Network Defense Strategies
Ends soon! Keep adding new skills with 10,000+ programs for $239 (usually $399). Save now.
Ask Coursera
Recommended experience
Recommended experience
What you'll learn
Apply secure design using threat modeling, VLANs, subnetting, and layered zones to strengthen network defense and reduce enterprise risk.
Implement ACLs and VPNs using proven network security strategies to regulate traffic and encrypt data across networks.
Configure AAA with TACACS+ to manage secure access and support effective cyber network defense monitoring and threat detection.
Apply advanced network defense strategies to design and validate secure enterprise network infrastructures using integrated skills.
Skills you'll gain
- Network Security
- Security Controls
- Network Engineering
- Security Information and Event Management (SIEM)
- Remote Access Systems
- Cyber Security Strategy
- Continuous Monitoring
- Intrusion Detection and Prevention
- Virtual Local Area Network (VLAN)
- Network Architecture
- Authentications
- Network Monitoring
- IT Security Architecture
- Virtual Private Networks (VPN)
- Incident Response
- Network Administration
- Network Planning And Design
- Cybersecurity
- Threat Detection
Tools you'll learn
Details to know
See how employees at top companies are mastering in-demand skills
There are 6 modules in this course
In today’s interconnected world, strong network defense and secure infrastructure design are essential for organizational resilience. As enterprise networks expand across offices, plants, cloud environments, and data centers, cyber threats increasingly exploit vulnerabilities such as weak segmentation, misconfigurations, and unmonitored systems. This course equips learners with the practical skills needed to design, implement, and manage secure network infrastructures using modern network defense strategies and proven network security methods.
Through a combination of theory and hands-on labs, learners will explore core network defense fundamentals and apply industry-recognized cybersecurity best practices such as defense in depth, least privilege, segmentation, and zero trust. Participants will gain practical experience in securing a network through VLAN configuration, firewall implementation, IDS/IPS deployment, and VPN technologies including IPSec, SSL/TLS, and L2TP. The course also emphasizes modern cyber defense strategy techniques, including real-time traffic monitoring, SIEM integration, log analysis, intrusion detection, and continuous monitoring for effective cyber network defense. Learners will understand how to improve network security and strengthen enterprise resilience against evolving cyber threats. Designed for aspiring network security professionals, system administrators, and IT managers, this practical network defense course focuses on scalable architectures, policy-driven operations, and advanced network security strategies to help organizations secure modern enterprise environments effectively.
In this course, you’ll learn how to design, implement, and manage secure network infrastructures that can withstand evolving cyber threats. You’ll focus on real-world applications such as network segmentation with VLANs, secure remote connectivity through VPNs, and proactive defense using firewalls, IDS/IPS, and SIEM systems. Through guided labs and hands-on configuration, you’ll gain the skills to build scalable, resilient networks, monitor traffic in real time, and apply layered security principles like zero trust and defense in depth—ensuring data integrity, confidentiality, and continuous protection across complex digital environments.
What's included
1 video1 reading
1 video•Total 4 minutes
- Intro Video to Course •4 minutes
1 reading•Total 5 minutes
- Welcome to the Course: Course Overview•5 minutes
In this module, you’ll learn how to build secure network architectures from the ground up—starting with the foundational principles of network security and progressing to practical configuration of VLANs for segmentation and protection. You’ll explore key concepts such as the CIA triad, common cyberattack methods, and architectural design principles like defense in depth and least privilege. Through interactive lessons, hands-on VLAN labs, and demonstrations, you’ll gain the skills to design, implement, and secure segmented network environments that minimize attack surfaces and enhance organizational resilience.
What's included
10 videos1 reading1 assignment1 peer review1 discussion prompt
10 videos•Total 69 minutes
- Module Introduction •2 minutes
- What is Network Security and Why It Matters•8 minutes
- Common Threats and Attack Vectors•8 minutes
- The CIA Triad and Security Design Principles •8 minutes
- Security Zones and Segmentation•9 minutes
- The Role of Subnetting and Addressing in Security•9 minutes
- Introduction to VLANs and Network Isolation •9 minutes
- Demo: VLAN Configuration on Switches •4 minutes
- Demo: Inter-VLAN Routing and Trunking •8 minutes
- VLAN Hopping Attacks and Mitigations •5 minutes
1 reading•Total 5 minutes
- VLAN Best Practices and Security Tips for Cisco Business Routers •5 minutes
1 assignment•Total 20 minutes
- Network Security Fundamentals & Architecture •20 minutes
1 peer review•Total 10 minutes
- Hands-On-Learning: Creating VLANs and Implementing Inter-VLAN Routing •10 minutes
1 discussion prompt•Total 10 minutes
- Designing for Security: What Matters Most?•10 minutes
In this module, you’ll learn how to control who and what can access your network, secure data as it travels across untrusted environments, and harden network devices against unauthorized use. You’ll explore access control mechanisms like ACLs for filtering traffic, VPNs for encrypting communication, and secure authentication methods for device protection. Through real-world demonstrations, guided configurations, and hands-on labs, you’ll gain the skills to build, deploy, and manage secure access solutions that safeguard both internal and external network communications.
What's included
10 videos1 reading1 assignment1 peer review1 discussion prompt
10 videos•Total 54 minutes
- Module Introduction •2 minutes
- What Are ACLs and Why They Matter•5 minutes
- Standard vs. Extended ACLs•3 minutes
- Applying ACLs to Interfaces and Traffic Flows •10 minutes
- VPN Fundamentals and Encryption Concepts•4 minutes
- Demo: Site-to-Site vs. Remote-Access VPNs •6 minutes
- VPN Protocols: IPSec, SSL, and L2TP •8 minutes
- Demo: Creating User Accounts and Privilege Levels •5 minutes
- Demo: Password Policies and Local Authentication •6 minutes
- Securing Management Access with SSH and Console Restrictions •6 minutes
1 reading•Total 5 minutes
- Cisco IOS XE Software Hardening Guide •5 minutes
1 assignment•Total 20 minutes
- Access Control, VPNs, and Device Security•20 minutes
1 peer review•Total 10 minutes
- Hands-On-Learning: Configuring and Applying Access Control Lists (ACLs) •10 minutes
1 discussion prompt•Total 10 minutes
- Overcoming Access Control Misconfiguration •10 minutes
In this module, you’ll learn how to centralize network authentication and gain full visibility into network activity through monitoring and analysis tools. You’ll configure AAA services using TACACS+ for secure and auditable user management, compare it with RADIUS, and implement centralized authorization policies. The module then guides you through traffic analysis and performance monitoring using Wireshark, NetFlow, and SNMP to detect anomalies and performance bottlenecks. Finally, you’ll integrate these insights into a layered defense strategy combining firewalls, IDS/IPS, and incident response to create a robust, proactive security posture.
What's included
10 videos1 reading1 assignment1 peer review1 discussion prompt
10 videos•Total 50 minutes
- Module Introduction •2 minutes
- Understanding AAA: Authentication, Authorization, Accounting•5 minutes
- Demo: TACACS+ vs. RADIUS: What’s the Difference? •5 minutes
- Configuring TACACS+ on Network Devices •3 minutes
- Tools for Monitoring: Wireshark, NetFlow, and SNMP•6 minutes
- Packet Analysis and Intrusion Detection Basics•6 minutes
- Using Logs and Alerts to Detect Threats •6 minutes
- Defense in Depth: Combining Controls•6 minutes
- Firewalls, IDS/IPS, and Honeypots•6 minutes
- Threat Response and Containment Techniques •6 minutes
1 reading•Total 5 minutes
- AAA, TACACS+, and SSH: Secure Access Control Explained•5 minutes
1 assignment•Total 20 minutes
- Centralized Authentication and Network Monitoring •20 minutes
1 peer review•Total 10 minutes
- Hands-On-Learning: Configuring TACACS+ for Centralized Authentication •10 minutes
1 discussion prompt•Total 10 minutes
- Seeing the Network Clearly •10 minutes
In this module, you’ll learn how to secure wireless networks and bring together all your skills in a comprehensive network security project. You’ll explore wireless-specific vulnerabilities and defenses, including rogue access point detection, WPA2/WPA3 encryption, and secure segmentation using VLANs and ACLs. The module also introduces wireless intrusion prevention and enterprise-level monitoring practices. It concludes with a capstone project where you’ll design, configure, and audit a fully secured network—integrating wired, wireless, and remote access components into one cohesive, defense-in-depth architecture.
What's included
10 videos1 reading1 assignment1 peer review1 discussion prompt
10 videos•Total 51 minutes
- Module Introduction •2 minutes
- Wireless Threats: Rogue APs, Eavesdropping, MITM•5 minutes
- WPA2 vs. WPA3 and Secure Authentication•4 minutes
- Segmenting Wireless Traffic with VLANs and ACLs •7 minutes
- Detecting Rogue Access Points•5 minutes
- Demo: Wireless IDS/IPS and Monitoring Tools •6 minutes
- Best Practices for Enterprise Wi-Fi Security •5 minutes
- Demo: Planning a Secure Network from the Ground Up •5 minutes
- Demo: Implementing VLANs, VPNs, and Access Controls •7 minutes
- Final Review: Auditing and Defending the Full Environment •6 minutes
1 reading•Total 5 minutes
- Top Wireless Network Security Best Practices•5 minutes
1 assignment•Total 20 minutes
- Wireless Security, Operations & Final Project •20 minutes
1 peer review•Total 10 minutes
- Hands-On-Learning: Segmenting Wireless Traffic with VLANs and ACLs •10 minutes
1 discussion prompt•Total 10 minutes
- Designing a Secure Wireless Environment •10 minutes
In this final section, you’ll synthesize your learning across access control, VPNs, centralized authentication, and wireless defense to build a complete enterprise security framework. You’ll complete a capstone project that challenges you to design, configure, and defend a fully secured network integrating VLANs, ACLs, VPNs, TACACS+, and monitoring tools. By applying your knowledge in a practical environment, you’ll demonstrate your ability to implement layered security, mitigate threats, and maintain resilient network operations across wired and wireless infrastructures.
What's included
1 video1 peer review
1 video•Total 3 minutes
- Course Wrap-up Video •3 minutes
1 peer review•Total 60 minutes
- Project: Designing and Defending a Complete Enterprise Network •60 minutes
Instructors
Offered by
Explore more from Security
- Status: Free Trial
Course
- Status: Free TrialC
Cisco Learning and Certifications
Course
- Status: Free Trial
Course
- Status: Free TrialT
Total Seminars
Course
Why people choose Coursera for their career
Frequently asked questions
You’ll learn how to apply modern network defense strategies, secure enterprise networks, configure firewalls and VPNs, and implement layered network security controls.
Network defense involves protecting enterprise networks from cyber threats using technologies, policies, monitoring systems, and proactive cyber defense strategy techniques.
You’ll gain hands-on experience with VLANs, ACLs, IDS/IPS, VPNs, SIEM integration, traffic monitoring, and other essential network security methods.
More questions
Financial aid available,
¹ Some assignments in this course are AI-graded. For these assignments, your data will be used in accordance with Coursera's Privacy Notice.