Omschrijving
This course is designed for technical professionals who will be administrating Sophos Firewall and provides an overview of the product, including an introduction to the major capabilities and core configuration concepts.
Target audience
This course is designed for technical professionals who will be planning, installing, configuring and supporting deployments in production environments. And for individuals wishing to obtain the XG Firewall Certified Architect certification.
Objectives
On completion of this course, trainees will be able to:
- Explain how Sophos Firewall helps to protect against security threats
- Configure Firewall rules, policies, and user authentication
- Demonstrate threat protection and commonly used features
- Perform the initial setup of a Sophos Firewall and configure the required network settings
- Perform basic troubleshooting, reporting, and management tasks
Prerequisites
Prior to attending this course, trainees should:
- Complete the Sophos XG Firewall Certified Engineer course
We recommend students have the following knowledge and experience:
- Understanding subnetting and routing
- Configuring network security devices
Assessment
To complete this course, trainees must take and pass an online assessment. Trainees will have 3 hours to complete the assessment; the pass mark is 80% and trainees will have 4 attempts to pass.
Duration
3 days
Course Modules
Module 1: Sophos Firewall Overview
- What is Sophos Firewall?
Module 2: Sophos Firewall Deployment
- Sophos Firewall deployment options and common Scenarios
- Considerations for Deploying Sophos Firewall in Common Scenarios
- Deploying Sophos Firewall using the initial setup wizard
- Labs
- Register for a Sophos Central evaluation
- Activate the Sophos Firewall
Module 3: Getting Started with Sophos Firewall
- Navigating and managing the Sophos Firewall using WebAdmin
- Getting Started with Zones and Interfaces on Sophos Firewall
- Advanced Interface Configuration on Sophos Firewall
- Introduction to Routing and SD-WAN on Sophos Firewall
- Advanced Routing and SD-WAN Configuration on Sophos Firewall
- Troubleshooting Routing on Sophos Firewall
- Configuring DNS and DHCP on Sophos Firewall
- Managing Device Access and Certificates
- Considerations for Configuring Device access on Sophos Firewall
- Getting Started with Traffic Shaping on Sophos Firewall
- Labs
- Multiple WAN Links
- SD WAN Profiles
- Create a policy-based route for an MPLS scenario
- Configure Device Access
- Bridge Interfaces
Module 4: Base Firewall
- Getting Started with Firewall and NAT Rules on Sophos Firewall
- Advanced Firewall Rule Management on Sophos Firewall
- Troubleshooting Firewall Rules on Sophos Firewall
- Advanced NAT Configuration on Sophos Firewall
- Troubleshooting NAT Rules on Sophos Firewall
- Configuring TLS decryption on Sophos Firewall
- Network Traffic Shaping on Sophos Firewall
- Labs
- Load-Balanced NAT
- Local NAT Policy
- Install Sophos Central
Module 5: Network Protection
- Getting Started with Intrusion Prevention
- Advanced IPS Configuration
- Enabling Advanced Threat Protection Sophos Firewall
- Troubleshooting ATP Alerts
- Getting Started with Security Heartbeat
- Managing and Deploying Security Heartbeat on Sophos Firewall
- Labs
- Source-based Security Heartbeat
- Destination-based Security Heartbeat
- Missing Security Heartbeat
Module 6: Site-to-Site Connections
- Connecting Sites with Sophos Firewall
- Configuring SSL Site-to-Site VPNs on Sophos Firewall
- Getting Started with IPsec Site-to-Site VPNs on Sophos Firewall
- Advanced IPsec Site-to-Site VPN Configuration on Sophos Firewall
- Getting Started with Remote Ethernet Devices (REDs) on Sophos Firewall
- Labs
- Create an IPsec site-to-site VPN
- Configure VPN network NATing
- Configure a VPN failover
- Configure route-based VPN
Module 7: Authentication
- Introducing Authentication on Sophos Firewall
- Configuring Authentication Servers and Services on Sophos Firewall
- Getting Started with Sophos Firewall Authentication
- Advanced STAS Configuration
- Enabling Multi-Factor Authentication on Sophos Firewall
- Labs
- Configure an Active Directory Authentication server
- Configure Single Sign-On using STAS
- Authenticate users over a site-to-site VPN
Module 8: Web Protection
- Sophos Firewall Web Protection Overview
- Configuring Web Protection on Sophos Firewall
- Sophos Firewall Web Protection Quotas and Traffic Shaping
- Labs
- Install the SSL CA Certificates
- Configure TLS Inspection Rules
- Configure a custom web policy for users
Module 9: Application Control
- Getting Started with Application Control on Sophos Firewall
- Application Traffic Shaping on Sophos Firewall
Module 10: Remote Access
- Getting Started with Remote Access VPNs on Sophos Firewall
- Advanced Sophos Remote Access VPN Configuration on Sophos Firewall
- Configuring Clientless Access on Sophos Firewall
- Labs
- Sophos Connect
- Auto Provisioning
Module 11: Wireless Protection
- Introduction to Wireless Protection on Sophos Firewall
- Deploying Wireless Protection on Sophos Firewall
- Wireless Authentication
- Creating Hotspots on Sophos Firewall
- Configuring Wireless Mesh Networks
Module 12: Logging and Reporting
- Running and Customizing Reports on Sophos Firewall
- Managing Logs and Notifications on Sophos Firewall
Module 13: Central Firewall Management
- Running and Customizing Reports on Sophos Firewall
- Managing Logs and Notifications on Sophos Firewall
Module 14: Course Review
- How to find help from Sophos
- Course review
