Securing Your Email with Cisco IronPort C-Series Part I

COURSE OUTLINE:

Description This comprehensive, two-day training course provides a thorough foundation on how to successfully install, configure, and administrate Cisco IronPort email security appliances. At the end of the course, attendees will possess a working knowledge of how to use Cisco IronPort email security appliances to successfully manage and troubleshoot email traffic entering and leaving the enterprise network. Attendees will also learn about Internet email concepts and standards, and will receive an overview of other product features that can be used for more customized configurations.

Who should attend

  • Enterprise messaging managers and system administrators
  • Email system designers and architects
  • Network managers responsible for messaging implementation

Prerequisites

Students should possess the following background knowledge and skills:

  • A moderate knowledge of TCP/IP fundamentals, including IP addressing and sub-netting, static IP routing and DNS.
  • Experience with Internet-based messaging, including SMTP, Internet message formats, and MIME message format.
  • Familiarity with command line interface (CLI) and graphical user interface (GUI).
  • Previous experience with email security would be helpful.

In addition, it is recommended that students have some experience with basic configuration of an IronPort email security appliance.

Course Objectives

This two-day training course provides a thorough foundation for how to successfully install, configure, and administer Cisco IronPort email security appliances. Attendees receive in-depth instruction on the most commonly used product features, with an emphasis on:

  • How to deploy Cisco IronPort email security appliances in a typical enterprise email environment, including “best practices” for configuration, operation, and system administration.
  • How to manage, monitor, and troubleshoot the flow of email through Cisco IronPort email security appliances.
  • How to configure access control policies to eliminate threats at the perimeter, based on the identity and trustworthiness of the sender.
  • How to create content filters to implement and enforce corporate email policies.
  • How to configure Cisco IronPort email security appliances to detect and handle unwanted spam and viruses.
  • How to use IronPort's reputation-based services, SenderBase and Virus Outbreak Filters, to increase the security of your email network.
  • How to use reporting to document email traffic trends.
  • How to use Message Tracking to search on a specific email or category of email.
  • How to set delivery parameters for outgoing mail.

Extensive lab exercises provide attendees with skills for installing, configuring and administering Cisco IronPort email security appliances. At the end of the course, attendees will possess a working knowledge of how to use Cisco IronPort email security appliances to successfully manage and troubleshoot email traffic entering and leaving the enterprise network.

Course Content

Day One Agenda

Module 1 ― Cisco IronPort Overview

  • Product Overview
  • Technology Overview

Module 2 ― Installation & Configuration

  • Installation Planning
  • System Setup & Configuration

Module 3 ― Defining Sender & Recipient Groups

  • Configuring Listeners
  • Mail Flow Policies
  • Host Access Table
  • Recipient Access Table
  • SMTP Routes

Module 4 ― Anti-Spam

  • Recognize IronPorts Approach to Stop SPAM
  • Configure and Use Sender Base Reputation Scores
  • Configure and Use the Content Adaptive Scanning Engine

Module 5 ― Anti-Virus & Virus Outbreak Filters

  • Enable one or both Anti-Virus Engines
  • Use one or both AV Engines in Mail Policies
  • Use Virus Outbreak Filters for Zero Hour protection

Module 6 ― Policy Enforcement

  • Create User-Based Mail Policies
  • Identify Message Splintering
  • Describe Centralized Tracking & Reporting
  • Implement Message Tracking

Day Two Agenda

Module 7 ― Quarantines & Delivery Methods

  • Create and manage quarantines
  • Assign Administrative Users to Quarantines
  • Assign Bounce Profiles
  • Create Virtual Gateways

Module 8 ― Content Filters

  • Describe content scanning
  • Configure embedded object detection
  • Detect password-protected / non-protected attachments
  • Use Smart Identifiers

Module 9 ― Email Encryption

  • Configure an Encryption Profile
  • Provision with the Cisco Registered Envelope Service
  • Provision with a Local Key Server
  • Associate a content filtering rule with an “Encrypt” action

Module 10 ― Troubleshooting

  • Identify Issues
  • Diagnose and Isolate Problems
  • Troubleshooting tools and best practices
  • Log file contents and log administration

Module 11 ― System Administration

  • Support tools
  • System backup and recovery
  • Software upgrades