Sophos eLearning Administrator XG Firewall - CO80-OD

  • Duration:2.00 Days
  •      Price:750.00 USD

To add to cart,
Log in here

This course is designed for technical professionals who will be administering Sophos XG Firewall and provides the skills necessary to manage common day-to-day tasks.  The course is available either online or as an instructor-led classroom course.  It consists of presentations and practical lab exercises to reinforce the taught content, and electronic copies of the supporting documents for the course will be provided to each trainee through the online portal.
The course is expected to take 2 days to complete, of which approximately half will be spent on the practical exercises.

Audience: To complete the course, trainees must take and pass an online assessment. The assessment tests their knowledge of both the presented and practical content. The pass mark for the assessment is 80%, and trainees should note that to become a Sophos Certified Administrator for Enduser Protection.

Available Languages: English (US)

Subjects: Technical

Objectives:

750.0000

Course Detail:

To become a Sophos Certified Administrator, trainees must take and pass an online assessment. The assessment tests their knowledge of both the presented and practical content. The pass mark for the assessment is 80%, and is limited to 4 attempts.
Module 1: Security Threats and how the XG Firewall Protects Against Them
Identify threats to your organization
Recognize the protection provided by Sophos XG Firewall
Module 2: Getting Started with XG Firewall
Navigate the WebAdmin in the Sophos XG Firewall
Understand objects and how to create them
Understand zones and how to create them
Configure routing
Labs
Register for Sophos Central evaluation
Register and Activate Sophos XG Firewall
Configure zones and interfaces
Create host definitions
Create a configuration backup
Module 3: Managing Network Protection
Understand the different types of firewall rules
Configure a network rule to block or allow traffic
Secure the traffic being passed by a rule with IPS and Heartbeat
Configure Advanced Threat Protection
Be able to publish a server using a basic Business Application Rule
Labs
Configure logging for firewall rules
Create Network Rules
Publish servers using Business Application Rules
Configure IPS policies
Enable Advanced Threat Protection
Configure Security Heartbeat
Module 4: Site-to-Site Connections
Configure enterprise VPN scenarios, including:
NAT overlap
VPN failover
Route precedence
Explain the three operating modes supported by RED
Configure REDs on Sophos XG Firewall and deploy them at remote sites
Configure balancing and failover for RED
Labs
Configure an SSL site-to-site VPN
Configure an IPsec site-to-site VPN
Configure VPN Network NATing
Configure policy routing to manage site-to-site connectivity

Module 5: Identity-Based Firewall
Explain the different types of user and authentication on the XG Firewall
Manage users and groups using local and external authentication
Install and configure STAS and SATC for single sign-on
Create identity-based policies
Enable and use one-time passwords (OTP)
Labs
Configure Active Directory Authentication
Configure Sophos Transparent Authentication Suite
Configure User-based policies including Security Heartbeat
Configure One Time Passwords
Module 6: Web Protection and Application Control
Understand the need for web protection
Configure a web policy and options
Apply a web policy to a rule
Understand application protection
Create an application filter
Apply an application filter to a rule
Labs
Install the SSL CA Certificate to computers in the domain
Create custom web categories and user activities to use in a web policy
Create a custom web policy that applies different actions to groups of users
Create a surfing quota for guest users
Configure an application filter policy
Module 7: Email Protection
Understand the capabilities of Email Protection and the differences between the deployment modes
Configure email policies in both MTA mode and legacy mode
Create custom Data Protection policies
Configure SPX Encryption
Configure user quarantine management
Labs
Enable and configure quarantine digests
Configure an Email Protection Policy for MTA mode
Encrypt emails that match a Data Control List using SPX
Manage quarantined items as a user

Module 8: Wireless and Remote Access
Describe the main capabilities of Wireless Protection
Create wireless networks
Add and configure wireless access points
Configure mesh networking
Configure RADIUS authentication for wireless networks
Understand and enable Fast BSS transition
Describe the options for remote access
Configure remote access using SSL and IPsec
Labs
Configure an SSL remote access VPN
Module 9: Reporting and Troubleshooting
Describe the capabilities of on-box reporting
Create bookmarks and reports
Configure scheduled reports
Work with the XG Firewall logs
Review diagnostic and troubleshooting tools
Labs
Run, customize and schedule reports
Use SF Loader tools
View the connection table
Use the drop-packet-capture command
Use the WebAdmin Log View and Packet Capture
View service status and enable debug logging

Pre-Requisite Text:
There are no prerequisites for this course; however it is recommended that trainees should:
Have networking knowledge equivalent to CompTIA N+ or better
Be familiar with security best practices
Be able to setup a Windows server
Have experience of configuring and managing network gateway devices
Have knowledge of general Windows networking and Microsoft Active Directory