• 918 34 713
  • kurs@sgpartner.no
SG Partner AS
Generic selectors
Exact matches only
Search in title
Search in content
Post Type Selectors
Filter by Categories
Uncategorized
HomeCiscoSecurity

Securing Email with Cisco Email Security Appliance SESA

Kurskode: SESA

varighet: 4 Dag(er)

Sted:Instructor Led Training
Katergori: Cisco

Course Overview

Learn how to deploy and use Cisco® Email Security Appliance to establish protection for your email systems against phishing, business email compromise and ransomware. Help streamline email security policy management. This hands-on course provides you with the knowledge and skills to implement, troubleshoot, and administer Cisco Email Security Appliance, including key capabilities such as advanced malware protection, spam blocking, anti-virus protection, outbreak filtering, encryption, quarantines, and data loss prevention.

This course is worth 24 Continuing Education (CE) Credits.

After completing this course you should be able to:

  • • Describe and administer the Cisco Email Security Appliance (ESA)
  • • Control sender and recipient domains
  • • Control spam with Talos SenderBase and anti-spam
  • • Use anti-virus and outbreak filters
  • • Use mail policies
  • • Use content filters
  • • Use message filters
  • • Prevent data loss
  • • Perform LDAP queries
  • • Authenticate Simple Mail Transfer Protocol (SMTP) sessions
  • • Authenticate email
  • • Encrypt email
  • • Use system quarantines and delivery methods
  • • Perform centralized management using clusters
  • • Test and troubleshoot

Describing the Cisco Email Security Appliance

  • • Cisco Email Security Appliance Overview
  • • Technology Use Case
  • • Cisco Email Security Appliance Data Sheet
  • • SMTP Overview
  • • Email Pipeline Overview
  • • Installation Scenarios
  • • Initial Cisco Email Security Appliance Configuration
  • • Centralizing Services on a Cisco Content Security Management Appliance (SMA)
  • • Release Notes for AsyncOS 11.x

Controlling Sender and Recipient Domains

  • • Public and Private Listeners
  • • Configuring the Gateway to Receive Email
  • • Host Access Table Overview
  • • Recipient Access Table Overview
  • • Configuring Routing and Delivery Features

Controlling Spam with Talos SenderBase and Anti-Spam

  • • SenderBase Overview
  • • Anti-Spam
  • • Managing Graymail
  • • Protecting Against Malicious or Undesirable URLs
  • • File Reputation Filtering and File Analysis
  • • Bounce Verification

Using Anti-Virus and Outbreak Filters

  • • Anti-Virus Scanning Overview
  • • Sophos Anti-Virus Filtering
  • • McAfee Anti-Virus Filtering
  • • Configuring the Appliance to Scan for Viruses
  • • Outbreak Filters
  • • How the Outbreak Filters Feature Works
  • • Managing Outbreak Filters

Using Mail Policies

  • • Cisco Email Security Manager Overview
  • • Mail Policies Overview
  • • Handling Incoming and Outgoing Messages Differently
  • • Configuring Mail Policies
  • • Matching Users to a Mail Policy
  • • Message Splintering

Using Content Filters

  • • Content Filters Overview
  • • Content Filter Conditions
  • • Content Filter Actions
  • • Filter Messages Based on Content
  • • Text Resources Overview
  • • Using and Testing the Content Dictionaries Filter Rules
  • • Understanding Text Resources
  • • Text Resource Management
  • • Using Text Resources

Using Message Filters

  • • Message Filters Overview
  • • Components of a Message Filter
  • • Message Filter Processing
  • • Message Filter Rules
  • • Message Filter Actions
  • • Attachment Scanning
  • • Examples of Attachment Scanning Message Filters
  • • Using the CLI to Manage Message Filters
  • • Message Filter Examples
  • • Configuring Scan Behavior

Preventing Data Loss

  • • Data Loss Prevention (DLP) Scanning Process
  • • Setting Up Data Loss Prevention
  • • Policies for Data Loss Prevention
  • • Message Actions
  • • Updating the DLP Engine and Content Matching Classifiers

Using LDAP

  • • Overview of LDAP
  • • Working with LDAP
  • • Using LDAP Queries
  • • Authenticating End-Users of the Spam Quarantine
  • • Configuring External LDAP Authentication for Users
  • • Testing Servers and Queries
  • • Using LDAP for Directory Harvest Attack Prevention
  • • Spam Quarantine Alias Consolidation Queries
  • • Validating Recipients Using an SMTP Server

Describing SMTP Session Authentication

  • • Configuring AsyncOS for SMTP Authentication
  • • Authenticating SMTP Sessions Using Client Certificates
  • • Checking the Validity of a Client Certificate
  • • Authenticating User Using LDAP Directory
  • • Authenticating SMTP Connection Over Transport Layer Security (TLS) Using a Client Certificate
  • • Establishing a TLS Connection from the Appliance
  • • Updating a List of Revoked Certificates

Using Email Authentication

  • • Email Authentication Overview
  • • Overview of Sender Policy Framework (SPF) and SIDF Verification
  • • Configuring DomainKeys and DomainKeys Identified Mail (DKIM) Signing
  • • Verifying Incoming Messages Using DKIM
  • • Domain-based Message Authentication Reporting and Conformance (DMARC) Verification
  • • Forged Email Detection

Using Email Encryption

  • • Overview of Cisco Email Encryption
  • • Encrypting Messages
  • • Determining Which Messages to Encrypt
  • • Inserting Encryption Headers into Messages
  • • Encrypting Communication with Other Message Transfer Agents (MTAs)
  • • Working with Certificates
  • • Managing Lists of Certificate Authorities
  • • Enabling TLS on a Listener’s Host Access Table (HAT)
  • • Enabling TLS and Certificate Verification on Delivery
  • • Secure/Multipurpose Internet Mail Extensions (S/MIME) Security Services

Administering the Cisco Email Security Appliance

  • • Distributing Administrative Tasks
  • • System Administration
  • • Managing and Monitoring Using the Command Line Interface (CLI)
  • • Other Tasks in the GUI
  • • Advanced Network Configuration
  • • Using Email Security Monitor
  • • Tracking Messages
  • • Logging

Using System Quarantines and Delivery Methods

  • • Describing Quarantines
  • • Spam Quarantine
  • • Setting Up the Centralized Spam Quarantine
  • • Using Safelists and Blocklists to Control Email Delivery Based on Sender
  • • Configuring Spam Management Features for End Users
  • • Managing Messages in the Spam Quarantine
  • • Policy, Virus, and Outbreak Quarantines
  • • Managing Policy, Virus, and Outbreak Quarantines
  • • Working with Messages in Policy, Virus, or Outbreak Quarantines
  • • Delivery Methods

Centralized Management Using Clusters

  • • Overview of Centralized Management Using Clusters
  • • Cluster Organization
  • • Creating and Joining a Cluster
  • • Managing Clusters
  • • Cluster Communication
  • • Loading a Configuration in Clustered Appliances
  • • Best Practices

Testing and Troubleshooting

  • • Debugging Mail Flow Using Test Messages: Trace
  • • Using the Listener to Test the Appliance
  • • Troubleshooting the Network
  • • Troubleshooting the Listener
  • • Troubleshooting Email Delivery
  • • Troubleshooting Performance
  • • Web Interface Appearance and Rendering Issues
  • • Responding to Alerts
  • • Troubleshooting Hardware Issues
  • • Working with Technical Support

Labs

  • • Discovery Lab 1: Verify and Test Cisco ESA Configuration
  • • Discovery Lab 2: Advanced Malware in Attachments (Macro Detection)
  • • Discovery Lab 3: Protect Against Malicious or Undesirable URLs Beneath Shortened URLs
  • • Discovery Lab 4: Protect Against Malicious or Undesirable URLs Inside Attachments
  • • Discovery Lab 5: Intelligently Handle Unscannable Messages
  • • Discovery Lab 6: Leverage AMP Cloud Intelligence Via Pre-Classification Enhancement
  • • Discovery Lab 7: Integrate Cisco ESA with AMP Console
  • • Discovery Lab 8: Prevent Threats with Anti-Virus Protection
  • • Discovery Lab 9: Applying Outbreak Filters
  • • Discovery Lab 10: Configure Attachment Scanning
  • • Discovery Lab 11: Configure Outbound Data Loss Prevention
  • • Discovery Lab 12: Integrate Cisco ESA with LDAP and Enable the LDAP Accept Query
  • • Discovery Lab 13: DomainKeys Identified Mail (DKIM)
  • • Discovery Lab 14: Sender Policy Framework (SPF)
  • • Discovery Lab 15: Forged Email Detection
  • • Discovery Lab 16: Configure the Cisco SMA for Tracking and Reporting
  • • Discovery Lab 17: Configure the Cisco Secure Email and Web Manager for Tracking and Reporting

Attendees should meet the following prerequisites:

  • • TCP/IP services, including Domain Name System (DNS), Secure Shell (SSH), FTP, Simple Network Management Protocol (SNMP), HTTP, and HTTPS
  • • Experience with IP routing

It is recommended that you have one of the following:

  • • Cisco certification (Cisco CCNA® certification or higher)
  • • Relevant industry certification, such as (ISC)2, CompTIA Security+, EC-Council, Global Information Assurance Certification (GIAC), and ISACA
  • • Cisco Networking Academy letter of completion (CCNA® 1 and CCNA 2)
  • • Windows expertise: Microsoft [Microsoft Specialist, Microsoft Certified Solutions Associate (MCSA), Microsoft Certified Systems Engineer (MCSE)], CompTIA (A+, Network+, Server+)

Individuals responsible for the deployment, administration and troubleshooting of a Cisco Email Security Appliance.

NOK 38.500

-
+
Kurskode: SESA Kateegori: , Underkategori: ,

Salar Ghadani

Salg

Har du spørsmål, ta kontakt

918 34 713 salar@sgpartner.no
Kurskode: SESA

varighet: 4 Dag(er)

KATEGORI: Cisco
Underkatergori: Security

Relaterte kurs

Relaterte produkter