Summary

Securing Your Email with Cisco IronPort C-Series Appliances

This comprehensive, three-day training course provides a thorough foundation on how to successfully install, configure, and administrate the Cisco IronPort email security appliances. Attendees receive in-depth instruction on the most commonly used product features, with an emphasis on:

• How to deploy Cisco IronPort email security appliances in a typical enterprise email environment, including "best practices" for installation, configuration, and system administration.
• How to manage, monitor, and troubleshoot the flow of email through the Cisco IronPort email security appliances.
• How to configure access control policies to eliminate threats at the perimeter, based on the identity and trustworthiness of the sender.
• How to create content filters to implement and enforce corporate email policies and address such issues as identity theft and protecting financial information.
• How to configure the Cisco IronPort email security appliances to detect and handle unwanted spam and viruses.
• How to manage Quarantines and Bounce Profiles.
• How to create Safe List / Block List
• How to generate, schedule and interpret reports.
• How to set up email Security Manager
• How to secure your email with Cisco Registered Envelope Service

Extensive lab exercises provide attendees with critical hands-on experience with installing, configuring and administrating IronPort email security appliances. At the end of the course, attendees will possess a working knowledge of how to use IronPort email security appliances to successfully manage and troubleshoot email traffic entering and leaving the enterprise network.  Attendees will also learn about Internet email concepts and standards, and will receive an overview of other product features that can be used for more customized configurations.

Audience

• Enterprise messaging managers and system administrators
• Email system designers and architects
• Network managers responsible for messaging implementation

Prerequisites
Attendees should possess the following background knowledge and skills:

• A moderate knowledge of TCP/IP fundamentals, including IP addressing and sub-netting, static IP routing, DNS, and a very basic understanding of TCP.
• Experience with Internet-based messaging, including SMTP is highly recommended. See RFC 2821. , Internet message formats, and MIME message formatting and body parts.
• Familiarity with both command line interface (CLI) and graphical user interface (GUI) configuration of devices.

In addition, it is recommended that attendees have some experience with basic configuration of an IronPort email security appliance.

Description

Day One Agenda

Introduction to the Ironport Appliance

• Product / technology overview
• ASYNCOS™ MTA Platform
• Hardware Options

The Concept of the Email Pipeline

• SMTP Overview
• Email PipeLine Components
• IronPort Email filtering methods

Installing & Configuring the IronPort Appliance

• Installation Planning
• Interface Configuration
• The Setup Wizard

Configuring Listeners

• Listeners
• Mail Flow Policies
• Host Access Table
• Recipient Access Table
• SMTP Routes

Securing Your Email

    User-based policies
    Incoming and outgoing mail policies
    Content filters

IronPort Anti-Spam

• SenderBase Reputation Filters
• IronPort Anti-Spam configuration
• Creating Spam traffic reports

Day Two Agenda

Anti-Virus

• Sophos & McAfee Anti-Virus configuration
•  Virus Outbreak Filters and virus quarantine
• Creating Virus Traffic Reports

Quarantines & Bounce Profiles

• System quarantines
• IronPort Spam Quarantine
• Managing system quarantines
• End User Safe List / Block List
• Bounce Profiles

Email Encryption

Encryption with Cisco Registered Email Service

Encryption with locally hosted key server

Controlling the Encryption process

Troubleshooting

    Troubleshooting tools and best practices
    Log file contents and log administration
    Monitoring system status
    Support tools

System Administration

• System backup and recovery
• Configuration file
• System upgrade
• License keys
• System Capacity Reports

Day Three Agenda

Module 1: LDAP

This module focuses directly on common LDAP configurations and issues. A brief overview of the Lightweight Directory Access Protocol is provided to give those new to LDAP some familiarity, but the bulk of the module assumes a basic understanding of LDAP terms and concepts. Active Directory is emphasized in a number of case studies to highlight the various installation choices. These include addressing the use of the ESA against multiple directories in a heterogeneous enterprise.

Module 2: Message Filters (Advanced Policy)

This module focuses on advanced filter options with specific emphasis on creating, troubleshooting, simplification/streamlining and regular expressions. Helpful tips and tricks for both Message and Content filters are covered. Extensive hands-on exercises are designed to give the students practice working with the Command Line Interface (CLI), as well as practical experience troubleshooting and examining logs.

Module 3: DomainKeys Identified Mail

This module focuses introducing DKIM and the issues of configuring it on the IronPort Appliance. A brief introduction of DKIM is provided and how it fits into the security aspects of mail, both for DKIM signing and Verification. Helpful examples are provided that shows how to install DKIM certificate on an IronPort and create a signing profile.

Available seats: 11

Price: $2750.00
Location: Washington DC, IronPort Location - Washington, DC