• Home
  • Defensive security
    • FEATURED COURSES
    • OTHER COURSES
  • OffSec
  • Cloud Computing
    • OPENSTACK
    • DOCKER CONTAINER
    • SDN
  • Placements
  • Training Schedule – 2019
  • Resources
  • Contact Us
  • Home
  • Defensive security
    • FEATURED COURSES
    • OTHER COURSES
  • OffSec
  • Cloud Computing
    • OPENSTACK
    • DOCKER CONTAINER
    • SDN
  • Placements
  • Training Schedule – 2019
  • Resources
  • Contact Us

Firewall

Firewall is essential design element for enterprise and data center security requirements. Organizations are using firewall and other security technologies to secure their perimeter and business critical assets. Ever changing and dynamic business requirement’s has ensued complex business interactions hence security has become of paramount interest and topmost priority for organizations to secure the digital information.

  • About Firewall
  • Course Content
  • Modules

This course is designed for students who are new to firewall technology and looking to expand their skill sets in network and security domain. Candidates should have basic understanding on ip addressing, routing and switching technologies.
Upon completion of this course, students will be able to:

  • Explain the features and advantages of the firewall architecture
  • Perform the basic & advance configuration of the firewall including:
    • Firewall deployment scenarios and packet flow
    • Configuring interfaces, anti-spoofing, security policies
    • Setting up detailed operation of NAT
    • Enable IPSEC and SSL VPN
    • Troubleshooting via TCPDUMP and FW Monitor
    • Configure an Active-Backup and Active-Active Cluster
    • Troubleshooting tools including TCPDUMP, wireshark, debugs  & packet captures
    • User based policies using identity awareness
    • Overview of advance modules including virtualization & MDM
    • Consolidate multiple firewalls onto a single management platform

Module 0 – Security basics & firewall technologies overview

  • Network security concepts explained
  • Enterprise security architecture – defense in depth / layered security architecture
  • Understanding various firewall technologies likes of :
    • Packet filter firewall
    • Application gateway firewall
    • Stateful Inspection
    • Next generation firewall
  • Basic understanding on Various application protocols including HTTP, FTP, DNS & DHCP
  • Overview of PKI infrastructure

Module 1 – Firewall platform Architecture

  • Understanding on 3-tier architecture
    • Security Gateway/Firewall
    • Security Management
    • Smart Console tools
  • Secure internal communication (SIC)
  • Design consideration with firewall security solution
  • Detailed Packet flow with stateful firewall

Module2 – Installation and Administration

  • Understanding standalone and distributed deployment architecture
  • Understanding  IP address spoofing and security gateway topology
  •  Understating firewall security rule base
    • Implicit security policies
    • Explicit security policies
    • Rule base order
    • Security policy designing best practices
  • Controlling  multiple policy packages via Security Management

Module3 – Network Address Translation

  • Overview on NAT requirements
  • Network address translation
    • Source NAT
    • Destination NAT
    • Static NAT
    • Dual NAT
    • Persistence NAT , Full con & Half con NAT
  • Design consideration while using automatic and manual NAT
    • NAT Specific traffic flow
    • Overlapping network communication using NAT
    • Applications affected by NAT
  • Understating  and implementation of NAT policies

Module 4 – VPN

  • Overview of VPN technologies
    • SSL VPN
    • IPsec VPN
  • Understating on policy based VPN and its limitations
  •  Route based VPN
  • Implementing VPN  with dynamic routing on firewall
  • Understanding on NAT-T in IPSEC VPN
  • Advance understanding of  mobility requirements and SSL VPN technology
    • Network mode, application mode, thin client
    • Split tunneling , full tunneling
    • End point security
    • Secure desktop
  • Designing of complex VPN infrastructure with VPN failover

Module 5 – High Availability

  • Overview of Cluster and VRRP in firewall
  • understating on active-active and active-standby cluster
  • High Availability, load sharing , load balancing
  • Unicast mode
  • Multicast mode
  • Concept of Magic MAC
  • understanding and managing split brain condition
  • Failover Conditions
  • Understanding of complexities involved in cluster with asymmetric routing

Module 6– Troubleshooting

  • Overview of troubleshooting methodology on firewalls
  • Troubleshooting of address spoofing issues
  • Troubleshooting security policies and NAT
  • Firewalltools
    • VPN debugging using VPN tools
    • Debugging and maintaining SIC
    • Diagnosing Cluster & logging issues
  • Packet level troubleshooting with TCPDUMP
  • Troubleshooting using pcap files – overview of wireshark tool
  • File management in firewall
    • Objects_5_0.c
    • Fwauth.ndb
    • Modifying .def files using GUIDBedit tool

Module 7 – User group based policies

  • Overview of Identity awareness to configure network access rules
  • Integration with Active Directory/ LDAP
  • Understanding on different Identity Awareness scenarios
  • Acquiring identities for AD users
  • Acquiring identities with Browser based authentication
  • Acquiring identities with Endpoint identity Agents

Module 8 – Advanced administration & Configuration

  • Backup of Security gateway and Security management
    • Crating snapshots
    • Import export tool
    • Database revision control
    • Understanding file firewall file structure
  • Understanding firewall licensing  using smart update
  • Understanding firewall auditing and reporting tools
    • Smart view tracker
    • Smart event
    • Smart reporter
  • Upgrade a clustered security gateway deployment
  • Consolidate multiple firewalls to single management platform
  • Understanding firewall command line operation
    • CPCONFIG utility
    • Debug commands
    • ClusterXL, VPN , NAT, interface specific command utility
    • Policy operation through CLI
    • Firewall troubleshooting commands

 Module 9 – Advanced firewall security and management functions

  • Understanding on virtual firewall in firewall (VSX)
  • Designing guidelines using virtual firewalls
  • Understanding firewall next generation functionality
  • Overview on advance persistence threat technology (APT) – threat prevention
  • Install, configure and troubleshoot Multi-Domain Security Management
  • Configure and implement a Global Policy
  • Transition and consolidate physical firewalls to a virtualized environment

Study modules Firewall basic firewall advance
Firewall platform Architecture ✓ ✓
Installation and Administration ✓ ✓
Network Address Translation ✓ ✓
Virtual private network – IPSEC ✓ ✓
Virtual private network – SSL ✓ ✓
High Availability ✓ ✓
User group based policies ✓ ✓
Troubleshooting ✓ ✓
Advanced administration & Configuration ✓ ✓
Virtualization ✕ ✓
Multi-Domain Security Management overview ✕ ✓
Complementary services
Mock interview ✕ ✓
Personality development sessions ✕ ✓
Access to revision sessions ✕ ✓
Payment via Purchase Order Optional Optional
Enrollment Fee in INR - -


Featured Courses

  • TSE – Troika Security Essential
  • TFM-Troika Firewall Maestro
  • Cloud Computing-Open Stack
  • SDN-Software Define Networking

“Register For Demo Session”

Your Name (required)

Your Email (required)

Contact Number (required)

Captcha captcha

Contact Info

Address: F3&4 Malhan Falcon Plaza, Sector 12, Dwarka LandMark – opposite metro pillar 1034
Telephones: 9810890614
E-mail: info@troikasystems.com

Recent Posts

  • IT Generalists or Network engineer? February 25, 2017
  • Setup Firewall Lab In Vm Environment October 25, 2016
  • How to launch your EC2 instance on AWS October 25, 2016
  • How to reset NGFW appliances to factory default October 20, 2016

Troika Featured Courses

  • TSE – Troika Security Essential
  • TFM-Troika Firewall Maestro
  • Cloud Computing-Open Stack
  • SDN-Software Define Networking

View All Blogs

Like us on Facebook

CONTACT INFO

Head Office:: F3&4 Malhan Falcon Plaza, Sector 12, Dwarka LandMark – opposite metro pillar 1034
Telephones: 9810890614
E-mail: info@troikasystems.com
© Copyright 2016 by Troika Systems. All Rights Reserved.
Website Designed by IT Monteur Seo Company in Delhi