Sophos Central Architect

  • Datum:
    • 28-11-2022: 09:00 - 17:00
    • 29-11-2022: 09:00 - 17:00
    • 30-11-2022: 09:00 - 17:00
  • Prijs: € 1 395,00
  • Locatie: TD Synnex - Eindhoven/Online
  • Taal: DN
  • Categorie: -
  • Gegarandeerd: -

Omschrijving

This course provides an in-depth study of Sophos Central, designed for experienced technical professionals who will be planning, installing, configuring and supporting deployments in production environments.

It consists of presentations and practical lab exercises to reinforce the taught content, and electronic copies of the supporting documents for the course will be provided to each trainee through the online portal.

The course is expected to take 3 days (24 hours) to complete, of which approximately 9 hours will be spent on the practical exercises.

Target audience:

This course is designed for technical professionals who will be planning, installing, configuring and supporting deployments in production environments. And for individuals wishing to obtain the Sophos Central Certified Architect certification.

Prerequisites:    

Prior to attending this course, trainees should:

  • Complete the Sophos Central Endpoint and Server Protection and should have passed the Certified Engineer exam
  • Experience with Windows networking and the ability to troubleshoot issues
  • A good understanding of IT security
  • Experience using the Linux command line for common tasks
  • Experience configuring Active Directory Group Policies

Objectives:

On completion of this course, trainees will be able to:

  • Plan and deploy complex installations of Sophos Central
  • Explain the core configuration concepts of Sophos Central and demonstrate how to configure and implement them
  • Perform manual clean up of threats when required
  • Proactively investigate suspicious activities and hunt threats
  • Perform preliminary troubleshooting and basic support steps

Certification:

To become a Sophos Certified Architect, trainees must take and pass an online assessment. The assessment tests their knowledge of both the presented and practical content. The pass mark for the assessment is 80%, and is limited to 3 attempts.

Duration:                           

3 days

Course Modules 

Module 1: Sophos Central Overview (15 mins)

  • Getting started with SURF
  • Labs (5 mins)
    • Register and activate a Sophos Central

Module 2: Sophos Central User Management (25 mins)

  • Sophos Central role-based user access
  • Advanced directory synchronization in Sophos Central
  • Configuring federated authentication in Sophos Central
  • Labs (80 mins)
    • Install and configure Windows AD sync utility
    • Configure role-based access
    • Deploy Sophos protection to a Windows server
    • Deploy an Update Cache and a Message Relay 

Module 3: Sophos Central Agent Deployment (40 mins)

  • Sophos Central Agent deployment strategy 
  • Automating Sophos Central Agent deployment on Windows
  • Automating Sophos Central Agent deployment on macOS
  • Automating Sophos Central Agent deployment on Linux
  • Migrating from SEC to Sophos Central
  • Labs (60 mins)
    • Install Sophos server protection for Linux
    • Use AD group policy to deploy Sophos protection to multiple devices
    • Enable server lockdown (preparation for a later lab task)

Module 4: Sophos Central Updating and Communication (30 mins)

  • Advanced Sophos Central updating
  • Controlling Sophos Central updates
  • Considerations for using Sophos Central Update Caches and Message Relays
  • Advanced Sophos Central Update Cache and Message Relay deployment
  • Labs (15 mins)
    • Enable manually controlled updates
    • Create server groups 
    • Manage tamper protection

Module 5: Sophos Central Virtual Protection (25 mins)

  • Protecting Azure hosted virtual servers with Sophos Central
  • Protecting AWS hosted virtual servers with Sophos Central
  • Simulation tasks (30 mins)
    • Configure automated deployment on Azure hosted virtual servers 
    • Configure automated deployment on AWS hosted virtual servers

Module 6: Sophos Central Policies (80 mins)

  • Advanced Sophos Central control policies
  • Advanced Sophos Central data loss prevention
  • Advanced Sophos Central policies and exclusions 
  • Getting started with Sophos Central partner global policies 
  • Advanced Sophos Central server lockdown
  • Labs (90 mins)
    • Prepare for a later lab task
    • Configure and test threat protection policies
    • Configure and test web control 
    • Configure and test application control
    • Configure and test data control using CCLs
    • Configure and text exclusions
    • Manage server lockdown 
    • Test Linux server protection

Module 7: Sophos Central Remediation and Reports (30 mins)

  • Getting started with SIEM integration with Sophos Central
  • Advanced Sophos Central threat remediation
  • Getting started with Sophos Central forensic snapshots
  • Labs (95 mins)
    • Configure SIEM with Splunk
    • Release a file from SafeStore
    • Remediate a Linux server
    • Create a forensic snapshot and interrogate the database

Module 8: Sophos Central XDR (60 mins)

  • Sophos XDR Data Lake APIs
  • Sophos Central XDR Live Discover query pivoting
  • Writing queries for Sophos Central XDR Live Discover
  • Writing scenarios for Sophos Central XDR Live Discover queries
  • Using Sophos Central XDR for IT operations
  • Using Sophos Central XDR for threat hunting
  • Labs (40 mins)
    • Use Live Discover to locate unauthorized programs
    • Investigate a detection using Sophos Central XDR

Module 9: Course Review (10 mins)

  • How to find help from Sophos
  • Course review

Direct inschrijven

TD Synnex - Eindhoven/Online
Flight Forum 128
5657 DD Eindhoven/Online

Hulp nodig?

Heb je advies nodig bij de keuze voor een van onze opleidingen of trainingen? Of heb je een andere vraag over onze trainingen, workshops of webinars? Klik dan hieronder voor een uitgebreid en deskundig advies van een van onze TD SYNNEX Academy opleidingsadviseurs.

Meer informatie / advies

Wil je deskundig opleidingsadvies?

Hoe werkt het?

Ben je van plan een Sales Enablement of Technische training te volgen, maar weet je niet precies of deze aansluit bij jouw carrière? Heb je behoefte aan een vakkundig opleidingsadvies van onze opleidingsdeskundige? Of heb je een andere vraag of opmerking? Vul dan hieronder het adviesformulier in. 

Wat krijg je?

Een van onze deskundige opleidingsadviseurs binnen TD SYNNEX Academy zal zo spoedig mogelijk contact met je opnemen en je voorzien van:

  • Persoonlijk advies over de juiste trainingskeuze
  • Opleidingsinformatie passend bij jouw loopbaan
  • Exclusieve tips van onze vakkundige vendors