Thank you @matthewcardinal4186!

Thank You So Much!

Thank you Don Neto!

Thank you Nerses Avakyan!

Thank you CMD Tech! Next time you are in Vegas, ping me.

I have been watching since 2009 , it looks like I always knew these guys ( Keith and Jeremy) . I got my first networking job thanks to all the stuff I leaned from these guys, I am able to pay forward by teaching others. It was a far cry from driving cab, delivering pizza to senior network engineer for DOD , all kudos to these guys. Keith, you might not know it, but understand you have impacted so many lives in good way. My family 's life changed and also I was able to change two families 's lives thanks to Keith !!

Happy to do it, thanks for the feedback kaiyu lee.

Congratulations B P❗ So great to hear. Best wishes on your continued success.

Thank you Cycle of 7's!

Wow, thanks!

Thank you ramdogproductions!

Thank you Matthew567!

Thank you ccna lab!

Thanks, will do!

Thank you Pedro Gonzalez!

Happy to do it, thanks for the feedback M A.

Thank you for the question Patrik Mansuri.

Thank you Kieran O!

Thank you Akintola Michael!

Thank you Popescu Silviu!

I don't know every single pros or cons of the placement, but I picked up some of them. With a dedicated router Pros Sharing the load, on the internet side there are a lot of things happening. Take for example port scans. When you have a dedicated router that will be handled by the router. This means that the firewall can scans all traffic without the noise of the internet. Also security wise are more devices, more secure if configured correctly. If a intruder needs to get access to one device or to several devices. It's more difficult and time consuming to get access to several devices, which gives a higher chance of detection. Cons Higher price because more devices Double NAT (which can also be a pro because of obscurity) Without a router Pros Lower cost No double NAT Cons Internet traffic can fill up the logs, which makes monitoring more difficult One device to handle the security. Some parts of this you need to know for the CCNA, but most of it is a higher level of certification. CCNA is more basic understanding the Cisco technology.

Thank you!

Having an edge router don't mean you need to double Nat....you can have point to point and workload public IPs

Check out for complet ccnp and ccie playlist, this man is also good in teaching and he is a well experienced prof like Keith kzbin.info

Thank you for the suggestion Michele Klau❗

Is it as per the EU GDPR?

The explicit permission by the individual user (!) is required. If the user is an employee, the employee contract must have appropriate text. Otherwise there is no effective user agreement wrt GPDR, and management will be liable. As a user, even of a company owned device, I expect HTTPS to be secure and not monitored other than by the target website. Also, NGFWs are misnamed: they are TLS interception intermediaries aka wiretaps. Which is ok, if I'm being made aware and explicitly and freely agree.

Thank you for the question Yasser Saied. I use a Wacom screen, which supports a pen. I also use EpicPen software, for the pen work.

Glad it was helpful!

Thank you Abiodun Samuel!

Thank You!

Thank you J T!

Thank you for the feedback, and the request. Most of my FG content is up at CBT Nuggets. I may be making a few more FG vids here on KZbin, time will tell. Thanks again.

Thank you or itzhak!

Thank you for the question David Chang. There are a few vendors who have NGFW offerings, including: Cisco (Firepower Threat Defense (FTD)) FortiNet (FortiGates) Check Point Palo Alto (and there are more vendors as well, but those are the ones that come to mind first). They all have very similar NGFW features.

You're welcome

You're welcome

Thank you Kyle Wankin!

@@KeithBarker can you give a link for packet tracers on this topic? i would really like to explore firewalls more

Thank you for the question stuart duperron. Most firewalls are L3 routers (in addition to the firewall services). Most firewalls are physical appliances (devices) do to needing dedicated hardware and circuits to do all the work very fast. Having said that, most vendors also offer a virtualized version of their firewalls as well. Examples would be for use in cloud networking such as Azure or AWS.

Thank you for the question Hugo Teixeira. NGFWs are an example of a Unified Threat Management (UTM) system.

Thank you for the suggestion Saibot❗ Cisco's Firepower Threat Defense FTD and their Firepower Management Center (FMC) both provide 90 day evaluations for the VMs, with most of the features enabled, without having to register them or purchase licenses.

Thank you! Cheers!

Thank you Gato Libero!

Thank you for the question Javier Anaya Pacheco. I think the answer is both $$$, as well as having specific products to fit specific needs.

Thank you for the question Md. Parvez Limon. Packet Tracer doesn't have most of the NGFW features available in that emulation tool yet. Perhaps someday it will.

@@KeithBarker thank you sir, I am learning many things from you. you are great.

Thank you The Future For Me!

Thank you for the question Chris F. The Cisco Firepower line is a NGFW solution.

Thank you Anders Jackson!

why

@@yihadsamir1368 it’s pain in the ass to manage, their software is full of bugs as well.

And juniper. The flakiest of them all.

Sorry for that