Call : (+91) 968636 4243
Mail : info@EncartaLabs.com
EncartaLabs

Sophos Architect XG Firewall

( Duration: 3 Days )

This Sophos Architect XG Firewall training course provides an in-depth study of Sophos XG Firewall, designed for experienced technical professionals who will be planning, installing, configuring and supporting deployments in production environments.

By attending Sophos Architect XG Firewall workshop, delegates will learn to:

  • Deploy XG Firewall in complex network environments
  • Explain how XG Firewall Processes traffic and use this information to inform the configuration
  • Configure advanced networking and protection features
  • Protect web applications using the web server protection
  • Size hardware, virtual and software XG Firewalls for a given set of requirements

  • Have completed and passed the XG Firewall - Certified Engineer course and any subsequent delta modules up to version 18.0
  • Experience with Windows networking and the ability sto troubleshoot issues
  • A good understanding of IT security
  • Experience configuring network security devices
  • Experience configuring and administering Linux/UNIX systems

COURSE AGENDA

1

Deployment

  • Recall important information from the Engineer course
  • Describe the deployment modes supported by the XG Firewall
  • Understand a range of scenarios where each deployment mode would commonly be used
  • Use built-in tools to troubleshoot issues
2

Base Firewall

  • Explain how the XG firewall can be accessed
  • Understand the types of interfaces that can be created
  • Understand the benefits of Fast Path technology
  • Configure routing per firewall rule
  • Understand best practice for ordering firewall rules
  • Explain what Local NAT policy is and known how to configure it
3

Network Protection

  • Explain what IPS is and how traffic can be offloaded to FastPath
  • Demonstrate how to optimize workload by configuring IPS policies
  • Examine advanced Intrusion Prevention and optimize policies
  • Configure advanced Dos Protection rules
  • Demonstrate how the strict policy can be used to protect networks
4

Synchronized Security

  • Explain how Security Heartbeat works
  • Configure Synchronized Security
  • Deploy Synchronized Security in discover and inline modes
  • Understand the advantages and disadvantages of deploying Synchronized Security in different scenarios
5

Web Server Protection

  • Explain how Web Server Protection works
  • Describe the protection features
  • Configure protection policies for a web application
  • Configure web server authentication
  • Publish a web service using the Web Application Firewall
  • Use the preconfigured templates to configure Web Server Protection for common purposes
  • Configure SlowHTTP protection
6

Site-to-Site Connections

  • Configure and deploy site-to-site VPNs in a wide range of environments
  • Implement IPsec NATing and failover
  • Check and modify route precedence
  • Create RED tunnels between XG Firewalls
  • Understand when to use RED
7

Authentication

  • Demonstrate how to configure and use RADIUS accounting
  • Deploy STAS in large and complex environments
  • Configure SATC and STAS together
  • Configure Secure LDAP and identify the different secure connections available
8

Web Protection

  • Choose the most appropriate type for web protection in different deployment scenarios
  • Enable web filtering using the DPI engine or legacy web proxy
  • Configure TLS inspection using the DPI engine or legacy web proxy
9

Wireless

  • Explain how Sophos Access Points are deployed and identify some common issues that may be encountered
  • Configure RADIUS authentication
  • Configure a mesh network
10

Remote Access

  • Configure Sophos Connect and manage the configuration using Sophos Connect Admin
  • Configure an IPsec remote access VPN
  • Configure an L2TP remote access VPN for mobile devices
11

High Availability

  • Explain what HA is and how it operates
  • Demonstrate how to configure HA and explain the difference between quick and manual configuration
  • List the prerequisites for high availability
  • Perform troubleshooting steps and check the logs to ensure that HA is set up correctly
  • Explain the packet flow in high availability
  • Demonstrate how to disable HA
12

Public Cloud

  • Deploy XG Firewall in complex network environments
  • Explain how XG Firewall processes traffic and use it's information to inform the configuration
  • Configure advanced networking and protection features
  • Deploy XG Firewall on public cloud infrastructure

Encarta Labs Advantage

  • One Stop Corporate Training Solution Providers for over 6,000 various courses on a variety of subjects
  • All courses are delivered by Industry Veterans
  • Get jumpstarted from newbie to production ready in a matter of few days
  • Trained more than 50,000 Corporate executives across the Globe
  • All our trainings are conducted in workshop mode with more focus on hands-on sessions

View our other course offerings by visiting https://www.encartalabs.com/course-catalogue-all.php

Contact us for delivering this course as a public/open-house workshop/online training for a group of 10+ candidates.

Top
Notice
X