3. www.glcnetworks.com
What is GLC?
β Garda Lintas Cakrawala (www.glcnetworks.com)
β Based in Bandung, Indonesia
β Areas: Training, IT Consulting
β Mikrotik Certified Training Partner
β Mikrotik Certified Consultant
β Mikrotik distributor
3
4. www.glcnetworks.com
Trainer Introduction
β Name: Achmad Mardiansyah
β Base: bandung, Indonesia
β Linux user since β99
β Certified Trainer (MTCNA/RE/WE/UME/INE/TCE)
β Mikrotik Certified Consultant
β Work: Telco engineer, Sysadmin, PHP programmer,
and Lecturer at Telkom University
β Personal website: http://achmad.glcnetworks.com
β More info:
http://au.linkedin.com/in/achmadmardiansyah
4
6. www.glcnetworks.com
About Telkom University
β Located in Bandung, Indonesia
β 7 Faculties, 27 schools
β Areas: Engineering, Communications, Computing, Bussiness and
management, Arts
β 650+ Academic staff, 400+ Administration staff, 20000+ students
β An exchange program
β Runs mikrotik academy program
6
8. www.glcnetworks.com
Mikrotik in Indonesia
β Very popular product for networking
β Early adoption (beginning of 2000)
β Many schools already join Mikrotik
Academy programs
β Lots of training classes
β Biggest MUM in the world (2500+
participants, 2-day event)
β Very active community (facebook, telegram,
forum, etc)
β What..? you dont know Mikrotik? Where
have you been?
8
10. www.glcnetworks.com
What is Mikrotik firewall?
β Is a feature to
β Control network access (filter)
β Modify network header (NAT)
β Marking packet for further processing (mangle)
β Developed from linux
β Consist of 2 parts: matcher & action
β Executed sequentially
β Netadmin must understand the applicationβs characteristics in order to build a
matcher (e.g. browsing -> using TCP port 80)
10
11. www.glcnetworks.com
How firewall works?
β Setup matcher -> then action
β Mikrotik has lots of options for matcher
-> very flexible
β Matcher + Action = Firewall rule
β Rule is executed sequentially
11
20. www.glcnetworks.com
Raw table
β allows to selectively bypass or drop packets before connection tracking
β does not have matchers that depend on connection tracking (like
connection-state, layer7 etc.)
β If packet is marked to bypass connection tracking, packet de-fragmentation
will not occur
20
26. www.glcnetworks.com
End of slides
β Thank you for your attention
β Please submit your feedback: http://bit.ly/glcfeedback
β Like our facebook page: βGLC networksβ
β Stay tune with our schedule
26