Securing Your Web with Cisco IronPort S-Series (SYW)

• Security Architects and System Designers
• Network Administrators and Operations Engineers
• Network or Security Managers responsible for web security

• A good understanding of IP routing, Network Address Translation, CIDR addresses, DNS and TCP/IP services such as SSH, FTP, NTP and SNMP
• Basic experience using Command Line Interfaces (CLI) and Graphical User Interfaces (GUI) to configure network devices

The S-Series Administration course is an instructor-led training class for IronPort customers. It has hands-on labs, demos and presentations to help students learn technical aspects of the S-Series Web Security Appliances. This comprehensive, two-day training course covers how to install, configure, operate and maintain the S-Series. Attendees receive in-depth instruction on the most commonly used product features, with an emphasis on:

• Different deployment options, covering the best ways to integrate the S-Series into different customer environments
• “Best practices” for configuration, operations and system administration
• How to manage, monitor, and troubleshoot the flow of Internet traffic
• Using access controls and policies to block malware, specific web sites or content types
• How to integrate the S-Series with your directory servers, firewalls and L4 switches
• How to use the S-Series together with your existing proxies

Extensive lab exercises provide attendees with critical hands-on product experience. The live lab facilities provide a safe environment to experiment with malware, and also to try configurations that might not be appropriate for a production network. At the end of the course attendees will be able to install, operate and maintain the S-Series appliances.

Introduction

• Course and Company background

Product and Malware Overview

• Overview of S-Series and Malware threats Basic L4TM Setup
• Network integration options for L4TM
• Introduction to L4TM reports

Layer 4 Traffic Monitor

• Configuring Layer 4 Traffic Monitor

Proxy and Caching

• Proxy concepts
• Transparent vs. Forward Explicit modes Web Reputation Filtering
• Theory of Web Reputation Filtering
• Configuring WBRS
• WBRS compared with SBRS

Webroot Anti-Malware

• Understanding Anti-Malware scanning
• Tuning Malware categories Authentication
• LDAP Authentication options
• Windows NTLM Authentication options

Web Security Manager

• URL Content Filtering categories
• L4TM, Proxy and other blocking policies
• The Pipeline

System Administration

• Reports, Logs, Alerts, SNMP & Monitoring

Troubleshooting

• Troubleshooting & Administration Other Deployment Scenarios
• Transparent mode with L4 switching
• Transparent mode with WCCP routing
• Integrating with existing proxies
• Integrating multiple S-Series appliances