1.3 Firewalls

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Time
6 hours 28 minutes
Difficulty
Intermediate
CEU/CPE
7
Video Transcription
00:00
>> Welcome back to the Cybrary course
00:00
in building your Infosec lab.
00:00
I'm your host and instructor, Kevin Hernandez.
00:00
In our last lesson,
00:00
we discussed the different technologies,
00:00
applications, software,
00:00
tools that we can utilize in our Infosec lab.
00:00
We'll look at tools such as IPS,
00:00
firewall, IDES, SIEMs,
00:00
web proxies, Virtual Machines,
00:00
Active Directory, reliability scanners,
00:00
pen testing, forensics, among others.
00:00
In this lesson, we'll start looking into
00:00
different hardware requirements each and
00:00
every one of these applications were required.
00:00
Now, this is very important
00:00
as the hardware requirements will dictate
00:00
how many appliances or how many tools we can
00:00
fit into one machine using
00:00
our built through machines such as ESXi.
00:00
Power hungry or a resource hungry tools such as
00:00
SIEM might need to have its own dedicated box.
00:00
However, you can always compensate these
00:00
by the amount of resources you put into the machine.
00:00
A machine with let's say 32 gigabytes of RAM,
00:00
will be able to host
00:00
a lot more virtual machines setup system,
00:00
let's say four gigabytes of RAM.
00:00
This is something we do have
00:00
to consider when building our machine.
00:00
It's very crucial you go through the list and building
00:00
these details and keeping
00:00
track of your resources at your building or labs.
00:00
Now, as mentioned before,
00:00
if you have a system that's offline,
00:00
you will have less resources and it's really requires
00:00
so keep that into
00:00
consideration based on your host environment.
00:00
Also, if you have 100 systems versus 20 systems,
00:00
that would also reduce
00:00
the requirement or increase them as well.
00:00
These are not set in stone,
00:00
just take the mass of recommendation or a small guide.
00:00
Let's start working on to this,
00:00
and we will start by looking into
00:00
the firewall. Let's get into it.
00:00
If you remember from our previous document,
00:00
we have pfSense,
00:00
IP Force and Untangle as potential
00:00
>> firewalls to utilize.
00:00
>> Let's start looking into these.
00:00
Let's start with pfSense,
00:00
and then we'll move into IP Force and Untangle.
00:00
Now, it's not that wise to have
00:00
three firewalls in
00:00
your same network from different vendors.
00:00
If it's a small office or home office,
00:00
as you will have a lot of
00:00
upkeep and there might come a lot
00:00
of issues as you build this lab.
00:00
In this case, try to pick one that you
00:00
really like or more accustomed
00:00
to or the one that meets better your criteria,
00:00
maybe from a GUI perspective, etc.
00:00
Let's start with pfSense here.
00:00
[NOISE] We'll literally go
00:00
to the nature source, original source here.
00:00
Now, in here, you have to look at the different products
00:00
so you can have to help her to
00:00
apply and have different solutions, etc.
00:00
Let's go to products real quick,
00:00
and here you can see
00:00
the details of some of the devices they have,
00:00
some small office, branch office.
00:00
From here you can get a general idea
00:00
what amount of resources you require,
00:00
such as one gigabyte RAM,
00:00
storage and three ports
00:00
which actually this is what this brings.
00:00
You've got a general idea of what you
00:00
need from a hardware perspective.
00:00
But if you're bringing your own tool,
00:00
like let's say build your own here,
00:00
you can see you need this resources that are here.
00:00
What we're going to do is we're
00:00
going to open an Excel sheet.
00:00
In this Excel sheet,
00:00
we're going to add those resources here.
00:00
Let's have the tool on the left, pfSense,
00:00
and here we're going to have minimum recommended.
00:00
Let's say recommended CPU,
00:00
and then we also have minimum recommended RAM,
00:00
[NOISE] and there might
00:00
be a couple of things here such as storage,
00:00
but in this case it's not shown, so that's okay.
00:00
This is one gigabyte hard drive. Let's add storage.
00:00
[NOISE] A minimum CPU, it's 500 megahertz.
00:00
[NOISE] For RAM, it's 512 megabytes,
00:00
[NOISE] and the recommended is one gigahertz
00:00
[NOISE] and one gigabyte of RAM.
00:00
[NOISE] For sources, this one gigabyte.
00:00
However, if you recall correctly earlier,
00:00
from this little device over here,
00:00
it has a gigabytes of storage options,
00:00
so I'm going to use the bigger one
00:00
to use as a safety precaution.
00:00
That's about it for pfSense.
00:00
Let's look at IP Fire instead of IP Force had a typo,
00:00
sorry for that in here.
00:00
I have never utilized this one.
00:00
But if you go to download right here,
00:00
and you go to sorry,
00:00
support, and you go to the commutation,
00:00
you can have system requirements right here.
00:00
You can see you need a X86,
00:00
so it's 512,
00:00
or one gig for storage,
00:00
it doesn't really give too much
00:00
>> details to the gigs here.
00:00
>> Supports up to three terabytes.
00:00
For this case it says one gigahertz.
00:00
It looks very, very similar to what
00:00
pfSense utilizes and that being the case,
00:00
I'm going to literally just
00:00
copy paste on and that's going
00:00
to be in and maybe upgrade right here.
00:00
That one.
00:00
Do you guys recommend that one to your heart to see?
00:00
Let's leave it as is assets
00:00
literally the same amount of storage.
00:00
Let's look at the other source, which is Untangle.
00:00
Let's fix this for [NOISE] future use.
00:00
As we look for Untangle,
00:00
you see it's a next-generation firewall as well.
00:00
If you go here to get Untangle free download,
00:00
you'll see it over here.
00:00
Now, this is a 14 day trial with paid apps.
00:00
Then you have to either pay for
00:00
the apps itself or the complete subscription.
00:00
It really depends what you're looking for
00:00
, but right here,
00:00
you see you have free IPS,
00:00
you have free firewall,
00:00
virus blocker, light, and fish blocker.
00:00
What you will have to pay for,
00:00
sorry, these are the free ones,
00:00
will be SSL inspector for example.
00:00
You will have to pay for web filter,
00:00
spam blocker, application control
00:00
and all these different other tools.
00:00
It really depends what you need if
00:00
this will meet or not your requirements.
00:00
Now, warning is if you, for example,
00:00
required to put your email or
00:00
your phone number to do any type of installation,
00:00
they will be contacting you and
00:00
require you to buy software, buy licensing too.
00:00
This doesn't seem like that type of product
00:00
but had to warn in case you do end up using it.
00:00
In this case, you see it is a 80 gigs hard drive,
00:00
two gigabytes of memory and to network cards.
00:00
It looks very similar,
00:00
excluding the memory which a little bit higher.
00:00
We'll make those notes,
00:00
and it doesn't say which type of
00:00
frequency or hertz required for the CPU.
00:00
In this case we will go to one gigahertz.
00:00
Let's put one gig here for RAM,
00:00
it says two [NOISE] let's say two here here,
00:00
in this case is 80 gigabytes.
00:00
There's a lot of difference when it comes to resources.
00:00
But you've got a general idea
00:00
what it's required from each of these.
00:00
Now that you have the list completed,
00:00
one of the things I like to do is
00:00
try to be as organized as possible.
00:00
Right here, I will type firewalls
00:00
[NOISE] and I will merge and
00:00
center this and then we're still looking into
00:00
our next product right here.
00:00
Then we'll start building around that.
00:00
One thing you can start doing now if you want,
00:00
is you can start downloading the different tools.
00:00
For example, USP image.
00:00
You can download it and you can
00:00
do the same thing as you can see for IP fire here.
00:00
Let's go back to IP fire,
00:00
and you can download it and
00:00
go for a flash image.
00:00
That way you don't have to be downloading,
00:00
or using all the tools to be able to accomplish this,
00:00
and let's do the same thing for pfSense.
00:00
Here, go download, and then you
00:00
have 64 bit and installer.
00:00
You go USB, mem installer.
00:00
Then cancel PDA just in case and download.
00:00
Let's finish, wait for those to be finished.
00:00
That will basically be a wrap up for this lecture.
00:00
What you really learn is
00:00
tracking the resources require for an elaborate,
00:00
specifically for the firewalls.
00:00
We'll be doing this same thing for other tools,
00:00
and that will give us a general idea
00:00
how much RAM we'll need?
00:00
Or how many appliances you can put
00:00
in the device you require?
00:00
In my case, firewall is one of
00:00
the most important ones out there,
00:00
especially being next-generation firewalls.
00:00
If you go back down to that list,
00:00
we might not need a dedicated IP,
00:00
we might not need it a dedicated web proxy.
00:00
But it is very important
00:00
to consolidate if your resources are limited.
00:00
Most products out there,
00:00
such as Palo Alto,
00:00
Check Point, already
00:00
have this things integrated into them.
00:00
Having them in general as one
00:00
is not unrealistic and it's something to be expected.
00:00
I hope to see you soon.
00:00
In our next lesson, we'll be looking
00:00
>> at a different tool,
00:00
>> such as the web proxies or DSIMs, have a great day.
Up Next