Network Security: Intermediate
Configure firewall policy, logging, alerting, and incident triage across multiple nodes.
Audience
- Self-paced technical learners
- Instructor-led cohorts
- Enterprise teams preparing staff for hands-on operations
Prerequisites
- Beginner course or equivalent experience
- Comfort with command-line or admin consoles
Outcomes
- Provision an isolated network security lab from template metadata.
- Use snapshots, rollback, validation checks, and teardown safely.
- Explain how pfSense, Wazuh, Linux fit into an enterprise training environment.
- Produce evidence that an instructor or admin can review.
Modules and labs
Each module maps to provisioned lab work, validation evidence, reset/rollback policy, and instructor visibility.
pfSense or equivalent firewall/router
definedpfSense CE media or equivalent open firewall image
TODO: Confirm licensing and operational preference for pfSense CE versus open Linux router image.
Kali/security workstation
definedKali Linux official VM image or Ubuntu security workstation build
TODO: Publish only for safe internal blue-team exercises; keep intentionally vulnerable targets isolated.
SIEM/logging node
definedUbuntu 24.04 LTS plus Wazuh stack
Ubuntu Server 24.04
availableUbuntu 24.04 LTS cloud image
Firewall rules active
Allowed path works and denied east-west path is blocked.
SIEM receiving logs
A generated test event appears in the tenant security index.
Routing path works
Traffic follows the intended lab path and reaches the expected service.