Course Information: Project-Based Senior College level

In this Secure Network Design and Defense hands-on course, students will work on a semester-long project designing a secure network infrastructure and implement security policies. Students will learn the basics of network security, layered approach to defense, access control, and configurations of firewalls, domain-based networks (client/server), and HIDS/NIDS.  The course also covers the basics of defending a network, and the tools and techniques that can be used to protect a network and communication assets from cyberthreats.

Course Outcomes

After completing this course, students will be able to:

  • Describe the key concepts in network defense (defense-in-depth, minimizing exposure, etc.).
  • Develop a secure network infrastructure that includes various Operating Systems, Network Access Controls, DMZ, Web/Proxy servers, VPN, etc.
  • Deploy and configure network defense tools (Firewalls, HIDS/NIDS, Honeypots, etc.) to defend against attacks and mitigate vulnerabilities.
  • Analyze and develop security policies that can be implemented on systems to protect a network.
  • Evaluate how network operational procedures are related to network security.


Network Defense and Countermeasures: Pearson 3rd Edition William (Chuck) Easttom, ISBN-10: 0-13-489306-9--ISBN-13: 978-0-13-489306-8


Windows, Mac OS or Linux computer with VMware or HyperV- Minimum 16GB of memory and i7 or faster processor

You can use open source materials for the class. If your school is a partner of the following academies you can use the student resources available to you to work on the hands-on activities. (I will be using Microsoft, PaloAlto, VMware and Opensource tools in my demonstrations)

  • Microsoft Azure Dev Tools for Teaching:
  • PaloAlto CyberSecurity Academy:
  • VMware IT academy:

Created by: Deep Ramanayake