Visual training materials to understand IT / firewall & data transfer security.

At work I often have to liaise with the security and network team to get firewall permissions approved and there are always delays as they have to liaise with the suppliers about their connection methods, ports, standards etc.  I would like to understand this more so I can ask suppliers about the flow of data at an earlier point in time to reduce delays.

I have a reasonable IT background but when it comes to all of the security based terminology I get confused.  I am aware that different standards such as TLS change over time but not what it means or it's impact / implementation.

For simple example, how is port 123 more secure than port 456 and how does the port number stop unauthorised access?  In basic terms I understand that when using FTP the data is transferred in plain text but using SFTP the data is encrypted and assume other standards work in different ways at different levels of encryption.

Can anyone recommend maybe some good online interactive demos on these topics or even online courses to help me understand the concept of security.  I am more of a visual learner but in this case don;t have access at that level.
Matthew EmeryHomeAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Justin EvansCommented:
I recommend you get the CCNP Security SISAS 300-208 official Cert guide.

This is going to give you everything you need,  good luck.  

Kind Regards

btanExec ConsultantCommented:
Similar to FTP example, the most common is HTTP (80) vs HTTPS (443). The more secure port is normally the firewall will allow as compared to the plain version. However that said that doesnt mean 443 allowed by firewall will be safe, it is encrypted but does not mean content is scanned free of malware or even it is scanned, it is only at that instance of scan declared clean. You need defence in depth to have check on the endpoint equipped with Host intrusion prevention software to augment the delivered content hygiene & integrity.

For video, some basic sample below as well as also watching what "adversary" will do to penetrate pass the control. Firewall is not the a panacea to all attack and threats.

Basic Network security

(securing network)

(Device Management)

Basic Awareness

(Penetration tester view)

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
David Johnson, CD, MVPOwnerCommented:
There is nothing inherent in an address/port that makes it secure or not secure.  The address is the highway, and the port is the lane on the highway. Then there is the protocol which allows the receiver to handle the traffic with a specific application.
The protocols in use matter more than the ports. It's just that protocols generally by default use a particular port. A system administrator can change a port number if they so desire.

Example: I have a system that runs Telnet rather than SSH, I could decide to have the server listen on port 2323 instead of port 23. It doesn't change the fact that Telnet is an insecure protocol, it just shows that I'm not running it on the default port.
Second example: If I was running SSH (normally on port 22) on port 23 (which is the default port for Telnet), it doesn't suddenly mean that things are suddenly insecure.

As far as the previous responses, I would apply David Johnson's response with the videos that btan has provided.

I would like to understand this more so I can ask suppliers about the flow of data at an earlier point in time to reduce delays.
You're definitely thinking in the right direction here. One of the big issues with suppliers is that you're usually dealing with salespeople, who aren't going to care about the technology aspect as long as their things work. They might give you a script of what's needed to work, but it ends at that. The only way you're going to get the information you need is to force them to have an engineer of some sort involved who can answer the technical stuff. But another thing that you can always do is see if the network and security group would be open to having someone on some of the calls early on, so that issues can get addressed and delays get minimized.
Matthew EmeryHomeAuthor Commented:
Well, what can I say other than thank you for all the fantastic responses.  This is the best response i've ever had with all of the responses understanding exactly what I need to understand.

Have a great weekend and I have some learning to do :-)
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.