Simple play icon Course

Network Analysis with pfSense

by Joe Abraham

pfSense provides network firewall, VPN, and other services to users and network operators. It offers IP and port blocking, VPN termination, and DHCP and DNS services. In this course, you'll learn to detect and block adversary activity using pfSense.

What you'll learn

Cyber attacks are hitting our networks daily, and some of them have become very advanced. Traditional firewalls can be used in order to help the process of detecting and blocking them. In this course, Network Analysis with pfSense, you’ll cover how to utilize pfSense to protect and detect against common attack and exfiltration techniques in an enterprise environment. First, you’ll demonstrate how to setup a decoy VPN server using pfSense to detect compromised accounts. Next, you’ll operate pfSense to block the use of alternate protocols by blocking unnecessary ports and protocols. Finally, you’ll analyze known anonymity and C2 networks and block them using pfSense’s DNS services. When you’re finished with this course, you’ll have the skills and knowledge to block and detect these techniques External Remove Services T1133, Exfiltration Over Alternative Protocol T1048, and Proxy: Multi-hop Proxy T1090.003 using pfSense.

About the author

Joe Abraham, CCIE #62417, is a Security Technical Solutions Architect working in the public sector space, assisting customers develop and implement functional and secure network architectures. He graduated from Excelsior College with an M.S. in Cybersecurity and a B.S. in Information Technology (Network Management). He currently holds many IT certifications to include CCIE, CISSP, GSEC, and CCNP Security. He is also a member of the GIAC Advisory Board. Joe is a mentor to IT professionals and a b... more

Ready to upskill? Get started