Sophos Xg Tcpdump

 admin



MestoCentar za konferencije Talk&Talk, Beograd, ul. Beogradska 52
  1. Sophos XG’s packet capture feature is a very useful tool when it comes troubleshooting connectivity issues. It provides a deeper level of information compared to looking at firewall log files.
  2. Sophos Connect should not be alerting you every time it disconnects and reconnects or at least separate the alert notifications for Sophos Connect vs IPSEC VPN. Is being dropped and this is based on what we were seeing on the tcpdump's on both the primary and the auxiliary XG's. Sophos support was helping me out but ended up falling through.
VremeTermin u najavi

This course provides an in-depth study of Sophos XG Firewall, designed for experienced technical professionals who will be planning, installing, configuring and supporting deployments in production environments.

Sophos xg tcpdump to file

The course is intended to be delivered in a classroom setting, and consists of presentations and practical lab exercises to reinforce the taught content. Printed copies of the supporting documents for the course will be provided to each trainee.

Due to the nature of delivery, and the varying experiences of the trainees, open discussion is encouraged during the training.

This feature is completed as part of XG Firewall that has been released on November 9th 2015. Show previous admin responses (3) Started Admin Alan ( Sr. Product Manager, Sophos Features & Ideas Laboratory ) responded Aug 27, 2015.

The course lasts 3 days, of which roughly 8 hours will be spent on the practical exercises.

Objectives

On completion of this course, trainees will be able to:

  • Understand the components of the Sophos XG Firewall and how to configure them
  • Architect a solution for a customer’s environment and needs
  • Implement proof of concept (PoC) deployments with Sophos XG Firewall
  • Configure the components of Sophos XG Firewall according to best practice
  • Troubleshoot common issues on the Sophos XG Firewall

Prerequisites

Prior to taking this course you should:

  • Complete the Sophos XG Firewall Certified Engineer course.
  • Have knowledge of networking to a CompTIA N+ level.
  • Have knowledge of IT security to a CompTIA S+ level.
  • Have experience configuring network security devices.
  • Be able to troubleshoot and resolve issues in Windows networked environments.
  • Have experience configuring and administering Linux/UNIX systems.

If you are uncertain whether you meet the necessary prerequisites to take this course, please email us at school@smart.rs and we will be happy to help.

Certification
To achieve the Sophos Certified Architect certification in Sophos XG Firewall trainees must take and pass a timed online assessment. The assessment tests their knowledge of both the taught and practical content. The pass mark for the assessment is 80%, and it may be taken a maximum of three times.

Lab Environment
Each student will be provided with a pre-configured environment which simulates a company network with two sites, a head office and a branch office and contains Windows Servers, a Windows Desktop and two XG Firewalls.

Agenda

Module 1: Engineer Review (60 mins)

  • Recall important information from the Engineer course
  • Labs (15 mins)
  • Register for Sophos Central evaluation
  • Register for Sophos XG Firewall serial numbers

Module 2: Deployment (120 mins)

  • Describe the deployment modes supported by the XG Firewall
  • Understand the types of interfaces that can be created
  • Configured gateways
  • Configure policy based and dynamic routing
  • Labs (90 mins)
  • Activate the Sophos XG Firewalls
  • Post-installation configuration
  • Bridge interfaces
  • Multiple WAN links
  • Create a policy-based route for an MPLS scenario

Module 3: Network Protection (100 mins)

  • Understand the benefits of Fast Path technology
  • Understand what Strict Policy is
  • Examine advanced Intrusion Prevention and optimize policies
  • Configure advanced DoS Protection Policies
  • Explain what Local NAT policy is and known how to configure it
  • Be able to configure routing per firewall rule
  • Understand best practice for ordering of firewall rules
  • Labs (30 mins)
  • Local NAT Policy
  • Advanced DoS Rules

Module 4: Web Server Protection (105 mins)

  • Explain how Web Server Protection works
  • Describe the protection features
  • Configure protection policies for a web application
  • Publish a web service using the Web Application Firewall
  • Use the preconfigured templates to configure Web Server Protection for common purposes, such as Exchange
  • Configure SlowHTTP protection
  • Labs (60 mins)
  • Web Application Firewall
  • Load balancing with Web Server Protection
  • Web Server Authentication and path-specific routing

Module 5: Site-to-Site Connections (130 mins)

Tcpdump
  • Configure and deploy site-to-site VPNs in wide range of environments
  • Create RED tunnels between two XG Firewalls
  • Understand when to use RED
  • Labs (60 mins)
  • Create an IPsec site-to-siteVPN
  • Configure VPN network NATing
  • Configure VPN failover
  • Enable RED on the XG Firewall
  • Create a RED tunnel between two XG Firewalls
  • Configure routing for the RED tunnel

Sophos Xg Tcpdump

Module 6: Authentication (90 mins)

Sophos Xg Tcpdump Ipsec

  • Configure RADIUS accounting
  • Deploy STAS in complex scenarios
  • Configure SATC and STAS together
  • Configure Secure LDAP
  • Explain how to use the Sophos XG API
  • Labs (50 mins)
  • Configure an Active Directory authentication server
  • Configure single sign-on using STAS
  • Create user-based policies
  • Install the SSL CA certificate
  • Create custom user-based web policies

Module 7: Synchronized Security (65 mins)

  • Explain how Security Heartbeat works
  • Understand the advantages and disadvantages of deploying it in different scenarios
  • Labs (40 mins)
  • Source-based Security Heartbeat
  • Destination-based Security Heartbeat
  • Missing Security Heartbeat
  • Security Heartbeat over VPN

Sophos Xg Tcpdump Mac Address

Module 8: Wireless and Remote Access (60 mins)

  • Explain how Sophos Access Points are deployed and identify some common issues that may be encountered
  • Configure a mesh network
  • Configure an IPsec remote access VPN

Module 9: High Availability (85 mins)

Sophos Xg Tcpdump To File

  • Explain the packet flow in high availability
  • List the prerequisites for high availability
  • Configure high availability
  • Labs (45 mins)
  • Active-Active Cluster
  • Active-Passive High Availability

Module 10: Sizing and Troubleshooting (75 mins)

  • Size a hardware, software or virtual Sophos XG Firewall appropriately
  • Identify factors that can affect sizing
  • Perform basic troubleshooting using tcpdump
  • Enable debug logging
  • Create a Consolidated Troubleshooting Report and explain what information it contains
  • Labs (45 mins)
  • Debug logging
  • Retrieving log files
  • Troubleshoot an issue from an imported configuration

Price

200€ + VAT

Special Bonus! Each participant who passes a course receives one XG 1xx with licenses FREE of charge!

Sophos Utm Tcpdump Command

certification,Firewall,Security Education,Sophos,Sophos Partner,XG Firewall Architect