Duration:

·        1 Days

Who Should Attend

·        Enterprise messaging managers and system administrators

·        Email system designers and architects

·        Network managers responsible for messaging implementation

Prerequisites

Attendees should possess the followingbackground knowledge and skills:

·        Experience configuring IronPort email security appliances throughparticipation in the IronPort Configuration Workshop or equivalent workingexperience.

·        Solid knowledge of TCP/IP fundamentals, including IP addressing andsub-netting, static IP routing, DNS, and a very basic knowledge of the TCPprotocol.

·        Experience with Internet-based messaging, including SMTP, Internetmessage formats, and MIME message formatting and body parts.

·        Strong familiarity both with AsyncOS command line interface (CLI)and graphical user interface (GUI) configuration of devices.

Course Objectives

This one-day training course provides advancedinformation for successful configuration and operation of an Cisco IronPortemail security appliance. By exploring in depth specific product features, mailadministrators will receive in-depth training to meet specific needs withemphasis on:

·        Integrating with a directory server via LDAP

·        Debugging of LDAP integration issues

·        Using message filters to redirect and modify messages

·        Safe deployment and debugging of message filters

·        Domain Key Identified Mail

·        Sender Profile Framework verification

Extensive lab exercises provide attendees withcritical hands-on experience working with advanced features of the CiscoIronPort email security appliance. Attendees gain working knowledge of how touse the Cisco IronPort appliance to successfully manage and troubleshoot emailtraffic entering and leaving the enterprise network. Attendees will also learnabout advanced Internet email concepts and receive an overview of other productfeatures that can be used for more customized configurations.

Course Content

Advanced Message Routing
This full day class is presented composedof the following lectures and hands-on lab activities:

Module 1: LDAP
This module focuses directly on commonLDAP configurations and issues. A brief overview of the Lightweight DirectoryAccess Protocol is provided to give those new to LDAP some familiarity, but thebulk of the module assumes a basic understanding of LDAP terms and concepts.Active Directory is emphasized in a number of case studies to highlight thevarious installation choices. These include addressing the use of the ESAagainst multiple directories in a heterogeneous enterprise.

Module 2: Message Filters (AdvancedPolicy)
This module focuses on advanced filteroptions with specific emphasis on creating, troubleshooting, simplification/streamliningand regular expressions. Helpful tips and tricks for both Message and Contentfilters are covered. Extensive hands-on exercises are designed to give thestudents practice working with the Command Line Interface (CLI), as well as practicalexperience troubleshooting and examining logs.

Module 3:Email Authentication
This module covers methods ofauthenticating email on the Cisco IronPort Appliance. A brief introduction ofDKIM is provided and how it fits into the security aspects of mail, both forDKIM signing and Verification. Helpful examples are provided that shows how toinstall a DKIM certificate on an Cisco IronPort and create a signing profile.Then we introduce Sender Profile Framework and the various fields: HELO, FROMand PRA that are checked according to RFC 4407. Also, the meanings of thestamped SPF results are reviewed and we discuss the creation of filters toreact to these results. These filters are designed to enforce SPF policies

*Sigma IT is offering Cisco Iron Port Courses in cooperation with Fast Lane CEE ,an Authorized Training center.