This course provides the network and system administrators a practical skills required to take into consideration security aspects in design IT networks, helps establishing hardening procedures on corporate endpoints (workstations, laptops, mobile devices), and craft enforceable BYOD policies. The course it has hands‑on labs and real‑world case studies from which participants will learn to prevent, detect, and respond to threats across today’s diverse enterprise environments.
Course Overview Table
| Chapter | Details |
| Partner | Military Academy General Mihailo Apostolski – Skopje |
| Title | Networks and Endpoint Security |
| Service | Cybersecurity |
| Target Group | Technical personnel, network admins, server admins, IT support engineers |
| Format | In-Person Training with labs (optionally hybrid/virtual) |
| Focused on Key Technologies | Network segmentation, firewalls, VPN, EDR, zero-trust, BYOD frameworks |
| Status | Ready to offer |
| Stakeholders from SME/PA Side | IT departments in SMEs, public agencies, managed service providers |
| Requirements for Participation | Working knowledge of TCP/IP, Windows/Linux administration, basic security concepts |
| Estimated Duration | Two-day (approximately 16 hours) |
Description of the Course
Introduction
Modern organizations rely on distributed networks and a growing mix of managed and personal devices. This course provides technical staff with actionable guidance to secure network infrastructure, lock down endpoints, and implement a robust Bring-Your-Own-Device (BYOD) program without sacrificing productivity.
Technical Context and Examples
Participants will get familiarized in configuring network segmentation in lab topologies, deploying endpoint protection agents, and walk through real BYOD onboarding scenarios. Case studies will illustrate how misconfigured devices or flat networks led to breaches—and how layered controls would have prevented them.
Detailed Explanation of Core Concepts
- Architecture design, VLANs & subnetting, zero‑trust segmentation, VPN & remote access hardening, firewall rule best practices
- OS hardening (Windows, macOS, Linux, Android, iOS), EDR/EPP deployment, , disk encryption, secure mobile configuration profiles
- Device management, data‑loss prevention (DLP) for personal devices
- Log aggregation, SIEM basics, alert triage, incident response playbooks for endpoint and network events
Tentative agenda of the course
- Course Introduction
- Module 1: Designing a Secure Network
- Module 2: Hardening Corporate Endpoints
- Module 3: Mobile & Remote Device Security
- Module 4: BYOD Program Development
- Module 5: Monitoring, Incident Response & Compliance
- Final Exam: Practical Assessment
Conclusion and Unique Value:
Graduates leave with a blueprint for building secure, segmented networks, enforcing consistent endpoint protection across PCs and mobile devices, and rolling out BYOD without introducing unmanaged risk. The blend of policy creation, technical configuration, and incident-response practice ensures skills translate directly today-to-day operations.
Additional Course Information
| Category | Details |
| Developed skills | Participants will acquire knowledge and skills, including: |
| ● Network architecture design with security-first principles
● Endpoint hardening and EDR deployment ● Mobile device management & BYOD governance ● Log analysis and first-responder actions during incidents |
|
| Learning Methods Used | ● Lectures and white-board walkthroughs
● Guided hands-on labs and simulations ● Group discussions of breach case studies |
| References/Resources | ● NIST SP 800-207 (Zero Trust Architecture)
● CIS Benchmarks for Windows, macOS, Linux, Android, iOS ● ISO/IEC 27001 controls relevant to BYOD and endpoint security ● Vendor docs for leading EDR and MDM platforms |
| Overview Slides | / |