Network Defense Strategies

Network Defense Strategies

Instructors: Ahmed Elhenedy

Access provided by L4G Solutions Private Limited

6 modules

Gain insight into a topic and learn the fundamentals.

Intermediate level

Recommended experience

7 hours to complete

Flexible schedule

Learn at your own pace

6 modules

Gain insight into a topic and learn the fundamentals.

Intermediate level

Recommended experience

7 hours to complete

Flexible schedule

Learn at your own pace

What you'll learn

Apply secure design using threat modeling, VLANs, subnetting, and layered zones to control traffic and reduce enterprise risk.
Implement ACLs and VPNs to regulate traffic by IP, protocol, port, and encrypt data across public/private networks.
Configure AAA with TACACS+ to manage admin access and monitor network activity for threat detection and response.
Apply advanced techniques to design and validate a secured enterprise network using integrated prior skills.

Details to know

Shareable certificate

Add to your LinkedIn profile

Assessments

4 assignments¹

AI Graded see disclaimer

Taught in English

See how employees at top companies are mastering in-demand skills

Learn more about Coursera for Business

logos of Petrobras, TATA, Danone, Capgemini, P&G and L'Oreal

There are 6 modules in this course

In today’s interconnected world, secure network design is essential to organizational resilience. As networks expand across offices, plants, and data centers, cyber threats increasingly exploit vulnerabilities such as misconfigurations, weak segmentation, and unmonitored systems. This course equips learners with the skills to design, implement, and manage secure network infrastructures at every stage of their lifecycle.

Through a balance of theory and hands-on labs, students will learn to apply principles like defense in depth, least privilege, segmentation, and zero trust. They will gain practical experience configuring VLANs, implementing firewalls and IDS/IPS, and deploying VPN technologies such as IPSec, SSL/TLS, and L2TP. Learners will also practice real-time traffic monitoring, log analysis, and SIEM integration to detect and respond to intrusions. Designed for aspiring network security professionals, system administrators, and IT managers, this course emphasizes scalable architectures, policy-driven operations, and continuous monitoring—preparing learners to protect modern enterprise networks against evolving threats.

In this course, you’ll learn how to design, implement, and manage secure network infrastructures that can withstand evolving cyber threats. You’ll focus on real-world applications such as network segmentation with VLANs, secure remote connectivity through VPNs, and proactive defense using firewalls, IDS/IPS, and SIEM systems. Through guided labs and hands-on configuration, you’ll gain the skills to build scalable, resilient networks, monitor traffic in real time, and apply layered security principles like zero trust and defense in depth—ensuring data integrity, confidentiality, and continuous protection across complex digital environments.

What's included

1 video1 reading

In this module, you’ll learn how to build secure network architectures from the ground up—starting with the foundational principles of network security and progressing to practical configuration of VLANs for segmentation and protection. You’ll explore key concepts such as the CIA triad, common cyberattack methods, and architectural design principles like defense in depth and least privilege. Through interactive lessons, hands-on VLAN labs, and demonstrations, you’ll gain the skills to design, implement, and secure segmented network environments that minimize attack surfaces and enhance organizational resilience.

What's included

10 videos1 reading1 assignment1 peer review1 discussion prompt

10 videosTotal 69 minutes

Module Introduction 1 minute
What is Network Security and Why It Matters7 minutes
Common Threats and Attack Vectors7 minutes
The CIA Triad and Security Design Principles 7 minutes
Security Zones and Segmentation8 minutes
The Role of Subnetting and Addressing in Security8 minutes
Introduction to VLANs and Network Isolation 8 minutes
Demo: VLAN Configuration on Switches 4 minutes
Demo: Inter-VLAN Routing and Trunking 8 minutes
VLAN Hopping Attacks and Mitigations 5 minutes

1 readingTotal 5 minutes

VLAN Best Practices and Security Tips for Cisco Business Routers 5 minutes

1 assignmentTotal 20 minutes

Network Security Fundamentals & Architecture 20 minutes

1 peer reviewTotal 10 minutes

Hands-On-Learning: Creating VLANs and Implementing Inter-VLAN Routing 10 minutes

1 discussion promptTotal 10 minutes

Designing for Security: What Matters Most?10 minutes

In this module, you’ll learn how to control who and what can access your network, secure data as it travels across untrusted environments, and harden network devices against unauthorized use. You’ll explore access control mechanisms like ACLs for filtering traffic, VPNs for encrypting communication, and secure authentication methods for device protection. Through real-world demonstrations, guided configurations, and hands-on labs, you’ll gain the skills to build, deploy, and manage secure access solutions that safeguard both internal and external network communications.

What's included

10 videos1 reading1 assignment1 peer review1 discussion prompt

10 videosTotal 54 minutes

Module Introduction 1 minute
What Are ACLs and Why They Matter5 minutes
Standard vs. Extended ACLs3 minutes
Applying ACLs to Interfaces and Traffic Flows 10 minutes
VPN Fundamentals and Encryption Concepts3 minutes
Demo: Site-to-Site vs. Remote-Access VPNs 6 minutes
VPN Protocols: IPSec, SSL, and L2TP 7 minutes
Demo: Creating User Accounts and Privilege Levels 4 minutes
Demo: Password Policies and Local Authentication 5 minutes
Securing Management Access with SSH and Console Restrictions 5 minutes

1 readingTotal 5 minutes

Cisco IOS XE Software Hardening Guide 5 minutes

1 assignmentTotal 20 minutes

Access Control, VPNs, and Device Security20 minutes

1 peer reviewTotal 10 minutes

Hands-On-Learning: Configuring and Applying Access Control Lists (ACLs) 10 minutes

1 discussion promptTotal 10 minutes

Overcoming Access Control Misconfiguration 10 minutes

In this module, you’ll learn how to centralize network authentication and gain full visibility into network activity through monitoring and analysis tools. You’ll configure AAA services using TACACS+ for secure and auditable user management, compare it with RADIUS, and implement centralized authorization policies. The module then guides you through traffic analysis and performance monitoring using Wireshark, NetFlow, and SNMP to detect anomalies and performance bottlenecks. Finally, you’ll integrate these insights into a layered defense strategy combining firewalls, IDS/IPS, and incident response to create a robust, proactive security posture.

What's included

10 videos1 reading1 assignment1 peer review1 discussion prompt

10 videosTotal 50 minutes

Module Introduction 1 minute
Understanding AAA: Authentication, Authorization, Accounting5 minutes
Demo: TACACS+ vs. RADIUS: What’s the Difference? 5 minutes
Configuring TACACS+ on Network Devices 3 minutes
Tools for Monitoring: Wireshark, NetFlow, and SNMP5 minutes
Packet Analysis and Intrusion Detection Basics5 minutes
Using Logs and Alerts to Detect Threats 5 minutes
Defense in Depth: Combining Controls5 minutes
Firewalls, IDS/IPS, and Honeypots5 minutes
Threat Response and Containment Techniques 6 minutes

1 readingTotal 5 minutes

AAA, TACACS+, and SSH: Secure Access Control Explained5 minutes

1 assignmentTotal 20 minutes

Centralized Authentication and Network Monitoring 20 minutes

1 peer reviewTotal 10 minutes

Hands-On-Learning: Configuring TACACS+ for Centralized Authentication 10 minutes

1 discussion promptTotal 10 minutes

Seeing the Network Clearly 10 minutes

In this module, you’ll learn how to secure wireless networks and bring together all your skills in a comprehensive network security project. You’ll explore wireless-specific vulnerabilities and defenses, including rogue access point detection, WPA2/WPA3 encryption, and secure segmentation using VLANs and ACLs. The module also introduces wireless intrusion prevention and enterprise-level monitoring practices. It concludes with a capstone project where you’ll design, configure, and audit a fully secured network—integrating wired, wireless, and remote access components into one cohesive, defense-in-depth architecture.

What's included

10 videos1 reading1 assignment1 peer review1 discussion prompt

10 videosTotal 51 minutes

Module Introduction 1 minute
Wireless Threats: Rogue APs, Eavesdropping, MITM4 minutes
WPA2 vs. WPA3 and Secure Authentication4 minutes
Segmenting Wireless Traffic with VLANs and ACLs 6 minutes
Detecting Rogue Access Points4 minutes
Demo: Wireless IDS/IPS and Monitoring Tools 5 minutes
Best Practices for Enterprise Wi-Fi Security 4 minutes
Demo: Planning a Secure Network from the Ground Up 5 minutes
Demo: Implementing VLANs, VPNs, and Access Controls 7 minutes
Final Review: Auditing and Defending the Full Environment 6 minutes

1 readingTotal 5 minutes

Top Wireless Network Security Best Practices5 minutes

1 assignmentTotal 20 minutes

Wireless Security, Operations & Final Project 20 minutes

1 peer reviewTotal 10 minutes

Hands-On-Learning: Segmenting Wireless Traffic with VLANs and ACLs 10 minutes

1 discussion promptTotal 10 minutes

Designing a Secure Wireless Environment 10 minutes

In this final section, you’ll synthesize your learning across access control, VPNs, centralized authentication, and wireless defense to build a complete enterprise security framework. You’ll complete a capstone project that challenges you to design, configure, and defend a fully secured network integrating VLANs, ACLs, VPNs, TACACS+, and monitoring tools. By applying your knowledge in a practical environment, you’ll demonstrate your ability to implement layered security, mitigate threats, and maintain resilient network operations across wired and wireless infrastructures.