About Me
MikroTik Certified Network Associate (MTCNA)
1 Introduction to Networking
1-1 Basic Networking Concepts
1-2 OSI Model
1-3 TCPIP Model
1-4 IP Addressing
1-5 Subnetting
2 Introduction to MikroTik RouterOS
2-1 RouterOS Overview
2-2 RouterOS Installation
2-3 RouterOS Licensing
2-4 RouterOS Interface Overview
2-5 RouterOS Command Line Interface (CLI)
2-6 RouterOS Graphical User Interface (GUI)
3 Basic Router Configuration
3-1 Router Identification
3-2 Interface Configuration
3-3 IP Address Assignment
3-4 Default Gateway Configuration
3-5 DNS Configuration
3-6 Basic Firewall Configuration
4 Routing
4-1 Static Routing
4-2 Dynamic Routing Protocols
4-3 OSPF Configuration
4-4 BGP Configuration
4-5 Policy-Based Routing
5 Network Address Translation (NAT)
5-1 Introduction to NAT
5-2 Basic NAT Configuration
5-3 Port Address Translation (PAT)
5-4 One-to-One NAT
5-5 Hairpin NAT
6 Firewall and Security
6-1 Firewall Basics
6-2 Firewall Rules Configuration
6-3 NAT Rules Configuration
6-4 Traffic Shaping and QoS
6-5 VPN Basics
6-6 IPsec VPN Configuration
7 Wireless Networking
7-1 Wireless Basics
7-2 Wireless Interface Configuration
7-3 Wireless Security
7-4 Wireless Bridging
7-5 Wireless Access Point Configuration
8 Advanced Topics
8-1 VLAN Configuration
8-2 DHCP Server Configuration
8-3 DHCP Relay Configuration
8-4 PPPoE Server Configuration
8-5 PPPoE Client Configuration
8-6 Hotspot Configuration
8-7 Load Balancing
8-8 High Availability (Failover)
9 Troubleshooting and Maintenance
9-1 Basic Troubleshooting Techniques
9-2 Log Analysis
9-3 Backup and Restore
9-4 Firmware Updates
9-5 System Monitoring
10 Practical Exercises
10-1 Basic Router Configuration Exercise
10-2 Static Routing Exercise
10-3 NAT Configuration Exercise
10-4 Firewall Configuration Exercise
10-5 Wireless Configuration Exercise
10-6 Advanced Configuration Exercise
10-7 Troubleshooting Exercise
6-1 Firewall Basics Explained

6-1 Firewall Basics Explained

Firewalls are essential components of network security, acting as barriers between a trusted internal network and untrusted external networks such as the internet. Understanding firewall basics is crucial for the MikroTik Certified Network Associate (MTCNA) certification.

Key Concepts

1. Firewall Overview

A firewall is a network security device that monitors and controls incoming and outgoing network traffic based on predetermined security rules. It acts as a filter, allowing or blocking data packets based on the rules set by the network administrator.

2. Firewall Types

There are several types of firewalls, including:

3. Firewall Rules

Firewall rules define the conditions under which a packet is allowed or denied. These rules are based on criteria such as source IP address, destination IP address, protocol, port number, and action (allow or deny).

4. Firewall Chains

Firewall chains are sequences of rules that packets traverse. Common chains include:

Detailed Explanation

Firewall Overview

Firewalls operate at various layers of the OSI model, from the network layer to the application layer. They analyze packets based on predefined rules to determine whether they should be allowed to pass through or blocked.

Firewall Types

Packet filtering firewalls are the simplest and operate at the network layer. Stateful inspection firewalls provide more security by tracking the state of connections. Application layer firewalls offer the highest level of protection by inspecting data at the application level.

Firewall Rules

Firewall rules are created by network administrators to control traffic. For example, a rule might allow HTTP traffic (port 80) from a specific IP address while denying all other traffic. Rules are evaluated in order, and the first matching rule determines the action taken.

Firewall Chains

Firewall chains are used to manage different types of traffic. The input chain handles packets destined for the firewall itself, the output chain handles packets generated by the firewall, and the forward chain handles packets passing through the firewall.

Examples and Analogies

Example: Firewall Overview

Think of a firewall as a security guard at a building entrance. The guard checks each person (packet) against a list of rules (firewall rules) to decide whether they can enter (allow) or not (deny).

Example: Firewall Types

Consider a packet filtering firewall as a basic security checkpoint that only checks the ID (source and destination IP addresses) of each person. A stateful inspection firewall is like a checkpoint that also checks the person's purpose (connection state). An application layer firewall is like a checkpoint that inspects the contents of the person's bag (application data).

Example: Firewall Rules

Imagine a firewall rule as a sign at a gate that says, "Only allow cars with license plates starting with 'ABC' to enter." This rule would allow certain cars (packets) to pass while blocking others.

Example: Firewall Chains

Think of firewall chains as different lanes at a toll booth. The input chain is like the lane for cars entering the toll booth, the output chain is like the lane for cars leaving the toll booth, and the forward chain is like the lane for cars passing through the toll booth without stopping.

By mastering firewall basics, you can effectively protect your network from unauthorized access and malicious traffic, ensuring a secure and reliable network environment.

© 2024 Ahmed Baheeg Khorshid. All rights reserved.