Descrizione
During this four day training course, you will learn how to install, configure, administer, and support Stonesoft NGFW.
Through instruction, demonstrations, and hands-on lab practice exercises, you will learn the requirements and recommendations to successfully deploy Stonesoft NGFW in a variety of network environments. You will develop expertise in creating security rules and policies, managing users and authentication, understanding multi-link technology, configuring VPNs, traffic deep inspection, performing common administration tasks including status monitoring and reporting.
Obiettivi
- Understand the fundamentals of NGFW
- Understand different installation methods
- Understand SMC capabilities
- Understand FW/VPN roles and clustering
- Configure routing
- Configure security policies and access control
- Understand Multi-Link technology
- Configure Multi-Link VPNs
- Manage users and authentication
- Configure Mobile VPN
- Configure SSL VPN Portal
- Perform traffic deep inspection
- Perform common administration tasks
- Understand monitoring capabilities
- Configure reporting
Contenuti
1) Introductions
- Participant introductions
- Logistics
- Course Objectives
2) Next Generation Firewall Engine
- NGFW History & Background
- Key Benefits and Differentiators
- Operating Modes
- Hardware Platforms and Virtualization
- Installation Methods
- Licensing
3) SMC Overview
- NGFW System Architecture
- SMC Components / Supported Platforms
- Management & Log Server Properties
- WebPortal Server Properties
- Deployment Options
- Status View / Configuration View
- Management Client Tools
4) FW/VPN Role and Clustering
- NGFW FW/VPN Role & Requirements
- Multi-layer Inspection
- Single NGFW Overview
- Clustering Technology
- Firewall Cluster
- IPS Serial Clustering
- Additional Firewall Features
- NGFW Engine Architecture
5) Routing and Anti-Spoofing
- Static Routing Configuration
- Special Routing Conditions
- Policy Routing
- Dynamic Routing Overview
6) Security Policies
- Policy Types
- Packet Processing Flow
- Firewall Templates and Policy
- Structure
- Firewall Policy
- Policy Tools & Rule Options
- NAT Definition
- Address Translation Options
- Proxy ARP and NAT
7) Log Data Management
- Purpose of Logs
- Log Entry Types
- Logging Generation
- Log Data Pruning
- Logs View
- Visualizing Logs
- Filters
- Third Party Logs
8) Multi-Link Technology
- Outbound Traffic Management
- Link Selection Methods
- Outbound Multi-Link Configuration
- Server Pools
- Multi-Link for Inbound Traffic
- Configuring Server Pools and
- Inbound Multi-Link
9) Multi-Link VPN
- Overview of VPNs
- VPN Topologies
- VPN High Availability
- Policy-Based VPN Configuration
- VPN Tools
- Route-Based VPN
10) Users and Authentication
- Managing Users
- Directory Servers
- Supported Authentication Methods
- User Authentication Process
- Browser Based Authentication
11) Mobile VPN Client
- Mobile VPN Connections
- IPsec VPN vs SSL VPN Tunneling
- VPN Client Configuration – Gateway Side
- VPN Client Configuration – Client Side
- Troubleshooting Tools
12) SSL VPN Portal
- Client Based and Clientless Access
- SSL VPN Portal Overview
- SSL VPN Services
- Routing Methods
- SSL VPN Portal Configuration
13) Traffic Inspection in Access Rules
- Traffic Inspection
- Protocol Agents
- Applications
- Web Filtering
- Anti-Virus
- Anti-Spam
- Deep Inspection
- TLS Inspection
14) Inspection and File Policies
- Deep Inspection
- NGFW Policy Templates
- Predefined Inspection Policies
- Situation Concepts
- Inspection Rules Tree
- Fine-Tuning Inspection
- Inspection Exception Rules
- Rule Options
- Blacklist
- Packet Inspection Procedure
15) Administration Tasks
- Role-Based Access Control
- Alert Process
- Log Management Tasks
- Log Forwarding
- System Upgrades and Backups
- SMC High Availability
- Location and Contact Addresses
- Troubleshooting / Support
16) Monitoring, Statistics and Reports
- Status Monitoring
- Overviews
- Reports
- Report Designs, Sections, and Items
- Geolocation Maps
- Session Monitoring
- Third-Party Monitoring
Pubblico di destinazione
End-User/Customers:
- System administrators, network security administrators, IT staff
Channel Partners:
- Consultants, system architects, integrators and planners who help customers with Stonesoft NGFW implementations
Forcepoint Sales Engineers:
- Forcepoint personnel who provide pre-sales and post-sales support for Stonesoft NGFW
Prerequisiti
- Good understanding of networking and computer security concepts.
- General understanding of system administration and Internet services.