No video
Next Generation Firewalls (NGFWs) | Cisco CCNA 200-301
What is a Next Generation Firewall, and why are they used? Find out in this video now.
Enjoy, Like, and Subscribe. 😃
Free KZread Playlists from Keith:
▶ Master Playlist for Cisco CCNA 200-301 ogit.online/sloth
🔐 Cisco CCNA 200-301 Security ogit.online/200-301_Security
💻 Cisco CCNA 200-301 IPv4 Subnetting ogit.online/subnet
💬 Join our Discord server (free) ogit.online/Join_OGIT_on_Discord
🏪 Keith Barker Amazon Affiliate Store www.amazon.com/shop/keithbarker
And…
🏫 Keith’s Content at CBT Nuggets ogit.online/Keith-CBT
#KeithBarker #CCNA #200-301
Пікірлер: 104
Your videos are actually getting better and better and i didn't even think that was possible. These are great
@KeithBarker
2 жыл бұрын
Thank you Don Neto!
this is funny Keith has been my teacher for the long time and we dont even know each other :D, got all the way to my CCNPs with him and Jeremy Cioara. I would love to meet those guys in real world.
@KeithBarker
Жыл бұрын
Thank you CMD Tech! Next time you are in Vegas, ping me.
High Quality Content + High Quality Expert + High Quality Mentor +++ == Keith Barker
@KeithBarker
2 жыл бұрын
Thank you Nerses Avakyan!
The best video I have ever watched, explaining with graphics, simplifying the terms and showing the related demo are just making it much easier to understand and remember. Thank you so much. Really appreciate it!
@KeithBarker
Жыл бұрын
Happy to do it, thanks for the feedback kaiyu lee.
The visuals really help with understanding the theory. Thanks again Keith!
@KeithBarker
2 жыл бұрын
Thank you Cycle of 7's!
Man, this is a wonderful networking video. It finally clicks for me.
@KeithBarker
2 жыл бұрын
Congratulations B P❗ So great to hear. Best wishes on your continued success.
Hallelujah!
you changed my life keith. May the odds be ever in your favor
@KeithBarker
Жыл бұрын
Thank You So Much!
great content, simplified and easy to understand and to remember
@KeithBarker
2 жыл бұрын
Thank you ccna lab!
Thanks Keith. Very helpful video!
Thanks Keith. That was a great tutorial. Keep up the good work
@KeithBarker
2 жыл бұрын
Thanks, will do!
Studio is looking GREAT! Thnx for sharing this important info!! - Ramsey
@KeithBarker
2 жыл бұрын
Thank you ramdogproductions!
Very helpful and useful. Thanks Keith.
@KeithBarker
2 жыл бұрын
Thank you Akintola Michael!
great nugget you are definitely the OG of IT :)
@KeithBarker
2 жыл бұрын
Thank you Pedro Gonzalez!
Thank you so much!!, It was super beneficial
@KeithBarker
Жыл бұрын
Happy to do it, thanks for the feedback M A.
thanks this is so great
@KeithBarker
Жыл бұрын
Thank you Abiodun Samuel!
Really excellent explanations thank you!
@KeithBarker
Жыл бұрын
Thank you Kieran O!
I started watching your videos. Thank you Keith
@KeithBarker
Жыл бұрын
Thank you Matthew567!
Thanks Keith. Very Helpfull video :)
@KeithBarker
2 жыл бұрын
Glad it was helpful!
Very good explanation.
@KeithBarker
2 жыл бұрын
Thank you Popescu Silviu!
Thank you
@KeithBarker
2 жыл бұрын
You're welcome
Fire video!
@KeithBarker
2 жыл бұрын
Thank You!
Very cool and good video on NGFWs
@KeithBarker
Жыл бұрын
Thank you for the question Patrik Mansuri.
Thanks.
@KeithBarker
2 жыл бұрын
You're welcome
hey keith I really admire you and I want to thank you so much you are explain those concepts really good and clear. could you make a video LAB about FHRP with vlans?
@KeithBarker
2 жыл бұрын
Thank you or itzhak!
thank you keith for this awesome tutorial , i wish to provide us more advanced courses on fortinet FG firewall if it is possible .
@KeithBarker
2 жыл бұрын
Thank you for the feedback, and the request. Most of my FG content is up at CBT Nuggets. I may be making a few more FG vids here on KZread, time will tell. Thanks again.
Very nice, my friend. :)
@KeithBarker
2 жыл бұрын
Thank you! Cheers!
I love you Keith
@KeithBarker
2 жыл бұрын
Thank you J T!
Thanks Keith so much for the session .. can i know what kind of pin/tab u r using for hand notes and what software u r using for the notes, i like the font and how clear ur hand notes ?
@KeithBarker
2 жыл бұрын
Thank you for the question Yasser Saied. I use a Wacom screen, which supports a pen. I also use EpicPen software, for the pen work.
awesome video
@KeithBarker
Жыл бұрын
Thank you Kyle Wankin!
@brunoblatief
Жыл бұрын
@@KeithBarker can you give a link for packet tracers on this topic? i would really like to explore firewalls more
Cisco NGFW uses a Linux (Lina) engine which is run on top of the Cisco code in FTD's, the problem in my experience is that in an FTD device you cannot use "normal" or should I say conventional commands in the ngfw to make configuration changes. Everything is done in the Firepower Management Console. You can only view the current running config in expert mode. That's a huge problem. What if I am unable to reach the firewall to deploy a configuration change from the FMC however, I am at the console with a db9 attached?. Then it becomes a pain in the arse. Cisco or any other NGFW developer should implement a way to configure AND manage the firewalls both remotely through deployment AND locally further, at a minimum we should be able to make simple switch port changes using conventional ASA commands i.e. config - t etc
Im a new network admin and we just got the new ftds to deploy. We're replacing our ASAs im pretty nervous.
One of the greatest and the most comprehensive tutorial I've ever seen. Thank you Keith!
@KeithBarker
2 жыл бұрын
Wow, thanks!
Hi Keith, I couldn't find the practice lab on your website for 2-Tier and 3-Tier. could you send me the link to download it please?
Love your videos! Maybe mention that in the EU you can't just implement https inspection without permission from HR/management. You can land you company in a very bad place with that.
@konefine3626
2 жыл бұрын
Check out for complet ccnp and ccie playlist, this man is also good in teaching and he is a well experienced prof like Keith kzread.info
@KeithBarker
Жыл бұрын
Thank you for the suggestion Michele Klau❗
@markarca6360
Жыл бұрын
Is it as per the EU GDPR?
@23poiuz
Жыл бұрын
The explicit permission by the individual user (!) is required. If the user is an employee, the employee contract must have appropriate text. Otherwise there is no effective user agreement wrt GPDR, and management will be liable. As a user, even of a company owned device, I expect HTTPS to be secure and not monitored other than by the target website. Also, NGFWs are misnamed: they are TLS interception intermediaries aka wiretaps. Which is ok, if I'm being made aware and explicitly and freely agree.
Could you add a few comments regarding the placement of the firewall? Specifically, since it can do routing and NAT, what advantages / disadvantages there are to placing the firewall before an edge router vs. replacing the edge router with the firewall itself. In the last two companies that I worked at the edge device was a firewall (Cisco ASA and Palo Alto, respectively) at each office; there were no dedicated routers.
@mdbruin8143
2 жыл бұрын
I don't know every single pros or cons of the placement, but I picked up some of them. With a dedicated router Pros Sharing the load, on the internet side there are a lot of things happening. Take for example port scans. When you have a dedicated router that will be handled by the router. This means that the firewall can scans all traffic without the noise of the internet. Also security wise are more devices, more secure if configured correctly. If a intruder needs to get access to one device or to several devices. It's more difficult and time consuming to get access to several devices, which gives a higher chance of detection. Cons Higher price because more devices Double NAT (which can also be a pro because of obscurity) Without a router Pros Lower cost No double NAT Cons Internet traffic can fill up the logs, which makes monitoring more difficult One device to handle the security. Some parts of this you need to know for the CCNA, but most of it is a higher level of certification. CCNA is more basic understanding the Cisco technology.
@KeithBarker
2 жыл бұрын
Thank you!
@kenstoudamire7366
Жыл бұрын
Having an edge router don't mean you need to double Nat....you can have point to point and workload public IPs
Can we get a video series for FTD and FMC Pls
Are NGFWs the equivalent of Firepower ? How does it fare against Fortigate ?
@KeithBarker
2 жыл бұрын
Thank you for the question David Chang. There are a few vendors who have NGFW offerings, including: Cisco (Firepower Threat Defense (FTD)) FortiNet (FortiGates) Check Point Palo Alto (and there are more vendors as well, but those are the ones that come to mind first). They all have very similar NGFW features.
I see in the picture that there's 2 routers and a NGFW. can a NGFW be a router? or is it always a seperate piece of gear / VM
@KeithBarker
2 жыл бұрын
Thank you for the question stuart duperron. Most firewalls are L3 routers (in addition to the firewall services). Most firewalls are physical appliances (devices) do to needing dedicated hardware and circuits to do all the work very fast. Having said that, most vendors also offer a virtualized version of their firewalls as well. Examples would be for use in cloud networking such as Azure or AWS.
What is the difference between NGFW and UTM?
@KeithBarker
2 жыл бұрын
Thank you for the question Hugo Teixeira. NGFWs are an example of a Unified Threat Management (UTM) system.
How do you not have more subscribers....
@KeithBarker
2 жыл бұрын
Thank you Gato Libero!
What's the cheapest way to get hands on with this
@KeithBarker
2 жыл бұрын
Thank you for the suggestion Saibot❗ Cisco's Firepower Threat Defense FTD and their Firepower Management Center (FMC) both provide 90 day evaluations for the VMs, with most of the features enabled, without having to register them or purchase licenses.
Good video. Fast audio.
@KeithBarker
2 жыл бұрын
Sorry for that
It seems WSA and NGFW both have the same features... why having two products we the same functionalities?
@KeithBarker
2 жыл бұрын
Thank you for the question Javier Anaya Pacheco. I think the answer is both $$$, as well as having specific products to fit specific needs.
Thank you sir, can you create a packet tracer lab on this topic sir.
@KeithBarker
2 жыл бұрын
Thank you for the question Md. Parvez Limon. Packet Tracer doesn't have most of the NGFW features available in that emulation tool yet. Perhaps someday it will.
@md.parvezlimon9263
2 жыл бұрын
@@KeithBarker thank you sir, I am learning many things from you. you are great.
You are gorgeous!
@KeithBarker
2 жыл бұрын
Thank you The Future For Me!
Let me see if i got this straight; So they invented a series of buzzwords to confuse people while they develop a technology capable of decrypting traffic to monitor their employees because they don't trust them?
Cisco has NGFWs?
@KeithBarker
Жыл бұрын
Thank you for the question Chris F. The Cisco Firepower line is a NGFW solution.
You don't need NAT IF you have public addresses, like you should have in IPv6. But still, at work our machines have public IPv4 addresses, so we do not need the ugly NAT hack. But each public IPv4 address is EXPENSIVE, compare to IPv6.
@KeithBarker
2 жыл бұрын
Thank you Anders Jackson!
Next-gen Firewall, more like Next-gen disaster. Don’t ever buy Cisco’s firewall device.
@yihadsamir1368
2 жыл бұрын
why
@GamjaField
2 жыл бұрын
@@yihadsamir1368 it’s pain in the ass to manage, their software is full of bugs as well.
@rockinron5113
7 ай бұрын
And juniper. The flakiest of them all.
Good explanation but you need to speak slower.
@KeithBarker
2 жыл бұрын
Sorry for that