On Wednesday, April 29, 2026, the IT-related study programs (CSE, SE, and AIDE) at the IUS Faculty of Engineering and Natural Sciences (FENS) organized a guest lecture titled “Designing for Risk: Integrating Firewalls, IDS, and Network Monitoring” as part of the FENS Talks series.
The session featured Mr. Muris Čeljo, General Manager at Kodeks d.o.o., who joined Asst. Prof. Dr. Amal Mersni, the CS427 course instructor, to share practical industry knowledge shaped by years of delivering IT security solutions to organizations across Bosnia and Herzegovina.
The lecture opened with an overview of risk-driven security design principles, including defense in depth, least privilege, and fail-secure design. It then moved to threat modeling using the STRIDE framework, with each threat category mapped to specific network controls such as firewall ACLs, IDS/IPS signatures, and SIEM audit trails.
Students also explored firewall placement across three topology models, ranging from single screening routers to multi-tier defense-in-depth designs, along with the ten golden rules of firewall design. In addition, the lecture addressed IDS/IPS deployment strategies, comparing signature-based, anomaly-based, and hybrid detection approaches.
Another important focus of the session was the role of SIEM as a central layer for log correlation and automated incident response through SOAR playbooks. The speakers also highlighted common design mistakes, such as flat network architectures and untuned IDS alert fatigue, as well as the ongoing shift toward Zero Trust architecture, as defined by NIST SP 800-207.
The lecture provided students with valuable insight into contemporary network security design and allowed them to connect theoretical knowledge with current industry practices and real-world cybersecurity challenges.
FENS extends its sincere thanks to Mr. Muris Čeljo and Kodeks d.o.o. for their continued partnership with the International University of Sarajevo.
