Firewalls & Free Training from Fortinet, Cisco and others for Enduser, Networking and CyberSecurity engineers

• This article was originally posted in Peerlyst in May 2020

Do you need to provide basic cybersecurity education to your end-users?

Do you want to brush up on your networking and network security skills?

Do you want to add to your cybersecurity toolkit, or move from networking into network security?

Maybe you just want to brush up on firewalls for an upcoming exam?

Well, if you can say yes to any of those things, you’re in luck! So sit back, grab and beverage and let’s get going!

Photo by Armin Hanisch from FreeImages

First, because I like providing background to things, let’s talk about Next Generation Firewalls (NGFW). What is a next generation firewall?
[[TLDR: it’s a marketing term, but it’s one you need to know :P ]]

Well, a next-generation firewall is a part of the third generation of firewall technology, combining a traditional firewall with other network device filtering functions, such as an application firewall using in-line deep packet inspection, an intrusion prevention system.

A brief history lesson on firewalls

Initially, we had “packet filtering” firewalls, which simply checked the characteristics, namely the source/destination IP addresses and port numbers, of each packet against the firewall rules. Working mainly off the network layer, Layer 3 in the OSI model, to check the headers of packets, their inability to take into context the encapsulated data pertaining to OSI layers 5–7 meant that was possible to exploit these firewalls via various means. Firewalking was only one of these methods, but I’d recommend you spend some time to learn at least the idea behind some of the fragmentation and spoofing methods used to circumvent these security controls. Over all, they were pretty basic network security devices, and totally incapable of any contextual decision making. Packet filtering firewall capabilities were typically found in routers and other network devices and have definitely dropped out of popularity due to advances in technology.

After that we had second generation stateful inspection firewalls, which leveraged dynamic packet filtering and keeping records of the “state” of each connection via the Transport layer (layer 4 of the OSI model) information. Developed by Check Point Software Technologies in the early 1990s, the eventual wide spread adoption of stateful inspection firewalls caused a reduction in external threat actors abilities to scan networks as, once configured correctly, port scanning became less likely to work. Stateful inspection firewalls work by gathering information over time on the inbound and outbound packets down to the application layer (layer 7 in the OSI model), with their relevant states stored in tables. This helped counter act many TCP based attack vectors, by ensuring only legitimate three-way handshakes were being used during connections. However, as with most things, this increase in security reduced in greater administrative overhead, and reduced network performance.

Third generation aka “next generation firewalls” or NGFW, leverage even more information into their decision-making process, garnering context about users, applications, and where applied, unique business processes. This insight and intelligence may come at a price, though prices are dropping as more players hit the market, and solutions become more competitive. Often, NGFWs are marketed as an “all in one” solution, with a centralized management system, combined antivirus, host and network intrusion detection modules, deep packet inspection and SSL decryption to protect against sensitive data loss such as:

• Personally Identifiable Information (PII) protected by the likes of GDPR
• Protected Health Information (PHI) protected by the likes of HIPAA
• Credit card of financial information protected by the likes of PCI DSS
• Intellectual Property (IP) who’s loss could result in severe ramifications for the organisation

For a good break down on the three generations of firewalls and how each can be attacked, I refer you to the Geeks For Geeks article here.

Ummm… Ok, so what?

OK ok, Jack, so you’ve given me a history lesson, and some (hopefully) useful material thats relevant in the likes of the CompTIA Security+, CySA+ and CASP+ certifications, but, like, so what? What should this be of further interest to me? [[Quick plug, see my write up on studying for, and passing, the CySA+ here]]

Ok, heres the plug:

Why do I even mention Fortinet? Ok, I’ll get there, I promise!

For many starting in Information Security, they move laterally from Networking. A natural entry point, it offers huge growth and development opportunities while remaining within a familiar sphere. As a result the golden trio of knowledge, experience and certifications in major vendors within this space greatly increases your chances of landing those coveted projects. Its for this reason that certifications like the CompTIA Network+, Cisco CCNA and others are valued as foundational education intrinsic to the development of a good cybersecurity engineer.

So, with that in mind (drumroll please….. well, go on…..) Fortinet have just announced that they’re offering a large selection of their training courses fully free online for the rest of 2020.

Who are Fortinet?

In operation for twenty years now, Fortinet (NASDAQ: FTNT)is a well known cybersecurity and networking vendor, probably best known for their Fortigate NGFW (Next Generation Fire Wall). Now, don’t get me wrong, Fortinet do lots of other things within the networking/security sphere. Usually reserved for customers or in-channel partners (think: resellers), training courses are fantastic to add some extra depth to your networking and cybersecurity toolbox.

The courses cover:

• basic cybersecurity awareness training, ideal for sending on to endusers within your organisation or family,
• Essentials courses covering their basic networking solutions
• Advanced training for security-driven networking, cloud security, zerto-trust networks (ideal in the current work-from-home situation and the deparameterization of your network that comes with this) as well as AI-driven security operations.

So here we are!

All you really need to do is sign up and start your courses here: https://www.fortinet.com/training/cybersecurity-professionals

Now if you feel your networking or cybersecurity skills aren’t up to scratch enough to tackle some of the more advanced courses, you can always run through the excellent free online courses available from CISCO at their Network Acadamy

If you’d prefer to start off with a more generic and less vendor focused path, I wholeheartedly recommend the free CompTIA A+, Network+ and Security+ training courses provided by the amazing James Messer at www.professormesser.com