I have been in the network & security space for more than a decade. As a network security engineer, security consultant, and now Founder & C TO at iCyber-Security Group, these products have served me well over the years in order to rise above the crowd.
Note that the list below is not sponsored or endorsed by those vendors. It is drawn from my own past experience and it is by no means the absolute truth. I am biased to the extent that I have grown to love the products, I list below over the years.
1. Routing & Switching Technologies
What: Cisco is the de-facto vendor for routing and switching with a big chunk of the enterprise market.
Why: Given the ubiquitous presence of Cisco routers and switches in the enterprise space it is worth spending the time to learn Cisco R&S well and gain a theoretical and practical knowledge of the product.
Where to start: Download a simulator like GNS3 or VIRL http://virl. cisco.com/ or Eve-NG: http://eve-ng.net
2. Firewall Technologies
What: Check Point Technologies is one of the most popular enterprise perimeter firewalls.
Why: The Check Point Firewall adoption remains high with Fortune 500 customers due to its simple and intuitive user interface as well as its powerful inspection engine. Certification and hands on expertise is very desirable.
Where to start: Start with Check Point R80 Firewall. It is available to download as a virtual appliance.
3. Intrusion Detection & Prevention Systems
What: Sourcefire is now part Cisco. Based on the Snort engine Sourcefire is the IPS/IDS of choice for many enterprise customers. With the recent Cisco acquisition it will continue to grow within the enterprise space.
Why: Sourcefire and Snort will teach you lots of tricks when it comes to intrusion detection and prevention going from simple cyber attacks protection to the most sophisticated defence tactics.
Where to start: Download a free version of Snort from here. Sourcefire trial is available here.
4. Secure Web Gateways
What: Clearswift is renowned for its MIMEsweeper Content Inspection Engine that protects email and web transactions against malware.
Why: As cyber security continues to be a major challenge for small and large organisations, protecting enterprise data at rest and in motion is hot topic.
Where to start: Start with the Clearswift SECURE Web Gateway. Request a demo and trial from here.
5. Application Delivery Controllers (ADC)
What: F5 Networks leads the Application Delivery Controllers (ADC) market. F5 most popular product is F5 LTM which helps enterprises to deliver “Applications Without Constraints”.
Why: ADCs are crucial for the delivery of Enterprise Apps in a fast, secure, and resilient manner. Since mobile apps now rule the world F5 ADCs demand will continue to grow.
Where to start: Start with the F5 LTM. Request a trial download from here.
6. Two-Factor Authentication
What: RSA is one of the leaders in enterprise two- factor authentication solutions.
Why: The increasing number of cyber attacks means security remains a hot topic. Strong authentication is still one of the most effective first line of defence against cyber criminals.
Where to start: Start with RSA SecurID. You can request a trial from here or contact me.
7. Operating Systems and APIs
What: Linux/Unix and derived flavours are the preferred operating system used as the ore engine of a lot of network and security devices as well as back office systems.
Why: Mastering Linux/Unix, APIs, and the CLI art will open you to a world of shell cripting, cyber security tools, and other technologies that are essential in order to master the network & security craft.
Where to start: Many flavours are available. I recommend Ubuntu as a starting point as it is friendly to beginners.
I set-up the iCyber-Academy because of the significant lack of skills, that I noticed as I went into companies to help their staff deal better with the technologies they were using to protect their businesses. Unfortunately more often, I observed this skill gap when I went into a client who had suffered a breach and the staff were unsure of how to contain the problem. I realised that despite being strong technicians the staff often struggled to have both a sound and fast reactive grasp of the technologies and tools they were using and the problem was getting worse as more tools being were bought to protect the companies on an ever wider basis.
Today, iCyber-Academy is one of the leading cyber-security training providers in Europe.
We provide an environment where elite consultants can learn, gain accreditation, get mentoring, network and open up additional opportunities to get billable work. Over 100 independent security consultants have been trained.
The same environment is available to Companies and over 100 companies have been trained, often on-site. Often our courses are delivered through recognised training companies such as Avnet and Arrow.
Our latest development is a 10 month programme (usually a week at a time or a couple of weekends a month) which provides an end-to- end full stack training program. This will allow your IT Security Staff and Consultants to acquire the necessary skills needed to take on any type of cyber-security project.
Each training session is a combination of theoretical knowledge, practical activities and real life case studies.
After completing the program, you will be able to deploy, implement, and architect Cyber-Security solutions, including products from leading Cyber-Security vendors such as F5 Networks, Clearswift, A10 Networks, Check Point, Juniper, RSA, ProofPoint, etc.
You will also have the opportunity to be part of a community of elite cyber-security experts, that can deliver expert level technical Professional Services at premium rates.
The Academy also offers shorter courses and is working toward unveiling for 2018 an online training environment. Our goal is to address the top end technical training needs, whilst many other worthy Government sponsored training initiatives target the entry level training skills.
The Full Stack Security Course
Our end-to-end full stack training program will allow you to acquire the skills needed to take on any type of cyber-security project. Each training session is a combination of theoretical knowledge, practical activities and real life case studies.
The training program is composed of 10 modules that can be taken independently or as part of the full package:
01. The Basics of Applications Security
02. How to Design Secure Networks & Applications
03. Web Applications Firewalls
04. Network Firewalls & IDS/IPS
05. Application Delivery Infrastructure – ADI
06. Global Traffic Management
07. Real-time Content Scanning – ICAP
08. Integrating ICAP & ADC
09. SSL Offloading
10. Designing and Building a Fully Integrated Cyber- Security Platform
After completing the program, you will be able to deploy, implement, and architect Cyber-Security solutions and you will have the opportunity to be part of a community of elite cyber-security experts, that can deliver expert level technical Professional Services at premium rates.
As stated earlier the programme is available through recognised training companies or companies can directly purchase the full stack course for their employees or independent consultants can take advantage of the Academy’s community membership programme to gain additional networking and mentoring opportunities.