Securing Your Web with Cisco IronPort S-Series

The course topics include: Day 1

• Course & Product Overview
• Deploying Proxy Services
• Utilizing Authentication
• Configuring S-Series Policies
• Enforcing Acceptable Use

Day 2

• Defending Against Malware
• Data Security
• Detecting Compromised Clients
• Administrative Tasks
• Troubleshooting

• Security Architects and System Designers
• Network Administrators and Operations Engineers
• Network or Security Managers responsible for web security

This comprehensive, two-day training course covers how to install, configure, operate and maintain the S-Series. The course consists of hands-on labs, demos and presentations to help students learn technical aspects of the S-Series Web Security Appliances. After successful completion of the course, the participant will be able to describe, configure, administer, and troubleshoot:

• Policy Framework
• Decryption Policies
• Routing Policies
• Access Policies
• IronPort Data Security Policies
• Data Loss Prevention Policies
• Authentication
• URL filtering
• Predefined URL Categories
• Custom URL Categories
• Time Based URL filters
• Web reputation filtering
• The DVS Anti-malware Engine
• Webroot
• McAfee
• HTTPS inspection
• Data Security and Data Loss Prevention
• Authentication

Module 1 - Course & Product Overview

• Introduction
• Customer Use Case
• S-Series Architecture
• Installation and Configuration
• Course Lab Environment
• Lab – Initial setup and configuration

Module 2 - Deploying Proxy Services

• Proxy Modes
• PAC files
• Configuration and Management
• Native FTP Proxy
• Reading the proxy access log and the HTTP headers
• Lab – Native FTP Proxy, Custom EUNs, Acknowledgement pages, Proxy Logs, HTTP headers, PAC files
• Module 3 - Utilizing Authentication
• Feature Overview (Proxy Authentication, group based policies)
• Configuration
• Troubleshooting
• Lab – Configure, test and troubleshoot NTLM and LDAP authentication.

Module 4 - Configuring S-Series Policies

• Feature Overview (Policy Framework, types of policies)
• Configuration
• Logging
• Lab – Configure Access Policies

Module 5 - Enforcing Acceptable Use

• Feature Overview
• URL Categories
• Application Visibility and Control
• SaaS Access Control
• Configuration
• Logging and Reporting
• Lab -- URL filters, bandwidth controls
• Module 6 - Defending Against Malware
• Feature Overview
• Web Reputation Filters
• DVS engine
• HTTPS inspection
• Configuration
• Logging and Reporting
• Lab – Web Reputation Filters, DVS engine HTTPS inspection

Module 7 - Data Security

• IronPort Data Security
• Data Loss Prevention
• Logging
• Lab -- IronPort Data Security
• Module 8 - Administrative Tasks
• Report Administration
• Monitoring the S-Series
• W3C Logging
• Other Administrative Tasks
• Lab – SNMP

Module 9 - Troubleshooting

• Hardware Redundancy
• Troubleshooting Tools
• Access Log
• Lab – Eight troubleshooting scenarios

Attendees should possess the following background knowledge and skills:

• Knowledge of TCP/IP services, including DNS, SSH, FTP, SNMP, HTTP and HTTPS is assumed
• Familiarity with IP routing is assumed
• Familiarity with the Cisco IronPort S-Series Overview, or equivalent knowledge, is assumed.