Hands-on Firewalls

Objectives Prerequisites Who should attend Course Outline Hands-on Sessions

NJ-1.0

What you will learn...

If you are considering or have recently connected your organisation’s network to the Internet then you will need to evaluate your security through the concept of a firewall. This class will take you through all you need to know on selecting the right firewall architecture, including:

  • Current information on security breaches that are possible
  • What traffic you need to protect
  • How to design an effective firewall solution
  • Current vendor solutions and which one is right for me

Prerequisites

This class is an advanced networking class and requires that you are familiar with the TCP/IP protocol and Internet operation. Operating system exposure to Unix and Windows NT would be advantageous. As a pre-requisite for TCP/IP protocol knowledge we recommend our Hands-on TCP/IP Networks training program.

Who should attend

Your role will most likely be: Network Designer, Security Analyst, Network Manager, Internet Administrator, LAN Administrator, Network Engineer or Technical Support Professional.


Course Outline

Getting started with security

  • Terminology
  • Common network attacks
  • Common operating system attacks
  • Essential security plan elements
  • Checklists that you need to go through

Firewall design

  • Technology considerations
  • Architectural design options
    • filtering
    • address translation
    • proxy sessions
    • encryption options
    • packet content security
  • Application level gateways
  • Circuit level gateways
  • Specifying firewall functionality
  • Tunneling
  • Authentication
  • Firewall-to-firewall
  • Virtual Private Networks (VPN)

Security issues

  • Locking up TCP/IP
    • ports and sockets
    • application level services
    • IETF - IPSec standard
    • setting up private addressing
  • Securing operating system resources, with special consideration to NT and Unix
    • user ids and security
    • access logging
    • system auditing
  • Securing network services
    • DNS
    • FTP
    • TFTP
    • E-Mail
    • HTTP
  • Securing internetworking devices
    • bridges, switches and routers

Vendor firewalls

  • Available hardware and software solutions
  • Selecting the right firewall

Checking your firewall

  • Setting a security strategy
  • Security tools
    • public domain utilities
  • vendor solutions
  • CERT

Hands-on Sessions

Exploring TCP/IP based utilities

Use operating system available lookup utilities to learn about Internet users and domain resources.

Exploring TCP/IP applications

A comprehensive series of sessions that explore the security dangers with the applications TFTP, Telnet, rlogin, SMTP and FTP. Retrieve and store password files. Evaluate how ports are allocated and used amongst the various applications. Determine how vulnerable clear text traffic such as mail is. During these sessions you will be using protocol analysers to inspect live traffic.

Unprotected operating systems

Look at Unix and NT ‘un-protected’ operating systems working in an un-protected mode to assist in evaluating required security measures.

Setting up a firewall

A series of hands-on sessions that have you configuring and evaluating various firewall options. From an ‘un-protected’ system, configure the firewall/s to prevent unauthorised access.