Network Security

Learn to protect networks, ensure their integrity, prevent intrusions, and safeguard data from potential threats.

Develop the technical depth to design and support secure networks — configure device hardening, AAA, ACLs, firewalls, IPS, VPNs, cryptography, and ASA firewall deployments through 45 hands-on labs.

In today’s digital world, network security is crucial — and a network’s security can be compromised by many different sources. Network Security professionals play a vital role in an organisation’s defensive line against theft, damage, and disruption. This comprehensive, instructor-led course helps you develop a deep understanding of network security and build expertise in designing, implementing, and supporting secure networks and data protection. You will get extensive hands-on practice with 45 labs, building skills in implementing security measures, detecting vulnerabilities, and responding to incidents while ensuring network integrity.

Curriculum Chapters

  • 1. Securing Networks
  • 2. Network Threats
  • 3. Mitigating Threats
  • 4. Secure Device Access
  • 5. Assigning Administrative Roles
  • 6. Device Monitoring and Management
  • 7. Authentication, Authorization, and Accounting (AAA)
  • 8. Access Control Lists
  • 9. Firewall Technologies
  • 10. Zone-Based Policy Firewalls
  • 11. IPS Technologies
  • 12. IPS Operation and Implementation
  • 13. Endpoint Security
  • 14. Layer 2 Security Considerations
  • 15. Cryptographic Services
  • 16. Basic Integrity and Authenticity
  • 17. Public Key Cryptography
  • 18. VPNs
  • 19. Implement Site-to-Site IPsec VPNs
  • 20. Introduction to the ASA
  • 21. ASA Firewall Configuration
  • 22. Network Security Testing

Skills You Will Learn

Explain the current network security landscape including threat types, malware, and attack tools. Configure secure administrative access including SSH, privilege levels, and role-based CLI. Implement device monitoring using syslog, NTP, SNMP, and AutoSecure. Configure local and server-based AAA authentication, authorization, and accounting using TACACS+ and RADIUS. Implement IPv4, IPv6, and extended ACLs to filter traffic and mitigate attacks. Implement Zone-Based Policy Firewall (ZPF) using the Cisco IOS CLI. Configure Cisco Snort IPS and explain IDS/IPS implementation on Cisco ISR routers. Implement Layer 2 security measures to mitigate MAC table attacks, VLAN attacks, DHCP snooping, ARP attacks, and STP attacks. Apply cryptographic services including encryption, hashing, digital signatures, and PKI. Configure a site-to-site IPsec VPN with pre-shared key authentication using the CLI. Implement a full ASA 5506-X firewall configuration including ACLs, NAT, AAA, and service policies. Describe network security testing techniques and tools.

Technologies Used

Cisco IOS CLI
Cisco Packet Tracer
Oracle VirtualBox / Security Workstation VM
Wireshark
Cisco ISR 4221 routers & Catalyst 2960 switches
Cisco ASA 5506-X firewall (optional)
TACACS+ / RADIUS / AAA frameworks

Course Details

Course Type: Instructor-led
Time: 70 Hours
Modules: 22
Level: Intermediate
Labs: 45 hands-on labs (~18 hours) using Cisco hardware & Packet Tracer

Prerequisites

CCNA ITN and SRWE level networking knowledge recommended. Familiarity with Cisco Packet Tracer helpful.

Certification & Career

Career and Certification alignment: This course aligns with the NIST Cybersecurity Framework and prepares learners for entry-level Network Security Specialist roles. It complements the CCNA certification path and is recommended after completing the Junior Cybersecurity Analyst Career Path or equivalent. Recommended next courses are CyberOps Associate and CCNA: Enterprise Networking, Security, and Automation.

Achievements & Badges

Upon completion, earn a Cisco Networking Academy digital badge. Share your verified achievement on LinkedIn, your CV, or professional profile.

What Cisco verifies: Cisco verifies the earner of this badge successfully completed the Network Security course. The holder of this student-level credential understands network security and has skills in threat mitigation measures to protect data assets and network systems from attack, such as configuring device hardening, firewalls, intrusion prevention systems, and virtual private networks. They participated in up to 18 hours of 45 hands-on labs using Cisco hardware and Cisco Packet Tracer.