Duration 3 days – 21 hrs
Overview
This training course equips participants with the knowledge and hands-on skills to configure, manage, and maintain firewalls and other security devices using open-source technologies.
Participants will learn how to implement network security policies, configure rules, monitor traffic, and respond to threats using widely adopted open-source tools such as pfSense, OPNsense, and iptables.
The course blends theory with practical labs to ensure learners can effectively secure and manage network perimeters in real-world environments.
Objectives
- Understand firewall concepts, types, and deployment scenarios.
- Install, configure, and manage open-source firewalls.
- Create and apply access control lists (ACLs) and firewall rules.
- Monitor and analyze network traffic using security devices.
- Configure VPNs and secure remote access.
- Implement intrusion detection and prevention (IDS/IPS) with open-source tools.
- Maintain, update, and back up firewall configurations.
Audience
- Network administrators and engineers.
- System administrators responsible for network security.
- IT professionals seeking to enhance cybersecurity skills.
- Small business IT managers implementing cost-effective security solutions.
Prerequisites
- Basic understanding of TCP/IP networking.
- Familiarity with operating systems (Windows/Linux).
- Knowledge of basic cybersecurity concepts.
Course Content
Module 1 Introduction to Firewalls and Security Devices
- Role of firewalls in network security
- Types of firewalls (Packet filtering, Stateful inspection, Application layer)
- Overview of open-source firewall solutions (pfSense, OPNsense, iptables, nftables)
Module 2 Firewall Deployment and Configuration
- Hardware vs. software firewall considerations
- Installing pfSense/OPNsense in a lab environment
- Understanding firewall interfaces and zones
- Setting up basic firewall rules and NAT
Module 3 Access Control and Traffic Filtering
- Creating ACLs and security policies
- Port filtering, whitelisting, and blacklisting
- Managing inbound and outbound traffic
- Configuring VLANs and segmentation for security
Module 4 VPN and Remote Access
- VPN fundamentals (IPSec, OpenVPN, WireGuard)
- Setting up secure remote access for users
- Site-to-site VPN configuration
- Best practices for securing VPN endpoints
Module 5 Intrusion Detection and Prevention
- IDS/IPS concepts and operation
- Implementing Snort or Suricata with pfSense
- Analyzing alerts and taking corrective action
Module 6 Monitoring, Logging, and Alerts
- Real-time traffic monitoring tools
- Log management and analysis
- Configuring email/SMS alerts for security events
Module 7 Maintenance, Backup, and Recovery
- Updating firewall firmware and software
- Backing up and restoring configurations
- Troubleshooting common firewall issues
Capstone Lab
- Build a complete firewall solution with:
- Network segmentation
- VPN configuration
- IDS/IPS integration
- Logging and alert setup
