networking basics

- On-Premises vs Cloud Kubernetes
Comparison of running Kubernetes clusters on your own infrastructure versus managed services:

• Operational complexity

• Cost considerations

• Scalability and availability

• Popular cloud offerings (EKS, GKE, AKS)

- Deployment Methods
A practical look at how to deploy Kubernetes clusters:

• Minikube / kind (local)

• kubeadm

• Managed cloud clusters

• GitOps-based deployment workflows

• Basic application deployment on k8s during the hands-on lab

Session Recording 

https://drive.google.com/file/d/147iQN6c-dFs2zzTX0eVdb5cR2KWjOrNs/view?usp=share_link 

Slides

https://drive.google.com/file/d/19M8KTjn3KuDwgdmWTCg9uy3Cw7HwMiMI/view?usp=share_link 

Navigating the LLM Landscape: A Practical Implementation Guide for Engineers

Join us for a focused, engineer-friendly deep-dive into modern Large Language Models (LLMs) and their practical applications in network engineering, operations, and automation.
This weekly workshop series is designed to give participants hands-on knowledge, real deployment insights, and actionable skills.

Instructor 

Mohammed Bakheet
https://www.linkedin.com/in/mrabkoo/ 

Who Should Join?

Network engineers, cloud engineers, systems operators, students in ICT, and anyone interested in practical AI applications in technical operations.

Workshop Topics

1. Prompt Engineering
Learn how to craft effective prompts to get accurate, reliable, and context-aware outputs from LLMs.
We cover:

• Prompt structure and templates
• System vs. user instructions
• Prompt optimization techniques
• Avoiding hallucinations

2. RAG (Retrieval-Augmented Generation) Pipelines
Understand how to integrate your own data sources with LLMs to deliver accurate and domain-specific responses.
We cover:

• Vector embeddings
• Knowledge bases
  
• Architecture patterns for production RAG

3. Fine-tuning LLMs
Dive into customizing LLMs for your environment, dataset, or operational workflows.
We cover:

• Types of fine-tuning (SFT, LoRA, QLoRA)
• Data preparation
• Training workflows
• Evaluating and validating tuned models

4. AI Agents
Explore how AI agents can automate tasks, perform reasoning, and integrate with systems and APIs.
We cover:

• Multi-step task execution
• Tool calling
• Agent architectures
• Practical use cases for NOGs and ISPs

Why Attend?

• Hands-on, practical focus
• Real examples from engineering and operations
• Learn how to deploy and use LLMs effectively in your environment
• Open discussion, demos, and shared learning with the sdnog community
  

Session's record

https://drive.google.com/file/d/1_FUkQgAddEermA45m-1FYyx8tNQi6Itx/view?usp=share_link 

Optics 101 for Non-Optical (IP) Folks

Overview

Many IP engineers (myself included) still view transceivers as simple devices that convert electrical signals to optical signals and back again.
In this session, we’ll dive deeper to uncover what’s really happening inside  exploring the evolution from basic optical modules to today’s advanced coherent pluggables. 

We’ll recap key optical fundamentals relevant to IP professionals, discuss recent advances in coherent pluggable optics, and examine the industry’s growing move toward IP over DWDM (IPoDWDM).

By the end of this workshop, you’ll understand how these innovations are simplifying and consolidating traditional multi-layer optical and IP networks into a single-layer IPoDWDM packet optical transport architecture — making networks more efficient, flexible, and scalable.

Instructor

Tashi Phuntsho
https://www.linkedin.com/in/tashiphuntsho/ 

Key Takeaways

• Refresh core optical networking concepts for IP engineers
• Understand coherent pluggable optics and their role in modern networks
• Explore the shift to IPoDWDM and what it means for network design
• Learn how to simplify and unify IP and optical layers

Who Should Attend

• IP and transport network engineers
• NOC and infrastructure teams managing optical/IP layers
• Network architects and planners
• Students and early-career professionals interested in optical networking
• Anyone curious about how light and packets work together in modern networks

Session's record 

https://drive.google.com/file/d/16pOQ2wz9KrvSQ2NVWmkBgZqIgM_UeRrA/view?usp=share_link 

About Tashi

Tashi has been working in the Internet industry since 2004 and is currently an Evangelist Optician and APAC Lead for FLEXOPTIX.
He comes with hands-on experience across Telecommunications and IP networks, having worked as a Transmission Engineer, IP Engineer and IP Network Lead for Bhutan Telecom. 
With his knowledge of "how not to do things", Tashi worked as a Senior Network Analyst and Training Delivery Manager at APNIC until 2022.
Outside of his day job with FLEXOPTIX, Tashi also assists with NSRC workshops, especially at NOGs and other Direct Engineering Assistance engagements in the APAC region.
Tashi volunteers as PC Chair for South Asia NOG and Bhutan NOG (founding member), while continuing to help as a PC member for APRICOT, India NOG, and Mongolia NOG (founding member).

Managing the Infrastructure Chaos (IaC)

In today’s fast-moving IT world, managing infrastructure manually can quickly become messy and error-prone. This session introduces Infrastructure as Code (IaC) — a modern approach to automate, organize, and scale your infrastructure efficiently. You’ll learn the mindset, tools, and best practices that help turn chaos into clarity.

Instructor 

Mohammed Almustafa Balila
https://www.linkedin.com/in/mohammedbalila/ 

Level:

Basic to Intermediate — open to anyone interested in automation, DevOps, or cloud technologies.

Session Type:

Instructor-led + discussion and demo session.

Workshop Outline:

• Cloud-Native IaC Mindset
  Understand the principles behind IaC and how it simplifies managing infrastructure.
• IaC Tooling Landscape
  Explore key tools like Terraform, Ansible, and CloudFormation — and when to use each.
• IaC Workflow Overview
  Learn the typical workflow: plan, write, test, and deploy infrastructure code.
• Version Control Best Practices
  Discover how version control keeps infrastructure changes safe, trackable, and collaborative.

Recording:

https://drive.google.com/file/d/1X6EWxZpW77hc60U3G9PLOgkViiIY8qUR/view?usp=share_link 

Slides:

https://drive.google.com/file/d/1frYDZxsHTj_OYXbUGWk7Y-IhgiYd6MUE/view?usp=share_link 

From Code to Cloud: Building a DevOps Pipeline Step by Step

In this hands-on workshop, we’ll explore how to take an application from your laptop all the way to the cloud using modern DevOps practices and tools.
Participants will learn how to build a complete CI/CD pipeline that automates testing, deployment, and monitoring — helping make software delivery faster, more consistent, and reliable.

Through guided demonstrations and real examples, you’ll see how tools like Jenkins, Docker, Terraform, Prometheus, and Grafana fit together in a modern DevOps environment.

Led by :

Samir Abdullatif
https://www.linkedin.com/in/samirsomer/ 

Workshop Level:

Intermediate — open to anyone interested in DevOps, cloud computing, or modern software delivery practices.

Recommended Requirement:

Basic knowledge of Docker is preferred, as we’ll use it throughout the session to containerize and deploy applications.

Agenda:

• Introduction to DevOps concepts and workflows

• Building CI/CD pipelines with Jenkins

• Containerization using Docker

• Automating infrastructure with Terraform

• Monitoring with Prometheus and Grafana

• Connecting all tools for a full end-to-end workflow

Objectives:

By the end of this session, participants will be able to:

• Understand how different DevOps tools integrate to streamline software delivery

• Build a simple CI/CD pipeline from scratch

• Automate deployments and infrastructure management

• Set up basic monitoring for deployed applications

Session's Record 

https://drive.google.com/file/d/1IeNuT498hGfyeIbR3TlDDkY-FQVPZkJ9/view?usp=share_link 

Banking on Innovation: FinTech in Fragile vs. Flourishing Markets

This session takes a look at how innovation in financial technology (FinTech) evolves under two very different realities: fragile markets affected by instability, and flourishing markets driven by steady growth and regulation. Drawing from Sudan’s digital financial landscape before the conflict, the workshop highlights how crisis conditions can accelerate creative problem-solving and drive the adoption of consumer-centric FinTech models.

Session led by

Mohamed Essam
https://www.linkedin.com/in/hassanien-mohamed/ 

Target Audience

Developers, QA engineers, FinTech professionals, and anyone curious about how technology can empower financial ecosystems in challenging environments

Outlines

• Understanding Sudan’s Digital Financial Landscape Before the Conflict
• Navigating the Shift to Consumer-Centric FinTech
• Crisis to Opportunity: Applying FinTech Lessons from Conflict
• Open discussion 

Session's Record 

https://drive.google.com/file/d/1maMWitif20x2Cjnz2vq7HOt0LeYtT4cX/view?usp=share_link 

Different Paths in Mobile Development

Mobile development continues to evolve, offering developers many ways to build a successful career — from freelancing and app monetization to full-time jobs in regional and global markets.
This workshop will highlight different paths and opportunities in mobile development, how to choose the right one for you, and the skills needed to grow in the field.

Workshop Level

Beginner to Intermediate
An open and free discussion session ! everyone interested in mobile development is welcome to join!

Instructor 

Musab Nasreldin
https://www.linkedin.com/in/musabagab/ 

Ayman Barakat
https://www.linkedin.com/in/0x4ym4n/

Agenda

1. Freelancing as a Mobile Developer

• Choosing the right tech stack (Android, iOS, Flutter, React Native)

• Freelance platforms and local client opportunities

• Managing projects and building a strong profile

2. App Monetization

• Different revenue models: ads, in-app purchases, subscriptions

• Best practices for generating sustainable income

• Case studies and real-life examples

3. The Impact of AI on the Freelance Market

• How AI tools are changing the way developers work

• New opportunities and challenges for freelancers

4. Full-Time Jobs and the Global Market

• What skills companies in the Gulf and worldwide are looking for

• Career development tips and interview preparation

• Building a professional portfolio and online presence

Session Record

https://drive.google.com/file/d/1-WKFd1358IF2zKWOhVhrb_kluAR4nMaO/view?usp=share_link 

References have been mentioned on the session :

• https://www.youtube.com/@freecodecamp
• https://owasp.org/www-project-mobile-app-security/
• https://sweep.dev/
• https://www.augmentcode.com/
• https://firebender.com/
• https://www.giac.org/certifications/mobile-device-security-analyst-gmob/
• https://github.com/payatu/diva-android
• https://www.revenuecat.com/state-of-subscription-apps-2025/
• https://adapty.io/state-of-in-app-subscriptions/
• https://roadmap.sh/
• https://androidweekly.net/ 

about Cloud Architecture

Cloud architecture is the backbone of modern IT systems, enabling scalable, flexible, and cost-effective solutions for businesses, developers, and individuals. This workshop will provide an overview of the core building blocks of cloud environments, focusing on practical concepts and services that participants can apply in their own projects.

Workshop Level:

Basic + Intermediate
(Open and free for anyone interested in learning)

Instructor 

Abdelrahman Mohamed
https://www.linkedin.com/in/abdelrahman-mohamed-9b0487210/ 

Agenda

• Introduction
  Overview of cloud concepts and the role of cloud architecture in today’s digital world.
• Resources and Access Management
  Identity, permissions, and policies for secure and efficient resource management.
• Compute and Storage Options
  Understanding virtual machines, containers, object storage, and block storage.
• Network Services
  How networking in the cloud works, including load balancers, VPCs, and security groups.
• References
  Useful learning materials, documentation, and resources to continue your cloud journey.

Objectives

By the end of the workshop, participants will be able to:

• Understand the fundamental components of cloud architecture.
• Compare different compute and storage options for their needs.
  
• Identify where to find reliable references for deeper learning and get certified.

Slides

https://drive.google.com/file/d/19G41OmC7Z2z3qrzfTQJ9ZT0HCgaF3JsI/view?usp=share_link 

References

AWS Certified Solutions Architect
https://drive.google.com/file/d/1Ery9v06NK9PkKFIac9Vsw98zFveXlR9e/view?usp=share_link 

Official Google Cloud certified Professional Cloud architect
https://drive.google.com/file/d/1KyE8PBEQ2aC8g2mzRZ6D_CbNOzPigeZ3/view?usp=sharing 

Recording 

https://drive.google.com/file/d/1ERNtSyOb30qJjY7qg18xr5TqkPugAwMp/view?usp=share_link 

Links 

• https://cloud.google.com/innovators/getcertified?hl=en
• https://docs.aws.amazon.com/
• https://cloud.google.com/docs
• https://discuss.google.dev/
• https://www.examtopics.com/ 
• https://learn.microsoft.com/en-us/azure/?product=popular 

The Missing Layer: Network Know-How & NetSec from the App’s Point of View

Applications don’t run in isolation, they rely on the network to function securely and efficiently. This workshop bridges the gap between application understanding and network fundamentals, giving participants the skills to see networking and security from an application’s perspective.

Instructor

Mohamed Omer Eljack
https://www.linkedin.com/in/omer-eljack/ 

Level

Beginner to Intermediate. Open to all.

Format

Interactive discussion with practical examples and troubleshooting demos.

Topics to be Covered:

• Key Networking Concepts
  Understand the essentials of how networks operate and why they matter for application performance and security.
• OSI Layers & Addressing
  Explore the OSI model, IP addressing, and how these layers impact application delivery.
• App & Network-Based Scenarios
  Dive into real-world cases showing how applications interact with networks — and where things can go wrong.
• Troubleshooting
  Learn how to spot, analyze, and resolve issues where the application and network layers meet.

Who Should Attend:

• Developers and sysadmins who want to strengthen their networking and security knowledge.
• Early-career professionals looking to connect application performance with network behavior.
• Anyone curious about the “missing layer” between apps and networks.

Session Record

https://drive.google.com/file/d/106WnD9V7T1BAvXwBPkGYRfzcgO5c50TY/view?usp=share_link 

Automation with Ansible

Automation is transforming the way we manage IT systems and networks. Instead of doing repetitive tasks manually, automation allows us to save time, reduce human errors, and ensure consistency across our environments. In this workshop, we will explore the fundamentals of automation, learn about popular tools, and dive into Ansible a simple, yet powerful automation engine.

Level

Beginner to Intermediate
Open and free session , anyone interested in learning is welcome!

Instructor

Sander Steffann
https://www.linkedin.com/in/sandersteffann/ 

Agenda

Automation in general
• Benefits of automation
• What to automate?
• What not (yet) to automate?
• Available automation tools

Working with Ansible
• What is Ansible?
• Installing Ansible
• How Ansible Works and its Key Components
• Using the Ad-Hoc ansible command

Ansible playbooks
• YAML syntax
• Creating an inventory
• Playbook Basics
• Available Ansible modules
• Organising playbooks into roles

Objectives

By the end of this workshop, participants will be able to:

• Understand the role and benefits of automation in IT operations

• Set up and use Ansible for basic automation tasks

• Write and run simple Ansible playbooks

• Structure automation workflows using roles and modules

Slides

https://ripe90.ripe.net/wp-content/uploads/presentations/60-2025-05-12-RIPE-90-Ansible-101.pdf 

Session's record 

https://drive.google.com/file/d/1EzVqjimo5yDTn8rlJ0Ks-nCrNHxCjAqv/view?usp=share_link 

DNS & DNSSEC
 operational best practices

Sleep better at night with KINDNS in your network!

In this workshop, we will cover the basics of DNS operations, explore the importance of DNSSEC for authentication and integrity, and introduce KINDNS — a practical framework that provides clear guidelines and self-assessment tools to help operators follow best practices. Together, these topics will give participants a roadmap for running DNS services more securely and reliably.

Workshop Level

Intermediate
Open and free for anyone interested in learning.

Instructor 

Philip Paeps > Trouble :-) 
https://trouble.is/who/ 

Workshop Outline / Topics:

• Core Guidelines (for everyone)

• ACLs: How to restrict traffic to DNS servers

• DNSSEC Validation: It’s easy – turn it on already!

• Enabling DNSSEC

• KINDNS Self-Assessment

• Best Practices and Hands-On

Workshop Objectives

By the end of this workshop, participants will:

• Understand the importance of securing DNS operations.

• Learn how to apply simple but effective access control to DNS servers.

• Enable and test DNSSEC validation in their environments.

• Perform a KINDNS self-assessment to measure their operational health.

• Explore best practices through real-world examples and hands-on demonstrations.

Target Audience

• Network engineers

• System administrators

• Students and newcomers interested in DNS security

• Anyone running or planning to run DNS infrastructure

Slides and Materials

• Slides:

 https://docs.google.com/presentation/d/1Sm6HtkCz1SONqyt5su4WCP59fsavORhl/edit?usp=share_link&ouid=115115255437803652362&rtpof=true&sd=true 

• Hands-on: 

https://drive.google.com/file/d/1-5ZgJmLRu8wFQvf9ULaw3mlV6C1MgdMl/view?usp=share_link 

Session's record 

https://drive.google.com/file/d/1P_PehD939T5D53DELvrVr0HfDNJ7vbo0/view?usp=share_link 

Getting Started with AI: Tools, Skills, and Pathways for Newbies

Artificial Intelligence (AI) is now part of our daily lives ; in school, work, and beyond. This workshop is for students, new graduates, and anyone curious to learn what AI is, which tools to use, and how to start building skills step by step.

Workshop Level

Basic /Intermediate.
This is an open and free session for anyone interested in learning. All are welcome!

Trainer

Adebowale Aduloju
https://www.linkedin.com/in/adebowaleaduloju/ 

Outline:

• What AI is today (and what it cannot do yet)

• Useful AI tools for students and beginners (ChatGPT, Claude, Canva AI, etc.)

• How to build AI knowledge and skills

• Jobs and career opportunities with AI

• A simple 90-day action plan to get started

Objectives

By the end of this session, you will:

• Understand what AI can and cannot do

• Know which tools to use for studying and work

• See different ways to learn AI (technical and non-technical)

• Learn how AI is used in different industries

• Have a clear plan for the first 90 days of learning AI

Who Should Join

• Students who want to use AI in their studies

• Fresh graduates starting their careers

• Young professionals who want to add AI to their skills

• Anyone who wants to start learning AI but does not know where to begin

Slides 

https://gamma.app/docs/Getting-Started-with-AI-Tools-Skills-and-Pathways-for-Newbies-ehfv2t9ybkzx2fm 

Session's record

https://drive.google.com/file/d/1AAG5Fnf7owZ_FdQuUal0yYPhqQt6AvJ_/view?usp=share_link

Proxmox Virtual Environment (PVE)

Overview

This workshop will take participants through real-world lessons learned from deploying and managing Proxmox Virtual Environment (PVE) and Proxmox Backup Server (PBS). From core principles to practical deployment scenarios, we’ll cover the truths every sysadmin should know, common pitfalls, and strategies for building reliable, secure, and scalable infrastructure.

Workshop Level

Intermediate to Advanced 
Designed for sysadmins, network engineers, and IT professionals who want practical insights into deploying and running PVE/PBS in production.

Trainer

Hendrik Visage
https://www.linkedin.com/in/hendrik-visage/ 

Learning Objectives

By the end of the workshop, participants will:

• Understand key principles of system administration (truths & best practices).

• Learn what PVE & PBS are, and how they fit into modern IT infrastructure.

• Compare LXC/containers vs QEMU/VMs and when each is appropriate.

• Explore ZFS (strengths, weaknesses, and gotchas) and discuss CEPH.

• Review deployment examples with SSDs, HDDs, and NVMes.

• Understand PVE networking models (Linux Bridge vs OpenVSwitch, MCLAG, L3 networking).

• Learn about IPv6 adoption challenges with PVE/PBS.

• Gain practical tips on backup strategy, offsite storage, and firewalling.

Agenda

1. Introduction: The Sysadmin Truths

   • General truths (what applies globally vs locally).

   • RFC1925 – truths to remember.

   • Hendrik’s Rule of Computers: Backups, backups, and checking backups.

2. Proxmox VE & PBS – What & Why

   • Overview of PVE & PBS features.

   • Containers vs Virtual Machines: LXC vs QEMU.

   • ZFS: the Good, the Bad, and the Ugly.

   • CEPH? When to consider distributed storage.

3. Deployment Insights

   • Real-world deployment experiences (SSD, HDD, NVMe combinations).

   • Still using HDDs + NVMEs effectively.

   • PBS storage considerations (SSD vs HDD, offsite backup strategies).

   • ZFS warnings and performance tips.

4. Networking in PVE

   • Linux Bridge vs OpenVSwitch.

   • MCLAG, bonding, and L3 networking – choosing the right setup.

   • SDN integration.

   • IPv6 support: what works, what doesn’t.

   • Security: firewalling everything, example architectures.

5. Q&A and Open Discussion

Slides 

https://drive.google.com/file/d/19bk7Hl27lbt7_iJx7wOXjS_spIKKwu_Y/view?usp=share_link 

Session's record

https://drive.google.com/file/d/1gWS-xeqLVtPqNM5j0WEy_PYK18Pvkui2/view?usp=share_link 

interesting reading/watching

• https://postgresconf.org/conferences/SouthAfrica2018/program/proposals/using-zfs-on-linux-with-postgresql
• https://www.youtube.com/watch?v=o3iCXk7d0Ss
• https://archive.org/details/lcza18-ZFS_on_Linux_and_inside_VMs

IPv6 101: Basics & Fundamentals

Overview:

This introductory workshop is designed to demystify IPv6 and help participants understand why it is the foundation of the Internet’s future. We will walk through the basics of IPv6, highlight its key differences from IPv4, and show how it enables the continued growth of the Internet. Whether you’re a student, a network engineer, or just curious about Internet technologies, this session will give you the knowledge to get started.

Instructor

Saleh Shihabeldin Mahmoud
https://www.linkedin.com/in/saleh-shihabeldin-mahmoud-abdelhameed-b9451b189/ 

Level

Discussion Workshop, Open to everyone!  
No prior experience required. Whether you’re just starting out or already have knoweldge, you’re welcome to join, share your knowledge, and learn from others. 

Language

Arabic

Topics Covered

• Why IPv6? Understanding the limitations of IPv4 and the need for IPv6
• IPv6 address structure and representation
• Types of IPv6 addresses
• IPv6 configuration basics
• Introduction to IPv6 routing
• Transition mechanisms
• Real-world applications and adoption status
• How to get IPv6 certified
• Q&A and open discussion

Materials

Slides here : https://drive.google.com/file/d/1lQZR4Ex2qYdQ3zivAQi5uNPHRUj6eUtK/view?usp=share_link 

Session's record

https://drive.google.com/file/d/1gYH6hiHkZa7skkDYA9uariokVWRx3iYl/view?usp=share_link 

IT Infrastructure Roadmap

The IT Infrastructure Roadmap workshop is designed to guide participants through the essential building blocks of IT infrastructure, from foundational concepts to advanced practices. This session provides a comprehensive view of the technologies, platforms, and skills needed to build a solid career in IT infrastructure.

Instructor

Sufyan Abdalkarim
https://www.linkedin.com/in/sufyan-abd-el-kareem

Level

Discussion Workshop – Open to everyone!  
No prior experience required. Whether you’re just starting out or already working in IT, you’re welcome to join, share your knowledge, and learn from others. 

Language

Arabic

Topics Covered

• Overview of IT Infrastructure
• Compute, Networking, Storage
• Foundational Knowledge for IT Infrastructure
• Key Vendors and Their Offerings
• Certifications and Hands-On Experience
• Cloud Computing Essentials
• Windows and Linux Servers
• Virtualization Platforms
• Advanced Topics: Monitoring, Security, DevOps, Databases, Web & App Development
• Q&A
  

Learning Outcomes

By the end of this workshop, participants will:

• Understand the building blocks of IT infrastructure.
• Gain awareness of major vendors and their certifications.
• Be equipped with a roadmap for advancing in the IT infrastructure field.
• Learn how cloud, security, and DevOps fit into modern infrastructure.

Zoom Link

https://us06web.zoom.us/j/86772045603?pwd=mhaC1C4bWiRjLc3zs42qKAQhnKuSi3.1 

Materials

• RHCSA roadshow:  https://xmind.ai/share/Ll0UiqtN?xid=KT34nYY6
• IT Skills  roadshow: https://xmind.ai/share/K6eG68vp?xid=o2GY1fpS 

• IT Skills:

  https://drive.google.com/file/d/1BschRH4AlQV0byNhkoJpH-FCAxc8wuD1/view?usp=share_link 

• IT Infrastructure Roadmap
  https://drive.google.com/file/d/1PAphHcJ911uFZkdz9xYVjn3IIvVpGZ2x/view?usp=share_link 
  

Books :

CompTIA.Network+
https://drive.google.com/file/d/1WAnSn5K8OklAMTkTKv9pz8tt39S4PrhN/view?usp=share_link 

CompTIAExamCram2-Server-Plus
https://drive.google.com/file/d/1yYhL6PSjXLKFbowN1WC968ekburMD5ri/view?usp=share_link 

Data.Storage.Networking-Real.World.Skills
https://drive.google.com/file/d/1si16o1l5S-e-qCJ7y1oDRezj-EDeuwEO/view?usp=share_link 

Session's record

https://drive.google.com/file/d/1iHI8nbEc7x1SZ5vHuG8ph7riVCL6vmNd/view?usp=share_link 

Cyber Security Roadmap: What You Need to Know and Do

This session will introduce you to the core principles of cybersecurity, helping you understand common threats and how to build better digital safety habits. also The session will guide you on how to start your career in the field, what you need to learn, and what to focus on. The trainer will share his personal journey and practical tips that may help you along the way.

Workshop Level

Awareness and Discussion 

Instructor

• Ashraf Salah
  https://www.linkedin.com/in/ashrafsalahibra/ 

Language

Arabic + English

Date & Time

• Date :  Saturday 9 August 2025 
• Time: 11:00 UTC ( 13:00 Sudan Time)

We will cover:

• What cybersecurity is and why it’s essential
•  Key Terms & Concepts
• How to recognize threats like phishing, malware, and social engineering
• Best practices for staying secure online
  
• What are the Skills you need to know :

  • Networking Fundamentals

  • OSI / TCP/IP Model
  • Core Protocols
  • Operating Systems
  • Programming & Scripting Basics
• An overview of well-known cybersecurity certifications you can pursue to deepen your knowledge
  

This session is friendly for all experience levels, perfect for anyone looking to become more security-aware.

Who Should Attend:

•  Students and early-career professionals
• NGO or business staff with digital responsibilities
• Anyone interested in online safety and cybersecurity awareness

Session's record

https://drive.google.com/file/d/1Vx_ZvaEFcPAag0ptTPyremDzN5DGP4_U/view?usp=share_link 

Reference 

Cisco Certified Support Technician (CCST) Cybersecurity 100-160 Official Cert Guide
https://drive.google.com/file/d/1AczATVZh9dIfyaSp-XmDSGzffhJPsh7R/view?usp=share_link

دورات الأمن السيبراني بالعربية
https://netriders.academy

قناة تكناوي دوت نيت
https://www.youtube.com/@technawidotco

DevOps Skills Roadmap

This workshop offers a beginner-friendly introduction to the essential skills required for anyone interested in DevOps. Whether you're a student, aspiring DevOps engineer, or just exploring the field, this session will help you understand the path to becoming skilled in DevOps.

Instructor

Omar Elhaj
https://www.linkedin.com/in/omar-aladdin/ 

Trainers

• Mohamed Oshari
• Ahmed Soria

Level

Discussion Workshop – Open to everyone!  

Language 

Arabic

Workshop Content

We will walk through the DevOps Skills Roadmap, focusing on what you need to learn for each area, and what tools or technologies are commonly used in these points: 

• Network basics
• System admin (Linux - windows)
• Webserve
• Scripting
• Database management
• Source Code Management
• Containeraztion
• Container orchestration
• Cloud computing
• CI/CD
• Configuration management
• Infrastructure as a code
• Secret management
• Observability
• Extra:
   - Gitops
   - DevSecOps

By the end of the session, participants will have a clear picture of the DevOps landscape, the progression of skills, and how to start learning each area.

Materials

https://drive.google.com/file/d/1f5J9cvfE2EZf2wpYlgTdlZYHTqCgvj2-/view?usp=share_link 

Session's record

https://drive.google.com/file/d/1XtbRDgGJp7aBvLA4azaQa8fQggzSguKu/view?usp=share_link 

Load Balancing Strategies: From Theory to Practice with HAProxy

Date & Time

• Event: sdnog weekly workshops
• Date: Saturday 19 July 2025
• Time: 13:00 - 15:30 (Sudan Time)
• language : Arabic

Intended Audience

This workshop is specifically designed for Senior Systems Engineers who are looking to deepen their understanding of load balancing and HAProxy configuration.

Description

This workshop is a comprehensive 2-hour session that includes both theoretical concepts and practical hands-on labs, with a short break about the Importance of load balancing in modern infrastructure

Instructor

• Manhal Mohamed
  https://www.linkedin.com/in/manhalmohammed/

Tutor 

• Abdelrahman Mohamed
  https://www.linkedin.com/in/abdulrahmanfagiry/ 

Agenda

Introduction (5 minutes)

• Brief overview of load balancing concepts
• Importance of load balancing in modern infrastructure

Load Balancing Fundamentals (15 minutes)

• Types of load balancers:

 * Layer 4 (L4) vs. Layer 7 (L7)

• Common load balancing algorithms:

 * Round Robin
 * Least Connections
 * IP Hash

• Health checks and failure handling

Introduction to HAProxy (10 minutes)

• Overview of HAProxy and its key features
• Architecture and components of HAProxy

HAProxy Configuration Basics (20 minutes)

• Structure of the HAProxy configuration file
• Key sections:

 * Frontend
 * Backend

• Access Control Lists (ACLs) and `use_backend` rules

Advanced HAProxy Features (20 minutes)

• SSL termination
• Sticky sessions
• HTTP rewriting and redirection
• Logging and monitoring

Live Demo: Setting up HAProxy (30 minutes)

• Installing HAProxy
• Configuring a basic load balancer
• Testing and verifying the setup
• Demonstration of advanced features

Best Practices and Performance Tuning (10 minutes)

• Optimization of HAProxy configuration
• Security considerations
• Scaling HAProxy

Session Hands-On

• Slides "click here"
• HAProxy Lab Setup Guide - Multi-OS Installation

Session's Record

https://drive.google.com/file/d/1CllH3fveQhA-ZHfFC2ydCyyHaUXE6zka/view?usp=share_link 

UNIX Boot Camp

This bootcamp is designed to provide participants with a basic overview of essential Unix/Linux commands, enabling them to navigate the file system and perform tasks such as moving, copying, and editing files. It will also include a brief introduction to key networking commands in Unix.

This workshop is suitable for BSc students, recent graduates, and anyone with a strong interest in learning Linux.

Workshop Level

Basic Level

Instructor

Tutors

Requirements

Language

Arabic

Date & Time

Outlines

Part 1 5 July 2025	Session 1 - Intro To Linux: - Birth of Linux. - Linux features. - Unix and Linux families. - Command line vs Gui - Accessing the command line   Session 2 - Managing Files from the command line: - List options (ls). - Change Directory (cd). - Absolute path and relative path. - copy and move (cp & mv). - Wildcards.
Part 2 26 July 2025	Session 3 - Getting help in Linux: - help options. - man pages. - Locating Files on the System (locate command). - Find command.   Session 4 - Managing files in Linux: - Using head, tail and grep. - Creating and editing files. - Nano text editor. - Vim text editor. Lab3 Link Lab4 Link
Part 3 16 August 2025	Session 5 - Managing Local Linux Users and Groups: - Manage Linux users. - Manage Linux groups. - Files permissions. Session 6 - Monitoring and Managing Processes and Services in Linux:                                                          - Monitoring Processes. - Managing Processes. - Managing Services and Daemons.

Material

• Workshop materials are shared here:
  https://drive.google.com/drive/folders/15ka8kxWEZ37aOxs7qBYkTjg2kxz-71O6?usp=share_link

Session's Record

Part 1 :

https://drive.google.com/file/d/10UvuheZ_2IqvX58cDIGmlZ02wOMMPqvz/view?usp=share_link 

Part 2:

https://drive.google.com/file/d/1Fa_buz4wWKG81ew7zKDS_1pHR3GneoqU/view?usp=share_link 

Part 3:

https://drive.google.com/file/d/18C2-0mVMtyznoGZ3iMpPDZM4PBgxAip5/view?usp=share_link 

BGP Resource Management Workshop

The IRR system is a global databases where network operators publish their routing policies and announcements in order for other interested network operators to use that data, for ease of interconnecting and working together. In this workshop we will discuss in details the IRR system and to use it to manage your resources. Attendees will learn how to use common automation techniques to use the IRR easily and efficiently to perform network management.

Special Thanks To Our Sponsors

We Would like to Thanks our wonderful sponsors! without whom our workshop would not be possible:

• Infrastructure Provider : INX-ZA
• Meeting Platform Support: Global NOG Alliance
• Supporting Organization : Packet Clearing House

Objectives

By the end of this workshop you will be able to :

• Understand the Internet Routing Registry system
• Understand the importance of Registering IRR Objects
• Know how to confirm that your resources are accurately registered (and fix shortcomings)
• Learn how to automate your network filtering.
• Know what is RPKI and How to get a ROA

Workshop Level

Intermediate Level

Who should attend

Individuals involved in BGP, BGP network filtering.

Requirements

• You should have some idea of how Internet peering and transit works
• You should have conceptual BGP skills
• You should know how to manipulate objects in a WHOIS database

Date & Time

• Date: Sunday, 27 March 2022
• Time: 08:00 - 11:00 UTC ( 10:00 - 13:00 Sudan Time)

Instructors

• Alkhansaa Abdalla - IP Number Resource Analyst (AFRINIC)
• Dibya Khatiwada - Global Peering Coordinator (Packet Clearing House)
• Edd
• Hiba Abbas
• Nishal Goburdhan

Fees

Free :-)

Materials

You can download the slides from here

Reference

Some useful reading material

• AFRINIC’s Internet Routing Registry (IRR)
• A Quickstart Guide to Documenting Your Prefixes with IRR

ISOC Chapters collaboration (Sudan & Lebanon) : DNS/DNSSEC Workshop

The Internet Society (ISOC) Chapters of Sudan and Lebanon have joined forces to strengthen regional expertise in DNS and DNSSEC technologies. This collaboration aims to foster knowledge exchange, build technical capacity, and promote best practices in secure domain name system management.

The DNS/DNSSEC Workshop serves as a platform for participants to learn from experienced trainers and peers, enhancing their skills in DNS operations, DNSSEC implementation, and overall internet security. By working together, the Sudanese and Lebanese ISOC Chapters are creating opportunities for technical advancement and regional cooperation, contributing to a safer and more resilient internet.

Workshop Level

Intermediate Level.
Anyone working with DNS in their corporate or carrier infrastructure will find this class worthwhile. IT technicians, Systems administrators,..

Instructor

• Mohamed Alnour Hafez

Date & Time

• Date:  17-20 December 2024 
• Time:  5:00pm Beirut time

Workshop Modules 

Requirements 

ICANN DNS Workshop

Domain Name System "DNS" is one of the core services in the Internet, it translates domain names to IP addresses. This is a 3-days, online theoretical workshop in collaboration with ICANN. You’ll get a comprehensive overview of DNS operations, abuse and security.

Objectives

By the end of the workshop, attendees will know what is DNS? how it works? how to prevent DNS abuse and how to secure it?

Workshop Level

Beginner Level

Prerequisites

• Good understanding of network basics (IP networking)

Date & Time

• Day 1 : DNS Operations: 16 February 2021, 10:00 AM - 11:30 AM (KRT Time)
• Day 2 : DNS Abuse: 17 February 2021, 10:00 AM - 12:00 PM (KRT Time)
• Day 3 : DNSSEC: 18 February 2021, 10:00 AM - 11:00 AM (KRT Time)

Trainers

This online workshop will be delivered by

• Paul Muchene
• Yazid Akanho

Agenda

Day 1: DNS Operations

1. What is DNS?
2. Some common DNS records
3. DNS resolution process
4. Caching
5. Some best practices

Day 2: DNS Abuse

1. What is abuse of DNS?
2. Categories of DNS abuse
3. Solutions overview
4. Recommendations

Day 3: DNSSEC

1. Why DNSSEC ?
2. What does DNSSEC protect and what doesn’t it protect?
3. DNSSEC deployment status around the world and in the region.
4. Who can implement DNSSEC?
5. Overview of DNSSEC concepts and new resource records.

Offline Materials

• DNS Operation
• DNSSEC
• DNS Abuse

Hardening a web-server for the modern internet

Introduction

Hands on how to secure your network Three day course – Philip Paeps

Objectives

By the end of the workshop, everyone should know how to run secure services in jails on FreeBSD and use the pf firewall to keep malicious people on the internet out of their jails.

Prerequisites

Participants should be familiar with Unix-style operating systems. The course is taught on FreeBSD but the environment will be familiar to people with a systems administration background on Linux or Solaris. Participants should bring their own laptops.

Participants

Systems administrators and network operators who are running Network services in their organization.

Workshop Requirements

• Knowledge of Linux/UNIX command line
• Good understanding of network basics (IP networking)
• All participants will need to bring a laptop with WiFi access. You cannot use a tablet for this workshop.

Instructors

Philip Paeps

Agenda

Time	Day 1: Sunday 14 August	Day 2: Monday 15 August	Day 3: Tuesday 16 August
08:30 – 09:15 (45 minutes)	Registration and coffee	Registration and coffee	Registration and coffee
09:15 – 11:15 (120 minutes)	• Installing FreeBSD in a VM • Where to find installation media • Which installation to choose •Installing on a clean machine	• Advanced jails • Installing a jail from scratch • Isolating jails with pf • Nested jails	• Jailing the Postfix mailserver • Installing Postfix from a package • Configuring a basic Postfix in a jail • letsencrypt.org certificate for SMTP
11:15 – 11:30 (15 minutes)	Coffee break	Coffee break	Coffee break
11:30 – 13:00 (90 minutes)	• FreeBSD is not Linux • Filesystem overview • init(8) and rc(8) (NO SYSTEMD!) •Starting and stopping processes • Package management with pkg(8)	• Using ezjail for easier management • Installing a dozen jails in two minutes •Upgrading jails • Deleting and archiving jails • Package management across many jails	• Hardening Postfix against spammers • DNS blacklists and whitelists •Sender and recipient restrictions •Fun tricks with multiple IP addresses
13:00 – 14:00 (60 minutes)	Lunch	Lunch	Lunch
14:00 – 15:30 (90 minutes)	• pf: the BSD firewall • Default-deny ruleset • Allowing services • NAT and port forwarding	• Jailing and securing nginx • Installing nginx in a fresh jail • Tuning nginx for maximum security •Obtaining and managing letsencrypt.org certificates •Online tools for confirming webserver security	• Building your own custom packages • Introduction to Poudriere • Installing Poudriere in a jail
15:30 – 15:45 (15 minutes)	Coffee break	Coffee break	Coffee break
15:45 – 16:30 (45 minutes)	•Introduction to jails • Lightweight virtualisation • Jails vs. virtual machines • Mention bhyve	•Exercises with nginx • Reverse proxies across multiple jails •Dodgy services locked up in nested jails	• Putting it all together • ezjail, poudriere, nested jails •Mostly automated installations •Using multiple package repositories

DNS Workshop

The Domain Name System is one of those topics in IT that you hope is simple and straightforward even though you know everything in IT is complicated. And guess what? DNS is much more complex than first meets the eye! In this hands on focused class we start with the basics and work our way through all of the DNS complexity. The goal of the workshop is to enable the participants to understand the basics of DNS , How to build and activate a caching/authoritative DNS Server and also to understand the role of DNS on the Internet. This workshop is suitable Systems administrators and network operators responsible for the DNS services in their organization.

Workshop Level

Intermediate Level.
Anyone working with DNS in their corporate or carrier infrastructure will find this class worthwhile. IT technicians, Systems administrators,..

Instructor

• Mohamed Aymen
• Abdelrahman Mohamed Hassan
• Sara Mohammed

Requirements

• A good understanding of core TCP/IP concepts is a requirement.
• Basic knowledge of Unix/Linux systems
• Students should have a reasonably solid understanding of LAN/WAN networking.
• Laptop with Wireless card working and minimal of 4G RAM

Date & Time

• Date: Saturday, x.x.x.x
• Time: 9:30AM - 4:30PM

What you will learn

• Learn the details of how DNS operates. Gain real world, practical DNS deployment and troubleshooting skills.
• Comprehend Basic concepts of DNS
• Learn how to host, dig, and nslookup
• Comprehend Domain name registration
• Comprehend Root zones
• Comprehend BIND 9 installation from source code
• Configure caching-only name server
• Comprehend DNS (Domain Name System) administration
• Set up Master DNS server and Slave DNS server
• arpa zones
• Delegate zones to other DNS servers
• Comprehend Resource Records
• Understand named logging
• Comprehend DNS zones
• Comprehend Techniques of DNS troubleshooting
• Comprehend Common BIND error messages

Registration

*Registration link will be here*

Workshop materials

you can find this workshop materials at:
https://drive.google.com/open?id=1eI9PeE5KBad8Y_BAPdal6QyaCmipk2Xp

DNSSEC Workshop

Introduction

Hands on DNS and DNSSEC Three day course – Philip Paeps

Objectives

At the end of this course, participants will be familiar with the Domain Name System and Security Extensions to the Domain Name System (DNSSEC). The course is taught "hands-on" in a virtualised FreeBSD environment. Participants will configure authoritative and recursive domain name servers and will learn to analyse and debug common misconfigurations and bugs

Prerequisites

Participants should be familiar with Unix-style operating systems. The course is taught on FreeBSD but the environment will be familiar to people with a systems administration background on Linux or Solaris. Participants should bring their own laptops. The virtualised lab environment is hosted on a server in Germany. Reliable internet connectivity with reasonable latency is required

Participants

Systems administrators and network operators responsible for the DNS services in their organisation.

Workshop Requirements

• Some understanding of DNS is required (for example, operational experience managing DNS servers is useful)
• Some knowledge of Linux/UNIX command line
• Good understanding of network basics (IP networking)
• All participants will need to bring a laptop with WiFi access. You cannot use a tablet for this workshop.

Instructors

Philip Paeps

Agenda

Time	Day 1: Sunday 23 August	Day 2: Monday 24 August	Day 3: Tuesday 25
08:30 – 09:15 (45 minutes)	Registration and coffee	Registration and coffee	Registration and coffee
09:15 – 11:15 (120 minutes)	• Introduction to DNS • Resource records • Delegation • Queries, responses and flags	•Configuring authoritative nameservers • Setting up DNS zonefiles • Delegating authority • Debugging common zonefile problems	• Introduction to DNSSEC • New resource records and flags in DNSSEC • Validating a domain from the root step by step
11:15 – 11:30 (15 minutes)	Coffee break	Coffee break	Coffee break
11:30 – 13:00 (90 minutes)	• DNS packet analysis • DNS data flow • DNS vulnerabilities	• Very brief introduction to cryptography •Using TSIG to secure queries	• Key management: ZSKs and KSKs • Theory of key rollover and best practices
13:00 – 14:00 (60 minutes)	Lunch	Lunch	Lunch
14:00 – 15:30 (90 minutes)	• Tools: dig, drill, host, nslookup, tcpdump • Tools exercises • Resolving a domain from the root by hand	• Configuring secondary nameservers • Configuring TSIG to secure zone transfers • Debugging common zone transfer issues	• Manually signing a zone with BIND 9 • Configuring automatic DNSSEC with BIND 9 • Brief introduction to OpenDNSSEC
15:30 – 15:45 (15 minutes)	Coffee break	Coffee break	Coffee break
15:45 – 16:30 (45 minutes)	• Introduction to the lab environment • Discussion and Q&A	• Configuring unbound as a recursive resolver • Discussion and Q&A	• Configuring unbound with trust anchors • Demo with SSHFP and TLSA • Discussion and Q&A

Ethical Hacking Workshop

One Day workshop about Ethical Hacking and Information Security that will introduce a general background for students to know how to scan, test, hack and protect their own systems and gives each student in-depth knowledge and practical experience about the current essential security systems. It will also help them to understand how to secure and protect their networks.
The goal of this course is to help participants to master an ethical hacking methodology that can be used in a penetration testing or ethical hacking situation and its techniques.
This workshop is suitable for Network Engineers, Network Security Engineer, network administrators and for those who have strong interests in information security and hacking.

Workshop Level

Intermediate Level

Instructor

Requirements

Date & Time

Outline

Registration

*Paste registration link here*

 

Containerization with Docker

This workshop introduces participants to Docker and the fundamentals of containerization. You’ll learn how containers work, how they differ from virtual machines, and how to set up and use Docker to run, manage, and build containerized applications.

Workshop Level

Medium  Level

Instructor

Requirements

Language

Arabic

Date & Time

Outlines

Introduction: What is a Container?
- Understanding containers and their benefits
- Why use containerization in modern development and operations?

Containers vs Virtual Machines (VMs)
- Key differences in architecture and performance
- Use cases: when to choose containers vs VMs

Setting Up Docker
- Installing Docker on Linux, macOS, and Windows
- Docker Desktop vs Docker Engine
- Running your first Docker command

Running Your First Container
- Docker run, exec, and logs commands
- Working with interactive and detached modes
- Pulling images from Docker Hub

Managing Containers
- Listing, stopping, restarting, and removing containers
- Understanding container lifecycle
- Using Docker Compose for multi-container apps (intro)

Containers and Storage
- Volumes vs bind mounts
- Data persistence across containers
- Managing storage for stateful applications

Building Docker Images
- Writing a Dockerfile
- Using docker build and tagging images
- Best practices in image creation

Publishing and Sharing Images
- Pushing to Docker Hub or private registry
- Image versioning and access control
- Automating builds (intro to CI/CD pipelines with Docker)

Session's record

https://drive.google.com/file/d/12JgP2KjKJHn2T11-g7yxXB8VLqwlptC1/view?usp=share_link 

High Availability in LAMP Stack workshop

The workshop will show how to deploy LAMP Stack web application in a high availability environment to avoid single point of failure by utilizing different tools and technologies such as load balancer, clustering and distributed storage.

Workshop Level

Intermediate Level

Instructor

Samir Abdullatif

Requirements

• Knowledge about LAMP Stack
• Ability to install software in Linux
• Basic networking knowledge

OS, Software and tools used

Ubuntu 16.04 LTS,

• HAProxy
• Keepalived
• GlusterFS
• Percona XtraDB Cluster

Date & Time

• Date: Saturday, x.x.x
• Time: 9:00AM - 4:30PM

Outline

• LAMP Stack
• Single Server Architecture vs. Multi-tier Architecture
• High Availability and Scaling
• Load balancing
• Floating IP
• Shared Storage
• Database Clustering

Lab topology

Registration

paste registration link here

HAProxy Lab Setup Guide : Multi-OS Installation

Prerequisites

• 3 VMs (or use VirtualBox/VMware Workstation to create them)
• Web browser access (for those using AFNOG infrastructure)

VM Setup

1. VM1: HAProxy
   • IP: 192.168.1.X
2. VM2: Apache Server
   • IP: 192.168.1.Y
3. VM3: Nginx Server
   • IP: 192.168.1.Z

Local Hosts File Configuration

Add the following entries to your local hosts file, pointing them all to the HAProxy IP (192.168.1.X):

192.168.1.X lb.lab.afnog.org 
192.168.1.X www.lab.afnog.org      
192.168.1.X nginx.lab.afnog.org
192.168.1.X apache.lab.afnog.org

Step 1: Install and Configure HAProxy (VM1)

Red Hat-based systems (CentOS, Fedora)

sudo yum update
sudo yum install haproxy

Debian-based systems (Ubuntu, Debian)

sudo apt update
sudo apt install haproxy

FreeBSD

sudo pkg update
sudo pkg install haproxy

Step 2: Install and Configure Apache (VM2)

Red Hat-based systems

sudo yum update
sudo yum install httpd
sudo systemctl start httpd
sudo systemctl enable httpd

Debian-based systems

sudo apt update
sudo apt install apache2

FreeBSD

sudo pkg update
sudo pkg install apache24
sudo sysrc apache24_enable="YES"
sudo service apache24 start

Create a custom index.html:

echo "This is the Apache Server" | tee /var/www/html/index.html

On FreeBSD

echo "This is the Apache Server" | tee /usr/local/www/apache24/data/index.html

Step 3: Install and Configure Nginx (VM3)

Red Hat-based systems

sudo yum update
sudo yum install nginx
sudo systemctl start nginx
sudo systemctl enable nginx

Debian-based systems

sudo apt update
sudo apt install nginx

FreeBSD

sudo pkg update
sudo pkg install nginx
sudo sysrc nginx_enable="YES"
sudo service nginx start

Create a custom index.html:

echo "This is the Nginx Server" |  tee /var/www/html/index.html  
 # For FreeBSD:
echo "This is the Nginx Server" | tee /usr/local/www/nginx/index.html 

HAProxy Configuration

Step 1: Basic Frontend and Backend Setup (Round-Robin)

HAProxy Configuration: Edit the HAProxy configuration file:

• Red Hat and Debian: /etc/haproxy/haproxy.cfg
• FreeBSD: /usr/local/etc/haproxy.conf

Add the following configuration:

global
    log         127.0.0.1:514 local1 info
    chroot      /var/empty
    pidfile     /var/run/haproxy.pid
    maxconn     4000
    user        haproxy
    group       haproxy
    daemon

defaults
    mode                    http
    log                     global
    option                  httplog
    option                  dontlognull
    option http-server-close
    option forwardfor       except 127.0.0.0/8
    retries                 3
    timeout http-request    10s
    timeout queue           1m
    timeout connect         10s
    timeout client          1m
    timeout server          1m
    timeout http-keep-alive 10s
    timeout check           10s
    maxconn                 3000

frontend http-in
    bind *:80
    default_backend www_back

backend www_back
    balance roundrobin
    server nginx_server vm1.log.afnog.org:80 check
    server apache_server vm2.lab.afnog.org:80 check

Restart HAProxy:

 systemctl restart haproxy 

Step 2: Advanced Configuration with ACLs (Access Control Lists)

Updated HAProxy Configuration:

Modify the existing HAProxy configuration to include the following:

frontend http_front
    bind *:80
    acl url_nginx hdr(host) -i nginx.lab.afnog.org
    acl url_apache hdr(host) -i apache.lab.afnog.org
    use_backend nginx_back if url_nginx
    use_backend apache_back if url_apache
    default_backend www_back

backend www_back
    balance roundrobin
    server nginx_server 192.168.1.Z:80 check
    server apache_server 192.168.1.Y:80 check

backend nginx_back
    server nginx_server 192.168.1.Z:80 check

backend apache_back
    server apache_server 192.168.1.Y:80 check

To set up an active-passive configuration for your backend node, adjust the existing HAProxy configuration to include the following:

backend www_back
    balance roundrobin
    server nginx_server 192.168.1.Z:80 check
    server apache_server 192.168.1.Y:80 check backup 

this setup will make node apache_server as a passive node and will not recive traffic unless node nginx_server is down

Restart HAProxy:

 sudo systemctl restart haproxy 

Step 3: Adding a Status Page

Final HAProxy Configuration:

Add the following configuration for the status page:

listen stats
    bind *:8404
    stats enable
    stats uri /
    stats refresh 5s

Restart HAProxy:

sudo systemctl restart haproxy

Testing the Status Page:

You can access the status page by navigating to http://192.168.1.X:8404/ in your web browser.

SSL Termination on HAProxy

Generate a Self-Signed Certificate:

openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/haproxy.key -out /etc/ssl/certs/haproxy.crt

Combine the Certificate and Key:

cat /etc/ssl/certs/haproxy.crt /etc/ssl/private/haproxy.key |  tee /etc/ssl/certs/haproxy.pem

Note: For development SSL certificates, you can use the repository at https://github.com/BenMorel/dev-certificates

Update HAProxy Configuration to Use SSL:

Add the following to the `frontend http_front` section:

bind *:443 ssl crt /etc/ssl/certs/haproxy.pem
redirect scheme https if !{ ssl_fc }

Restart HAProxy:

sudo systemctl restart haproxy

Example for Layer 4 Load balancing , DB port :

frontend mysql
 mode tcp
 bind :3306
 default_backend mysql_servers

backend mysql_servers
 mode tcp
 balance leastconn
 server s1 192.168.0.10:3306 check
 server s2 192.168.0.11:3306 check

Configure Syslog for HAProxy Logging

1. Open the syslog configuration file for editing:

vi /etc/syslog.conf

1. Add the following lines to configure logging:

*.err;kern.warning;auth.notice;mail.crit                /dev/console
local1.*                                                /var/log/haproxy.log
*.notice;authpriv.none;kern.debug;lpr.info;mail.crit;news.err   /var/log/messages

1. Create the HAProxy log file:

touch /var/log/haproxy.log

1. Set the appropriate ownership for the log file:

chown haproxy:haproxy /var/log/haproxy.log

1. Update the syslogd flags to bind to localhost and run in compatibility mode:

sysrc syslogd_flags="-b localhost -C"

1. Restart the syslog service to apply changes:

service syslogd restart

Testing

Using `web browser`:

1. Test round-robin for `www.lab.afnog.org`:
2. Repeat the command several times to see alternating responses from Nginx and Apache.

• Test Nginx backend:

 nginx.lab.afnog.org
# This should consistently return the Nginx server response.

• Test Apache backend:

 apache.lab.afnog.org
# This should consistently return the Apache server response.

• Test SSL termination:

 https://www.lab.afnog.org
# This should return responses over HTTPS, with round-robin load balancing between Nginx and Apache.

Troubleshooting: Common Issues and Solutions

HAProxy not starting:

• Check the configuration file for syntax errors:

haproxy -c -f /etc/haproxy/haproxy.cfg

• Verify that the ports HAProxy is trying to bind to are not in use by other services.

Backend servers not responding:

• • Ensure that Apache and Nginx are running on their respective VMs.
  • Check firewall rules to allow traffic between HAProxy and backend servers.
  • Verify the IP addresses and ports in the HAProxy configuration.

SSL certificate issues:

• • Double-check the path to the SSL certificate and key in the HAProxy configuration.
  • Ensure the combined PEM file has the correct permissions.

ACLs not working as expected:

• • Verify that your local hosts file is correctly configured.
  • Use `tcpdump` or `wireshark` to inspect the HTTP headers and ensure the correct `Host` header is being sent.

Performance Tuning: Optimizing HAProxy

Increase maximum connections:

• • Adjust the `maxconn` parameter in the `global` section based on your server's capacity.

Enable kernel TCP splicing:

• • Add `option tcpka` to the `defaults` section for keep-alive connections.

Use HTTP/2:

• • Update your SSL binding to support HTTP/2:

bind *:443 ssl crt /etc/ssl/certs/haproxy.pem alpn h2,http/1.1

Implement caching:

• • Consider adding a caching layer with Varnish in front of HAProxy for static content.

Optimal Configuration Options for Web-Based Frontends

It's crucial to customize the following according to your application's specific requirements.

   frontend http-in
   bind *:80
   bind *:443 ssl crt /etc/haproxy/certs/cert.pem no-sslv3
   mode http
   option httplog
   log global
   
   # Redirect HTTP to HTTPS (enforce HTTPS for all traffic)
   http-request redirect scheme https code 301 if !{ ssl_fc }
  
   # Set default security headers for responses
   # Enforce HSTS for HTTPS (1 year, include subdomains, preload)
   http-response set-header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
   
   # Clickjacking protection, allow only the same origin to embed this site
   http-response set-header X-Frame-Options "SAMEORIGIN"
   
   # XSS filtering enabled in browsers, block if an attack is detected
   http-response set-header X-XSS-Protection "1; mode=block"
   
   # Prevent MIME type sniffing (force browser to honor content type declared by the server)
   http-response set-header X-Content-Type-Options "nosniff"
  
   # Add Content Security Policy to mitigate XSS and data injection attacks
   http-response set-header Content-Security-Policy "default-src 'self'; script-src 'self'; object-src 'none'"
  
   # Disable referrer information leakage when navigating to a different origin
   http-response set-header Referrer-Policy "no-referrer-when-downgrade"
   
   # Prevent browsers and proxies from caching sensitive data
   http-response set-header Cache-Control "no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0"
   
   # Set secure cookies (only for HTTPS, HttpOnly, and prevent cross-site requests)
   acl secure_cookie hdr_sub(cookie) Secure
   http-response set-header Set-Cookie %[res.hdr(Set-Cookie)] if secure_cookie
   http-response set-header Set-Cookie Secure; HttpOnly; SameSite=Strict if secure_cookie
   
   # Forward client's original IP in X-Forwarded-For header
   http-request add-header X-Forwarded-For %[src]
   
   # Forward the protocol used by the client (HTTP/HTTPS) in X-Forwarded-Proto header
   http-request add-header X-Forwarded-Proto https if { ssl_fc }
   http-request add-header X-Forwarded-Proto http if !{ ssl_fc }
   
   # Preserve the original Host header
   http-request add-header X-Forwarded-Host %[req.hdr(host)]
   
   default_backend servers

Security Considerations

1. Regularly update HAProxy and backend servers
2. Implement strong SSL/TLS configurations
3. Use IP whitelisting for the HAProxy stats page
4. Consider implementing Web Application Firewall (WAF) rules in HAProxy
5. Regularly audit your HAProxy configurations and access logs

This guide provides a comprehensive setup process for HAProxy, starting from a basic configuration and progressing to more advanced setups with ACLs, SSL termination, and performance optimization. Always ensure to test thoroughly in a staging environment before applying changes to production systems.

Author

Manhal Mohamed , sdnog team

How to Secure your Network Workshop

Introduction

Hands on how to secure your network Three day course – Philip Paeps

Objectives

At the end of this course, participants will be familiar with new ways and methods to help them to secure their networks. The course is taught "hands-on" in a virtualised FreeBSD environment. Participants will configure some tasks and will learn to analyze and debug common mis-configurations and bugs

Prerequisites

Participants should be familiar with Unix-style operating systems. The course is taught on FreeBSD but the environment will be familiar to people with a systems administration background on Linux or Solaris. Participants should bring their own laptops.

Participants

Systems administrators and network operators who are running Network services in their organization.

Workshop Requirements

• Some knowledge of Linux/UNIX command line
• Good understanding of network basics (IP networking)
• All participants will need to bring a laptop with WiFi access. You cannot use a tablet for this workshop.

Instructors

Philip Paeps

Agenda

Time	Day 1: Sunday 14 August	Day 2: Monday 15 August	Day 3: Tuesday 16 August
08:30 – 09:15 (45 minutes)	Registration and coffee	Registration and coffee	Registration and coffee
09:15 – 11:15 (120 minutes)	• Introduction to security • Network layers • Defence in depth •Basic physical layer security	• Firewalls • Inclusive and exclusive policies • Simple ACLs	• Securing websites: HTTP and HTTPS • Configuring Apache and nginx
11:15 – 11:30 (15 minutes)	Coffee break	Coffee break	Coffee break
11:30 – 13:00 (90 minutes)	• Layer 1 and layer 2 • Ethernet: VLANS • Wireless basics	• Statefull firewalls •pf: the BSD packet filter	• Introduction to cryptography • PKI, basics of letsencrypt.org
13:00 – 14:00 (60 minutes)	Lunch	Lunch	Lunch
14:00 – 15:30 (90 minutes)	• Wireless: WEP, WPA, WPA2? • Captive portals • Ethernet 802.1x	• Securing higher layers (applications) • E-mail: what about spam? • Sensible outbound filtering	• Generating letsencrypt.org certificates • Configuring nginx and Apache with HTTPS • Using SSL in other applications
15:30 – 15:45 (15 minutes)	Coffee break	Coffee break	Coffee break
15:45 – 16:30 (45 minutes)	•Introduction to firewalls (more tomorrow!) • Discussion and Q&A	•Configuring postfix and dovecot to protect against spam (abuse) • Discussion and Q&A	• Mitigation: what if it all goes wrong? • Discussion and Q&A

Internet Governance Forum

This is a half-day workshop. An introductory workshop about Internet Governance which focus on Internet ecosystem, key players, key issues and how Internet is governed? how we can take part? how it is affecting our life?

Objectives

• Provide a safe and accommodating environment for new entrants to the field and increase their knowledge on IG.
• Bring together people from government, civil society, business and other stakeholder groups to interact and build common ground around a public interest-oriented approach to IG

Workshop Level

Basic Level

Instructor

Hiba Abbas

Requirements

• Participants must have a good knowledge about networking.

Date & Time

• Date: Saturday, x.x.x
• Time: 10:30AM - 2:30PM

Registration

Paste registration link here

IPv6 Workshop by AFRINIC

Introduction

This is the keystone foundation module for all our technical workshops. It gives the participants a solid understanding of IPv6's core concepts and is required for understanding all other IPv6 topics.

Objectives

• Identify, write and shorten IPv6 addresses
• List the types of IPv6 addresses and their unique characteristics
• Create an IPv6 address plan for a network
• Identify and list the equivalent IPv4 key protocols in IPv6
• Describe how NDP is used to deliver key IPv6 functions
• Configure and verify basic IPv6 on hosts and routers

for more details check: http://learn.afrinic.net/en/course/ipv6/foundation

Registration

The registration is closed.

• Please note there will be a selection process, and selected candidates will be contacted to confirm their participation.

Instructors

• Stephan Musa
• Olatunde Awobuluyi

Feedback from Mr.Musa

 Hello SdNOG, We had a great time thanks to you in Khartoum last week. 
 On behalf of us all at AFRINIC, we thank you for joining us on this mission to
 ensure that no network engineer gets left behind on the skills required to build and run IPv6 networks.
 
 We rate our workshops using the Net Promoter System which has a range of -100 → 100.  
 - International benchmark for IT Training is 70
 - On this workshop the score was 77. 

more info at: AFRINIC blog

IPv6 Fundamentals Workshop

Ready or not, IPv6 is here!

IPv6 was developed more than a decade ago, but now is being implemented by both service providers and companies alike primarily due to the lack of IPv4 addresses. This one day hands-on will cover IPv6 concepts, IPv6 Address Basics, and IPv6 basic configuration in a Cisco infrastructure. This workshop is suitable for network engineers, network operators or Systems/IT admin who are responsible about network operation in their organization.

Objectives

This workshop will help to :

• Understand the differences and similarities between IPv4 and IPv6
• Know that deploying IPv6 will enable continued IP networking growth
• Understand the implications of running out of available IPv4 address space
• also to remove some of the fear related to IPv6 deployment and to enable it

Workshop Level

Intermediate Level

Instructor

• Sara Alamin Mohamed
• Salih Shihab Aldeen

Requirements

• It is assumed you are familiar with common IP terminology and have practical knowledge of running an IP network.
• Participants should bring a laptop computer to participate in the lab, with 2GB RAM as minimum.

Date & Time

• Date: Saturday, x.x.x
• Time: 9:00AM - 4:30PM

Outline

• Internet Ecosystem
• IPv4 Exhaustion
• IPv6 Address Basics > notation, shortening rules
• IPv6 Address Types
• IPv6 vs IPv4
• transition mechanism
• Basic Configuration

Registration

*Paste registration link here*

IXP Best Practices

Introduction

As at July 2015, there are known shortcomings to how the SIXP operates. With the assistance of PCH, the SdNOG team will host this workshop on IXP best practices as a pre-cursor to the sdnog-2 event. It is intended that the event will attract the key stakeholders for the SIXP, as well as the relevant participants from the NTC and NIC.

Layout

The workshop is intended to be a one day event, split between, an understanding of the economic elements, and strategic objectives of an IXP; it's role in the local Internet economy, and technical and operational management. The table below has a suggested overview of the topics that would be addressed.

Instructor List

Nishal Goburdhan, PCH

Networks Fundamental Workshop

A strong foundation of basic networking concepts is fundamental to have a successful career in information technology. This Workshop will help you understand Networking Fundamentals. By the end of this Workshop, you will gain real-world practical skills necessary for Networking
This workshop is suitable for BSc Students, fresh graduate and for those who have strong interests in networking

Workshop Level

Basic Level

Instructor

• Mohaund Adil
• Jadallah Mohamed

Requirements

• Participants must have a good knowledge about networking and IP addressing; also know the basic commands of Linux and how to work in UNIX systems.
• Participants should bring a laptop computer to participate in the lab, with 4GB RAM as minimum.

Date & Time

• Date: Saturday, x.x.x
• Time: 9:30AM - 5:30PM

Outlines

1.Basics of Networking

• What is networking?
• Types of Networks
• Usefulness of networks
• Types of network
• OSI Protocol description

2.Network Devices
3.IP Addressing

• IPv4
• IPv6
• IPv4 Vs. IPv6
• Understanding VLSM technology

4.Overview about Switching
5.Overview about Routing

Registration

paste registration link here

Network Management and Monitoring Workshop

Introduction

This workshop is designed for engineers and system staffs at ISPs and large networks including academic networks who are involved with system management, network monitoring and management and problem response. The course is for those who need to manage diverse Network and NOC operations. There will be hands-on for three days.

Objectives

By the end of this course you will be able to: Distinguish between network management and monitoring.

• Determined what should be monitored.
• Install various network management/monitoring tools.
• Track the changed on the network device’s configurations.
• Use SNMP protocol and log management.

Requirements

• laptop with wireless capability.
• IPv4 addressing and general network concepts.
• Knowledge of Linux.

Instructors

• Salih Shihab
• Patrick Okui

Agenda

Time	Day 1: Sunday 14 August	Day 2: Monday 15 August	Day 3: Tuesday 16 August
09:00 – 11:00	Welcome, Introductions, Workshop Details	Cacti software	Nagios3 Software
11:00 – 11:30	Coffee break	Coffee break	Coffee break
11:30 – 13:00	Introduction to Network Monitoring & Management	Smokeping software	LOG Management
13:00 – 14:00	Lunch	Lunch	Lunch
14:00 – 16:30	Cisco Configuration Basics and SNMP	LimbreNMS software	Version control RANCID / WebSVN and NetFlow / NfSen

Networking Best Practices Workshop

Introduction

This tutorial is aimed at teaching Best Practices in network deployment. The intent is to sensitise operators, and participants to things that they should be aware of, from a macro level, and to stimulate discussion, interest, and knowledge in the mechanisms for operation. It is not intended for this to be extremely low level.

Layout

The key ideas would be to talk about issues that operators should be engaged in already, in a 90min slot. Some topics for discussion could be:

• the proper use of NMS systems
• configuration management
• IGP and EGP configuration and setup
• routing and Switching
• scaling virtualisation deployments

Since this would be tutorial style, it's intended for the discussions to be as interactive as possible, and, where possible, include hands-on practical sessions. It is also intended to be an introductory/refresher tools that we can use to gauge interest, and competency, that will allow us to plan for future workshops.

Note: sdnog-1 attendance showed us a significant student population attending, so we expect that this workshop would be more appealing to them, vs. a more low-level, specific workshop on a particular topic.

A suggestion for the tutorial scheme could be:

	Day 1	Day 2	Day 3
Session 1	IP address space design and planning	Routing - IGP and EGP best practices	DNS
Session 2	IPv6 and its role in your network	BCP 38 and routing sanity	Configuration management
Session 3	Designing a switching environment	Network management systems	RIPE ATLAS Tutorial
Session 4	Designing a switching environment (cont)	Network management systems	Open Q&A

Instructor List

It is desirable that the instructor be experts in their respective areas of presentation, and have significant experience in the topics that they are presenting. Additionally, a good mix of local, and foreign expertise would be desirable, to allow for different points of perspective.

• Christian Teuschel
• Daniel Shaw
• Hiba Abbas
• Nishal Goburdhan
• Patrick Okui
• Sirag Aldeen Mahgoob

UNIX/Linux, Networking and DNS Online Course

The Internet Society invites engineers from Africa to participate in an intensive online course titled “Introduction to Network Operations: UNIX/LINUX, Networking and DNS” This is an introductory course targeted at novice/entry-level UNIX/Linux users pursuing careers in Network or System Administration. This course provides the necessary skills to progress to more advanced topics in the future. This course is practically oriented and provides step-by-step guidance on how to configure a UNIX/Linux server and then run a Caching Domain Name System (DNS) server in a virtualized environment. The techniques covered in the course are applicable in real-world environments to set up Internet-ready caching DNS servers.

Trainees who complete the course will be awarded with a Certificate of Completion.
Trainees will also be provided a remote server to carry out the hands on parts of the course and the exercises.
More info at: https://www.internetsociety.org/inforum/network-operations/

Course objectives

The course follows the following schedule:

 - Learn about and operate a UNIX/Linux operating system in a virtualized environment.  
 - Develop competences in key networking topics: IPv4 and IPv6.  
 - Install third-party software on a UNIX or Linux platform using common software management tools.  
 - Work with the UNIX/Linux shell and become comfortable with the command line interface.  
 - Edit files in UNIX/Linux environments without Graphical User Interfaces (GUI).  
 - Understand the role of the Domain Name System (DNS) in the operation of the Internet.  
 - Build and activate a caching Domain Name System (DNS) server.  
 - Learn about the Internet Engineering Task Force (IETF) and the Request for Comments (RFC) process
 

Who Should Attend

Novice/entry level network engineers and system administrators (from Africa) who are interested in learning about UNIX/Linux, Networking and DNS.
The course is targeted at upcoming network engineers and system administrators from Research Education Networks (RENs), Network Operator Groups, Universities, ccTLD registries or Internet Service Providers (in Africa).

Our Certified Participants

Meet our certified Participants who complete the online course successfully. ⭐️

Participants' Feedback

What former participants say about the courses.

Language

Language of instruction will be English.

Moderation and Online Support

This course will be moderated by Eng. Manhal Mohamed. and assisted by Eng. Abdulrahman Mohammed Hassan.
Online remote support is available via Email or Telegram and also via Jitsi meet

Offline Content

Offline training materials are available and are frequently updated.

Registration Form

https://docs.google.com/forms/d/e/1FAIpQLSd7MR1UkX4NoTS0OnHYeJCFCUxarBzuzIz3xpMxkawevBCQIg/viewform?usp=sf_link

Automation Tool: Ansible

Hands-on how to use automation in your network. Three day course

Objectives

By the end of the workshop, attendees will know how to use automation with Ansible to ease the burden of consistent configuration of servers and network devices and how to choose what/when to automate.

Workshop Level

Advance Level

Prerequisites

• Participants should be familiar with Unix-style operating systems. The course is taught on Linux (Ubuntu or CentOS) but the environment will be familiar to people with a systems administration background on FreeBSD or Solaris.
• Knowledge of Linux/UNIX command line
• Good understanding of network basics (IP networking)
• All participants will need to bring a laptop with WiFi access.

Participants

System administrators,Network engineers and Network technicians who are running network devices like servers, routers and switches in their organization.

Date & Time

• Date: Sunday 30 Sep - Tuesday 2 Oct 2018
• Time: 8:30AM - 4:00PM

Instructors

Sander Steffann

Agenda

• Benefits of automation
• What to automate?
• What not (yet) to automate?
• Available automation tools (Ansible, Puppet, Salt etc)
• What is Ansible?
• Installing Ansible
• How Ansible Works and its Key Components
• Playbook Basics
• Organising your roles
• Combining Ansible with other tools (bgpq3 etc)
• Sharing playbooks and revision management (git etc)

IPv6 for Services

hands-on workshop to teach the concept of IPv6 protocol on most common services expected of any network

Objectives

by end of this workshop participants will be able to verify any application for IPv6 capability and Configure and test an dual stack DNS, HTTP and DHCP server.

Workshop Level

Intermediate Level

Prerequisites

Participants

System administrators,Network engineers and Network technicians who are running Network services in their organization. The course is taught on FreeBSD but the environment will be familiar to people with a systems administration background on Linux.

Date & Time

Instructors

Agenda

 

Network Services and Monitoring Online Course

Background

This is an intermediate level course for network and system engineers/administrators aiming to get operational experience with IPv6 with a focus on specific Internet services provided by Internet Society. The course covers the following main areas:

• Authoritative DNS
• Introduction to Email
• Network Monitoring

The course is strictly 3 weeks long. Each trainee will be assigned a virtual server and will be required to build working services as mentioned above to provide services on an IPv6 address. The course is lab intensive (70%) with trainees provided with theory materials that they can read. Trainees are also encouraged to do their own research in order to cover the concepts in the course.

Course Timetable

The course follows the following schedule:

 Week 1:
     - Introduction to DNS 
     - DNS Resolvers 
     - DNS Authoritative
     - LAB ASSIGNMENT 1: install BIND
     - LAB ASSIGNMENT 2: Zone set up 
     - LAB ASSIGNMENT 3 : Zone file creation
 
Week 2: 
     - Email introduction 
     - Postfix Dovecot Introduction 
     - LAB ASSIGNMENT 4: create MX record for your mail server 
     - LAB ASSIGNMENT 5: Install Postfix and Dovecot 
     - LAB ASSIGNMENT 6: Setup Postfix and Dovecot
 
   Optional Part - Securing mail system :
   -------------------------------------	
     - LAB ASSIGNMENT 7 SENDING EMAILS
     - LAB ASSIGNMENT 8 Apache setup
     - LAB ASSIGNMENT 9 letsencrypt Part01 
     - LAB ASSIGNMENT 10 letsencrypt Part02
     - LAB ASSIGNMENT 11 Configure Dovecot
     - LAB ASSIGNMENT 12  Configure Squirrel-mail
 
Week 3: 
     - Nagios Introduction 
     - LAB ASSIGNMENT 13 Installing Nagious
     - LAB ASSIGNMENT 14 monitor DNS on localhost
 

Pre-Requisites to attend

• Completion of the Introduction to UNIX/Linux and Networking Course.
• A Computer system with at least 2 browsers (Chrome and Firefox preferred.
• Good Internet Connectivity.

Our Certified Participants

Meet our certified Participants who complete the online course successfully.

Participants' Feedback

What former participants say about the courses.

Language

Language of instruction will be English.

Moderation and Online Support

This course will be moderated by Eng. Manhal Mohamed & assisted by Eng. Abdulrahman Mohammed Hassan.
Online remote support is available via Email or Telegram.

Offline Content

Offline training materials are available and are frequently updated.

Registration Form

https://docs.google.com/forms/d/e/1FAIpQLSejyyI1yVwFjOFqNAjTUwr4irmh0YY5hv1Dv3HmOY2L24dCsw/viewform?usp=sf_link

OpenStack Workshop

OpenStack is a set of software tools for building and managing cloud computing platforms for public and private clouds. Backed by some of the biggest companies in software development and hosting, as well as thousands of individual community members, many think that OpenStack is the future of cloud computing.
This workshop will help the participants to assess the architectures, components, operation and tools of OpenStack.
Participate will have a hands-on labs showing how to build, use, and deploy an OpenStack Platform.

Workshop Level

Intermediate Level

Instructor

• Mohamed Ibrahim Oshari

Requirements

• Participants must have a good knowledge about networking and IP addressing;
• also know the basic commands of Linux and how to work in UNIX systems;
• also Participants should know basic knowledge about Virtualization Techniques.
• Participants should bring a laptop computer to participate in the lab, with 4GB RAM as minimum.

Date & Time

• Date: Saturday, x.x.x
• Time: 9:30AM - 5:30PM

Outline

• Whats OpenStack and its Present and Future
• Learn about the individual OpenStack components
• Learn about the OpenStack architecture.

Registration

Registration link will be here

Network Monitoring Workshop

Introduction

This workshop is designed for engineers and system staffs at ISPs and large networks including academic networks who are involved with system management, network monitoring and management and problem response. The course is for those who need to manage diverse Network and NOC operations. There will be hands-on for four days.

Objectives

By the end of this course you will be able to: Distinguish between network management and monitoring.

• Determined what should be monitored.
• Install various network management/monitoring tools.
• Track the changed on the network device’s configurations.
• Use SNMP protocol and log management.

Workshop Level

Intermediate level

Requirements

• laptop with wireless capability.
• IPv4 addressing and general network concepts.
• Knowledge of Linux.

Date & Time

• Date: Sunday 27 Oct - Wednesday 30 Oct 2019
• Time: 8:30AM - 3:30PM

Workshop Fees

200SDG

Instructors

• Salih Shihab

Agenda

• Introduction to Network Monitoring & Management
• Cisco Configuration Basics and SNMP
• Cacti software
• Smokeping software
• LibreNMS software
• Nagios3 Software
• LOG Management
• {PHP}IPAM
• Version control RANCID / WebSVN and NetFlow / NfSen

Security Workshop - Ethical Hacking

Introduction

This workshop is designed for system administrators, network administrators, auditors and web developers to gain knowledge about the security assessment and penetration testing processes. In addition, it will help to improve network and systems by analyzing the existing vulnerabilities to defend systems against attacks.

Objectives

By the end of this course you will be able to:

• Define Ethical Hacking concepts
• Determine different threats.
• Apply techniques and use penetration testing tools
• Provide defence against different types of attack.

Workshop Level

Intermediate level

Requirements

• Laptop with wireless capability.
• Good Network concepts.
• System concepts
• Basic/intermediate Linux Knowledge.

Date & Time

• Date: Sunday 27 Oct - Wednesday 30 Oct 2019
• Time: 8:30AM - 3:30PM

Workshop Fees

200SDG

Instructors

• Hiba Alamin

Agenda

• Introduction to Ethical Hacking
• Foot-printing and Reconnaissance
• Scanning Networks & Enumeration
• System Hacking
• Sniffing
• Social Engineering
• Denial-of-Service
• Overview about other security fields
• Security polices and Recommendations

Layer 2 Security Workshop

LAN network protection is generally neglected, which is a high risk to the organization or company This Workshop will help you understand L2 vulnerabilities. By the end of this Workshop, you will gain real-world practical skills necessary for LAN security, this workshop is suitable for all interested in cybersecurity, Network Security and Penetration Testing.

Workshop Level

Intermediate level

Instructor

Mohanned Adil Omer

Requirements

• Participants must have a good knowledge about networking, TCP/IP and IP addressing; also know the basic knowledge of Linux.
• Participants must have a Good understanding of switching behavior and protocols.
• Participants should understanding network services (DHCP, DNS, AD ... etc.).
• Participants should bring a laptop computer to participate in the lab, with 4GB RAM as minimum.

Date & Time

• Date: Saturday, x.x.x
• Time: 9:00 to 15:30

Outlines

1. Why L2 Security.
2. Switching review.
   • How switch work?
   • Switch weakness.
3. Sniffing Techniques
   • Packet Sniffers
   • PCAP and promiscuous mode.
   • Sniffing Tools.
   • Active and Passive Sniffing.
4. L2 Attacks and Defenses
   • Mac table Flooding.
   • ARP attack.
   1. Introduction.
   2. When ARP is used?
   3. Types of ARP message.
   4. Example use of ARP.
   5. ARP cache.
   6. RARP.
   7. ARP Types.
   8. ARP Attacks.
   9. ARP Spoofing.
   10. ARP Denial of Service.
   11. Defenses.
   12. S-ARP.
   13. Conclusion.
5. DHCP attack
   • How DHCP Work.
   • DHCP Spoofing Attack.
   • DHCP Starvation Attack.
   • Defenses.
   • Conclusion.
6. Some Guides to Minimum Security Baseline for any organization.

Build your own e-mail Server

This workshop is designed for engineers and system staffs at ISPs and large networks including academic networks who are involved with system management, system administration and operations and problem response. The workshop is for those who need to manage mail servers and systems. Anyone working with mail system in their corporate or carrier infrastructure will find this class worthwhile. this one day workshop describes how to setup a local Email with best practices using Postfix, Dovecot And Squirrelmail.

Objectives

By the end of this workshop you will be able to:

Workshop Level

Intermediate Level

Requirements

Date & Time

Instructors

Manhal Mohammed Mokhtar

Content

Registration

Registration link will be published here

Workshop materials

you can find this workshop materials at:
https://drive.google.com/drive/folders/1OnHplRXTB59VAgPi9pl_fIZyX9tkB78A?usp=sharing

 

Introduction to Git Workshop

This workshop is an introduction to version control systems with Git. Version control systems are tools that keep track of the changes made on a document, and help version and merge files. They allow the user to decide which changes make up the next version, and keep useful data about them. Version control systems are usually used by developers and people who write code, but are very useful also for people working with documents in general. It is especially helpful for collaborative work with more than one person working on the same file.

Objectives

This workshop is designed for people who have never used Git or a version control system before to :

• Learn more about what version control systems can do for them and their research.
• Help a team of people to work together, all using the same files.
• Helps the team cope with the confusion that tends to happen when multiple people are editing the same files.

Who should attend?

From web developers to system administrators, Git is useful to anyone who writes code, configuration files, scripts, and text documentation.

Workshop Level

Basic Level

Requirements

laptop with wireless capability , 64 bit OS , minimum 4G RAM

Date & Time

• Date: Saturday, x.x.x
• Time: 9:30AM - 4:30PM

Instructors

Sara Mohammed Abdulraheem

Content

1. What is Git and Gitlab?
   • History of Git
   • Design Principles
   • Distributed Version Control
2. Installing Git
3. Git File Management
   • Common Git Commands
   • Configuring Git
   • Creating Repositories
   • Creating a Commit
4. Branching
   • Visualizing Branches
   • Branch Naming Conventions
   • Creating a new Branch
   • Handling Merge Conflicts

Registration

Registration link will be published here

Workshop materials

you can find this workshop materials at:
https://drive.google.com/open?id=12vGnb0TdEbxHif_ywp-AQsTsG2agKFgM

Automation with Ansible : The basics

Introduction

Ansible is an open-source software provisioning, configuration management, and application-deployment tool to automate all your system work. this is one-day , hands-on workshop. You’ll get a comprehensive overview of Ansible and then dive into Ansible Roles and playbooks.

Objectives

By the end of the workshop, attendees will know how to use automation with Ansible to ease the burden of consistent configuration of servers and network devices and how to choose what/when to automate.

Workshop Level

intermediate Level

Prerequisites

• Participants should be familiar with Unix-style operating systems. The course is taught on Linux (Ubuntu or CentOS) but the environment will be familiar to people with a systems administration background on FreeBSD or Solaris.
• Knowledge of Linux/UNIX command line
• Good understanding of network basics (IP networking)
• All participants will need to bring a laptop with WiFi access.

Date & Time

• Date: Saturday 14 March 2020
• Time: 9:30AM - 4:30PM

Instructors

• Manhal Mohamed
• Sara Alamin

Agenda

• Introduction to Ansible
• Installing and Configuration
• Configuring Clients
• ad-hoc commands
• Ansible Playbook
  • Format& Function
  • Handlers
  • Variables
  • Conditions
  • Loops
• Ansible Templates
• Ansible Roles

Registration

Registration link will be published here

Workshop materials

you can find this workshop materials at:
https://drive.google.com/open?id=1OV4fWCRiLWAz4WQ-ohdT3msUXXY1EDPd

Automation with Ansible - Online Course

Introduction

Ansible is an open-source software provisioning, configuration management, and application-deployment tool to automate all your system work. this is 10-days , hands-on online workshop. in this online workshop You’ll get a comprehensive overview of Ansible and then dive into Ansible Roles and playbooks.

Objectives

By the end of the workshop, attendees will know how to use automation with Ansible to ease the burden of consistent configuration of servers and network devices and how to choose what/when to automate.

Workshop Level

intermediate Level

Prerequisites

Date & Time

Moderation and Online Support

This online workshop will be moderated by:

Online remote support is available via Telegram Group only " group link will be sent to selected participates"

Agenda

Day (1 & 2) : Introduction to Ansible

Day (3 & 4): Ansible Playbook

Day (5 & 6) : Ansible detailed Playbooks

Day (7 & 8) : Ansible Roles

Day (9 & 10): final Project

Participants

Participants who complete this online course successfully. ⭐️

Offline Materials

You can find the offline contents for this online course here

 

Introduction to Cloud Computing & AWS

This introductory workshop provides participants with a practical foundation in Cloud Computing and Amazon Web Services (AWS). It is designed for students, fresh graduates, and IT professionals who want to understand cloud concepts and gain hands-on experience with AWS.

Workshop Overview

We will start by covering the core concepts of cloud computing, comparing Cloud vs. On-Premises infrastructure, and discussing the key benefits of moving to the cloud. Participants will gain a clear understanding of cloud service models, including IaaS, PaaS, and SaaS, along with the fundamentals of resource virtualization.

Instructor 

Maryam Yousif
https://www.linkedin.com/in/maryam-yousif-9757a4133/ 

Ahmed Soria
https://www.linkedin.com/in/ahmed-soria-8231299a 

Content 

1. Introduction to Cloud Computing   15 mins    Ahmed.

1. What is Virtualization 

2. What is Cloud Computing? Cloud vs. On-Premises

3. Benefits of moving to the cloud

4. Overview of Cloud Service Models (IaaS, PaaS, and SaaS)

2. Introduction to AWS  10 mins Maryam

1. What is AWS? Market share, listing other cloud providers, why people choose AWS, choosing your cloud provider, 

2. Brief history and evolution of AWS

3. Overview of AWS Global Infrastructure

1. Regions

2. Availability Zones

3. Edge Locations

3.  AWS services:   15 mins  Ahmed

1. What is AWS services

2. Regional services vs global services 

3. AWS services by category

4.  Identity & Access Management (IAM) 20 mins   Maryam

1. Understanding IAM Users, Groups, and Policies

2. Multifactor Authentication (MFA)

3. IAM Roles and when to use them

4. AWS CLI: How to install and configure the CLI

5. Amazon EC2 (Elastic Compute Cloud) 20 mins   Ahmed

1. What is EC2

2. Instance types 

3. Security Groups

4. Connect to EC2 instances

5. IAM roles for EC2

6. Exposing your hosted app using AWS load balancer

6. Hands-On Demo     30 mins     Maryam from the console/ 5 mins TF script. Ahmed

1. Tour of the AWS Management Console

2. Launching EC2 instance

3. Deploying a simple web application

4. Creating an ALB

Outcome

By the end of this workshop, participants will have:

• A solid understanding of cloud computing fundamentals

• Practical exposure to AWS core services

• The confidence to start using AWS for learning, labs, or entry-level projects

Slides

https://drive.google.com/file/d/1c6W2ECSKtHilm7pnYFrWc1kOx5fydeDL/view?usp=share_link 

Recording

https://drive.google.com/file/d/1IiBtlMH85kt9NwKQkItzYAS8BuTv1biu/view?usp=share_link