Skip to main content

Durata corso:

5 giorni

Costo:

2.500,00 €

Securing Email with Cisco Email Security Appliance (SESA) (CIS13)

Codice: CIS13

Il corso Securing Email with Cisco Email Security Appliance (SESA) v3.1 mostra come distribuire e utilizzare Cisco® Email Security Appliance per stabilire la protezione dei sistemi di posta elettronica da phishing, compromissione della posta elettronica aziendale e ransomware e per semplificare la sicurezza della posta elettronica gestione delle politiche. Questo corso pratico fornisce le conoscenze e le competenze per implementare, risolvere i problemi e amministrare Cisco Email Security Appliance, incluse funzionalità chiave come protezione avanzata da malware, blocco dello spam, protezione antivirus, filtraggio delle epidemie, crittografia, quarantene e dati prevenzione delle perdite.

Questo corso ti aiuta a prepararti a sostenere l’esame, Securing Email with Cisco Email Security Appliance (300-720 SESA), che porta alle certificazioni CCNP® Security e Certified Specialist – Email Content Security.

Modalità di erogazione

In aula o Live Virtual Classroom

Attestato di partecipazione

Al termine del corso verrà rilasciato l’attestato di frequenza

Esame

300-720 – Securing Email with Cisco Email Security Appliance

Contenuti del corso

Describing the Cisco Email Security Appliance

  • Cisco Email Security Appliance Overview

  • Technology Use Case

  • Cisco Email Security Appliance Data Sheet

  • SMTP Overview

  • Email Pipeline Overview

  • Installation Scenarios

  • Initial Cisco Email Security Appliance Configuration

  • Centralizing Services on a Cisco Content Security Management Appliance (SMA)

  • Release Notes for AsyncOS 11.x

 

Administering the Cisco Email Security Appliance

  • Distributing Administrative Tasks

  • System Administration

  • Managing and Monitoring Using the Command Line Interface (CLI)

  • Other Tasks in the GUI

  • Advanced Network Configuration

  • Using Email Security Monitor

  • Tracking Messages

  • Logging

 

Controlling Sender and Recipient Domains

  • Public and Private Listeners

  • Configuring the Gateway to Receive Email

  • Host Access Table Overview

  • Recipient Access Table Overview

  • Configuring Routing and Delivery Features

 

Controlling Spam with Talos SenderBase and Anti-Spam

  • SenderBase Overview

  • Anti-Spam

  • Managing Graymail

  • Protecting Against Malicious or Undesirable URLs

  • File Reputation Filtering and File Analysis

  • Bounce Verification

 

Using Anti-Virus and Outbreak Filters

  • Anti-Virus Scanning Overview

  • Sophos Anti-Virus Filtering

  • McAfee Anti-Virus Filtering

  • Configuring the Appliance to Scan for Viruses

  • Outbreak Filters

  • How the Outbreak Filters Feature Works

  • Managing Outbreak Filters

 

Using Mail Policies

  • Email Security Manager Overview

  • Mail Policies Overview

  • Handling Incoming and Outgoing Messages Differently

  • Matching Users to a Mail Policy

  • Message Splintering

  • Configuring Mail Policies

 

Using Content Filters

  • Content Filters Overview

  • Content Filter Conditions

  • Content Filter Actions

  • Filter Messages Based on Content

  • Text Resources Overview

  • Using and Testing the Content Dictionaries Filter Rules

  • Understanding Text Resources

  • Text Resource Management

  • Using Text Resources

 

Using Message Filters to Enforce Email Policies

  • Message Filters Overview

  • Components of a Message Filter

  • Message Filter Processing

  • Message Filter Rules

  • Message Filter Actions

  • Attachment Scanning

  • Examples of Attachment Scanning Message Filters

  • Using the CLI to Manage Message Filters

  • Message Filter Examples

  • Configuring Scan Behavior

 

Preventing Data Loss

  • Overview of the Data Loss Prevention (DLP) Scanning Process

  • Setting Up Data Loss Prevention

  • Policies for Data Loss Prevention

  • Message Actions

  • Updating the DLP Engine and Content Matching Classifiers

 

Using LDAP

  • Overview of LDAP

  • Working with LDAP

  • Using LDAP Queries

  • Authenticating End-Users of the Spam Quarantine

  • Configuring External LDAP Authentication for Users

  • Testing Servers and Queries

  • Using LDAP for Directory Harvest Attack Prevention

  • Spam Quarantine Alias Consolidation Queries

  • Validating Recipients Using an SMTP Server

 

SMTP Session Authentication

  • Configuring AsyncOS for SMTP Authentication

  • Authenticating SMTP Sessions Using Client Certificates

  • Checking the Validity of a Client Certificate

  • Authenticating User Using LDAP Directory

  • Authenticating SMTP Connection Over Transport Layer Security (TLS) Using a Client Certificate

  • Establishing a TLS Connection from the Appliance

  • Updating a List of Revoked Certificates

 

Email Authentication

  • Email Authentication Overview

  • Configuring DomainKeys and DomainKeys Identified Mail (DKIM) Signing

  • Verifying Incoming Messages Using DKIM

  • Overview of Sender Policy Framework (SPF) and SIDF Verification

  • Domain-based Message Authentication Reporting and Conformance (DMARC) Verification

  • Forged Email Detection

 

Email Encryption

  • Overview of Cisco Email Encryption

  • Encrypting Messages

  • Determining Which Messages to Encrypt

  • Inserting Encryption Headers into Messages

  • Encrypting Communication with Other Message Transfer Agents (MTAs)

  • Working with Certificates

  • Managing Lists of Certificate Authorities

  • Enabling TLS on a Listener’s Host Access Table (HAT)

  • Enabling TLS and Certificate Verification on Delivery

  • Secure/Multipurpose Internet Mail Extensions (S/MIME) Security Services

 

Using System Quarantines and Delivery Methods

  • Describing Quarantines

  • Spam Quarantine

  • Setting Up the Centralized Spam Quarantine

  • Using Safelists and Blocklists to Control Email Delivery Based on Sender

  • Configuring Spam Management Features for End Users

  • Managing Messages in the Spam Quarantine

  • Policy, Virus, and Outbreak Quarantines

  • Managing Policy, Virus, and Outbreak Quarantines

  • Working with Messages in Policy, Virus, or Outbreak Quarantines

  • Delivery Methods

 

Centralized Management Using Clusters

  • Overview of Centralized Management Using Clusters

  • Cluster Organization

  • Creating and Joining a Cluster

  • Managing Clusters

  • Cluster Communication

  • Loading a Configuration in Clustered Appliances

  • Best Practices

 

Testing and Troubleshooting

  • Debugging Mail Flow Using Test Messages: Trace

  • Using the Listener to Test the Appliance

  • Troubleshooting the Network

  • Troubleshooting the Listener

  • Troubleshooting Email Delivery

  • Troubleshooting Performance

  • Web Interface Appearance and Rendering Issues

  • Responding to Alerts

  • Troubleshooting Hardware Issues

  • Working with Technical Support

 

References

  • Model Specifications for Large Enterprises

  • Model Specifications for Midsize Enterprises and Small-to-Midsize Enterprises or Branch Offices

  • Cisco Email Security Appliance Model Specifications for Virtual Appliances

  • Packages and Licenses

 

Lab outline

  • Verify and Test Cisco ESA Configuration

  • Perform Basic Administration

  • Advanced Malware in Attachments (Macro Detection)

  • Protect Against Malicious or Undesirable URLs Beneath Shortened URLs

  • Protect Against Malicious or Undesirable URLs Inside Attachments

  • Intelligently Handle Unscannable Messages

  • Leverage AMP Cloud Intelligence Via Pre-Classification Enhancement

  • Integrate Cisco ESA with AMP Console

  • Prevent Threats with Anti-Virus Protection

  • Applying Content and Outbreak Filters

  • Configure Attachment Scanning

  • Configure Outbound Data Loss Prevention

  • Integrate Cisco ESA with LDAP and Enable the LDAP Accept Query

  • Domain Keys Identified Mail (DKIM)

  • Sender Policy Framework (SPF)

  • Forged Email Detection

  • Configure the Cisco SMA for Tracking and Reporting

 

 

 

 

 

Partecipanti
  • Security engineers
  • Security administrators
  • Security architects
  • Operations engineers
  • Network engineers
  • Network administrators
  • Network or security technicians
  • Network managers
  • System designers
  • Cisco integrators and partners
Prerequisiti

Per beneficiare appieno di questo corso, dovresti avere le seguenti conoscenze e abilità:

 

  • Cisco certification (Cisco CCENT® certification or higher)
  • Relevant industry certification, such as (ISC)2, CompTIA Security+, EC-Council, Global Information Assurance Certification (GIAC), and ISACA
  • Cisco Networking Academy letter of completion (CCNA® 1 and CCNA 2)
  • Windows expertise: Microsoft [Microsoft Specialist, Microsoft Certified Solutions Associate (MCSA), Microsoft Certified Systems Engineer (MCSE)], CompTIA (A+, Network+, Server+)
  • TCP/IP services, including Domain Name System (DNS), Secure Shell (SSH), FTP, Simple Network Management Protocol (SNMP), HTTP, and HTTPS
  • Experience with IP routing
Obiettivi

Dopo aver seguito questo corso, dovresti essere in grado di:

  • Describe and administer the Cisco Email Security Appliance (ESA)
  • Control sender and recipient domains
  • Control spam with Talos SenderBase and anti-spam
  • Use anti-virus and outbreak filters
  • Use mail policies
  • Use content filters
  • Use message filters to enforce email policies
  • Prevent data loss
  • Perform LDAP queries
  • Authenticate Simple Mail Transfer Protocol (SMTP) sessions
  • Authenticate email
  • Encrypt email
  • Use system quarantines and delivery methods
  • Perform centralized management using clusters
  • Test and troubleshoot
Lingue
Italiano
Vuoi ulteriori info?

Torna a trovarci per conoscere i nuovi Corsi inseriti

Oppure richiedi informazioni sul corso che ti interessa nella sezione Contatti

My Agile Privacy
Questo sito utilizza cookie tecnici e di profilazione. Cliccando su accetta si autorizzano tutti i cookie di profilazione. Cliccando su rifiuta o la X si rifiutano tutti i cookie di profilazione. Cliccando su personalizza è possibile selezionare quali cookie di profilazione attivare.