Udemy
    •  
    •  
    •  
    •  
    •  
    •  
    •  
    •  
Turn what you know into an opportunity and reach millions around the world.
Learn More
Your cart is empty.
Keep shopping
Introduction to Firewalls - 2 Hour Beginner Crash Course
Rating: 4.6 out of 5(2,477 ratings)
7,902 students

Introduction to Firewalls - 2 Hour Beginner Crash Course

Learn firewall fundamentals with clear lectures and diagrams. This video course covers all the basics of firewalls.
Created byRick Crisci
Last updated 8/2024
English

What you'll learn

  • Understand the basic functions and concepts of Firewalls beginning with Network Access Lists
  • Identify Firewall Zones including the DMZ, and how traffic between zones is controlled
  • Differentiate and understand diiferent types of firewalls including Layer 3 & 4, Layer 7, Stateful, Network, Host, and Virtual
  • Use downloadable PDF study guides and slide decks to review lessons whenever you want!
  • Design security solutions according to best practices
  • Frequent quizzes will help to verify and reinforce your knowledge

Course content

1 section20 lectures2h 4m total length
  • Introduction1:00
  • NAT6:04

    This lesson provides an introduction to the fundamental concept of Network Address Translation (NAT) in the context of computer networking and its significance in understanding firewalls. It explains how NAT works, including source NAT and destination NAT, and how it allows private computers to access the internet while maintaining security. The lesson emphasizes the role of NAT in conserving public IP addresses and enhancing security for private systems.

  • Quiz: NAT
  • Firewall Zones5:36

    This lesson introduces the concept of firewall zones, with a focus on the Demilitarized Zone (DMZ) and its real-life analogy in the context of network security. The DMZ is explained as an intermediate area between trusted internal networks and untrusted external networks, emphasizing the need for strict control of traffic to and from the DMZ. The lesson highlights the importance of firewalls in controlling and securing the flow of traffic between these different zones to protect sensitive data and systems while allowing controlled accessibility from external sources.

  • Quiz: Firewall Zones
  • Basic Layer 3 and 4 Firewall13:18

    In this lesson, the basics of layer three and layer four firewalls are explored through the use of network access lists with example rules. The lesson emphasizes that firewalls are essentially a set of rules controlling traffic, and these rules are typically processed in order from top to bottom. It explains how these rules can be based on layer four information, such as protocols and port numbers, and layer three information, like source and destination IP addresses. The lesson also touches on the importance of ending firewall rules with a "deny all" statement for security purposes. The concept is illustrated within the context of network diagrams, highlighting the role of firewalls in securing networks from untrusted external sources, as well as the use of DMZs to protect systems accessible from the internet.

  • Quiz: Basic Layer 3 and 4 Firewall
  • Implicit Deny All6:50

    This lesson explores the concept of an implicit deny all in firewalls, using an analogy of an exclusive party where only invited guests are allowed. It differentiates between explicit statements that are explicitly stated in firewall rules and implicit deny all, where firewalls, by default, block all traffic unless explicitly permitted. The lesson highlights the importance of rule order, emphasizing that the order in which firewall rules are processed is crucial, and it recommends being granular and specific with firewall rules to maintain security. It also discusses the balance between convenience and security in firewall configurations.

  • Quiz: Implicit Deny All
  • Demo: Deploy Cisco Packet Tracer8:56

    This lesson demonstrates how to download and set up Cisco Packet Tracer, a network simulator used for testing firewall configurations. The instructor guides you through the process of downloading Packet Tracer from the Cisco Netacad website and then walks you through the installation steps. The lesson also provides an overview of how to use Packet Tracer to simulate network topologies and configure network devices for practical learning and testing.

  • Demo: Create a Simple Access List14:23

    In this lesson, the instructor demonstrates how to configure a Cisco access list in a Cisco router using Cisco Packet Tracer for simulation. The lesson covers setting up network devices, creating and applying an extended access list to control traffic flow, and testing the configuration's impact on network connectivity. It provides hands-on experience in configuring access control for specific ports and protocols, along with insights into the importance of access list order and implicit denial in network security.

  • Stateful and Stateless Firewalls4:29

    In this lesson, you'll learn about the differences between a stateful firewall and a stateless firewall and their impact on network security. The lesson provides a clear explanation of how stateful firewalls work by tracking the state of connections and automatically allowing response traffic even without an explicit inbound rule. On the other hand, stateless firewalls require rules in both directions and do not track connection states, necessitating explicit rules for both outbound and inbound traffic. Understanding these concepts is crucial for effective firewall configuration and network security.

  • Quiz: Stateful and Stateless Firewalls
  • A quick favor to ask...0:28
  • Layer 7 Firewall (NGFW)5:00

    In this lesson, you'll explore the concept of a Layer 7 application firewall, sometimes referred to as a next-generation firewall. The lesson explains that while traditional firewalls work at layers 3 and 4, focusing on addresses, protocols, and ports, a Layer 7 firewall performs deep packet inspection, delving into the application layer to analyze the content of traffic. It can identify specific applications and protocols using signatures and patterns, making it highly effective at detecting and preventing known attacks and malicious traffic. Keeping the signature database up to date is crucial for ensuring the firewall's effectiveness in countering evolving threats.

  • Quiz: Layer 7 Firewalls
  • Host Based Firewalls5:26

    In this lesson, you'll explore host-based firewalls, which are different from the network-based firewalls discussed earlier. Host-based firewalls operate within an operating system, such as Windows or Linux, and focus on securing the specific applications running on that system. They serve as an additional layer of defense and can help block threats that may bypass network firewalls. However, host-based firewalls are also vulnerable to compromise if the underlying operating system is attacked or compromised, making them an integral part of a defense-in-depth strategy.

  • Quiz: Host Based Firewalls
  • Firewall Concepts Demonstrated on the Windows Firewall10:04

    In this lesson, you'll explore key firewall concepts demonstrated within the Windows Firewall. You'll learn about configuring inbound and outbound rules, understanding network profiles, and the importance of differentiating between inbound and outbound traffic. By working with the Windows Firewall, you can gain insights into managing and configuring firewall rules, which apply to many firewall solutions, making this knowledge valuable for broader cybersecurity applications.

  • Scenario: Malware Infection5:44

    In this lesson, you'll explore a common security scenario involving a malware infection and its potential impact on different types of firewalls. You'll learn about the limitations of network firewalls when dealing with malware that has already infected a device. The video explains how malware can attempt to establish connections, how network firewalls may have egress rules for outbound traffic, and discusses the benefits and limitations of host-based and Layer 7 firewalls in addressing malware-related threats.

  • Quiz - Scenario: Malware Infection
  • IDS / IPS6:24

    In this lesson, you'll gain a fundamental understanding of intrusion detection systems (IDS) and intrusion prevention systems (IPS) while exploring their key differences. You'll learn that IDS, often passive, are like "neighborhood watch," alerting you to potential threats by analyzing traffic against known signatures. Conversely, IPS, which are inline, actively stop malicious traffic based on known signatures and can provide both detection and prevention capabilities. The video also introduces behavior-based systems that monitor network behavior for unusual patterns, making them useful for detecting zero-day attacks.

  • Quiz: IDS/IPS
  • Firewalls and DDoS4:40

    In this lesson, you will learn about Distributed Denial of Service (DDoS) attacks and the role of firewalls in mitigating them. While firewalls can help with certain types of DDoS attacks, they may not be effective in all cases, especially when the attack overwhelms your internet bandwidth. The video also highlights cloud-based solutions that can protect your network from DDoS attacks before they even reach your premises, ensuring minimal impact on your services.

  • Quiz - Firewalls and DDoS
  • Segmentation with VLANs8:32

    This video explores the concept of network segmentation and how it's used to enforce security controls within a network. By creating different network segments, often implemented using VLANs, you can logically separate your network into security zones. While traditional segmentation is effective for controlling traffic between these zones, micro-segmentation is introduced as a more modern alternative to enforce controls within segments, overcoming limitations present in the traditional approach.

  • Quiz: VLAN Segmentation
  • Microsegmentation8:49

    Micro-segmentation is introduced as a concept to overcome the limitations of traditional network segmentation, which struggled with controlling communication within a network segment. With micro-segmentation, the focus is on virtual machines (VMs) and their network interfaces, where each VM has its own rules that can be applied directly to the network interface. This approach enhances network security by controlling traffic before it even reaches the network segment, minimizing lateral movement within the network and providing a powerful security barrier, particularly for compliance requirements.

  • Quiz: Microsegmentation
  • Design pattern: Using the Cloud7:07

    This lesson explores cloud-based solutions for enhancing overall security. It begins by discussing the use of cloud-based DNS services like Route 53, which can help mitigate attacks by identifying and blocking malicious traffic patterns based on observations across multiple clients. Additionally, it covers the benefits of using content delivery networks (CDNs) like Cloudflare and AWS CloudFront to distribute content and apply security at the edge, protecting against common attacks before they reach the user's infrastructure. These cloud solutions can bolster security even for organizations not fully operating in the cloud.

  • Quiz - Design pattern: Using the Cloud
  • Hands-On Opportunity: hol.vmware.com1:11
  • BONUS LECTURE0:42

Requirements

  • A very basic understaing of networking is useful, but not required.

Description

"Great course. Very clear and easy to understand. The instructor's expertise was evident, and they presented the material in an engaging manner." -Marco

"It was really a very good course. The explanations were crystal clear and not vague. Easy to understand. I haven't skipped even a second. Thank you."  -Gomathi

Do you need to understand the fundamentals of Firewalls? Have you found that many training resources use complex technical jargon that makes it difficult to understand the basic concepts?

If you need to get a basic understanding of Firewalls quickly and clearly, this is the course for you.

This course addresses the following topics:

  • What is an access list and how does it relate to a network firewall?

  • Next Generation Layer-7 Firewalls

  • Differentiate between Stateful and Stateless Firewalls

  • NAT basics

  • Using firewalls for network segmentation with VLANs and microsegmentation

  • How to write common firewall rules

  • Using Intrusion Detection and Intrusion Prevention systems

  • Cloud security tools that can be used to thwart common attacks

  • See Firewall concepts demonstrated on the Windows Firewall

  • Understand the role of Firewalls for DDoS mitigation

  • Learn common design patterns like Zero Trust, Defense in Depth, Simplicity and Automation, and more

I have taught hundreds of thousands of students across a variety of platforms, and I think anyone who needs to understand Firewalls will love this course. Most lectures in this course are 5 - 10 minutes long.

If you need the basics of Firewalls, this course will give you a strong foundation, and is the ideal starting point.

Who this course is for:

  • Anyone that needs a basic understanding of Firewalls