Securing Your Email with IronPort™ C-Series Part I and II

Rev 1.1

"I wouldn't change a thing George did an excellent job, the 2-day of Ironport Training, and the 1-day of Advanced Training was great!"

Course Overview

This three-day training course provides beginning through advanced information for successful configuration and operation of an IronPort email security appliance. By exploring in depth specific product features, mail administrators will receive in-depth training to meet specific needs with emphasis on:

How to deploy IronPort email security appliances in a typical enterprise email environment, including “best practices” for configuration, operation, and system administration.

  • How to manage, monitor, and troubleshoot the flow of email through IronPort email security appliances.
  • How to configure access control policies to eliminate threats at the perimeter, based on the identity and trustworthiness of the sender.
  • How to create content filters to implement and enforce corporate email policies.
  • How to configure IronPort email security appliances to detect and handle unwanted spam and viruses.
  • How to use IronPort's reputation-based services, SenderBase and Virus Outbreak Filters, to increase the security of your email network.
  • How to use Reporting to document email traffic trends.
  • How to use Message Tracking to search on a specific email or category of email.
  • How to set delivery parameters for outgoing mail.
  • Integrating with a directory server via LDAP
  • Debugging of LDAP integration issues
  • Using message filters to redirect and modify messages
  • Safe deployment and debugging of message filters
  • Email Authentication with DKIM and SPF

Extensive lab exercises provide attendees with skills for installing, configuring and administering IronPort email security appliances. At the end of the course, attendees will possess a working knowledge of how to use IronPort email security appliances to successfully manage and troubleshoot email traffic entering and leaving the enterprise network.

Audience

  • Enterprise messaging managers and system administrators
  • Email system designers and architects
  • Network managers responsible for messaging implementation

Prerequisites

It is assumed that attendees possess the following background knowledge and skills:

  • A moderate knowledge of TCP/IP fundamentals, including IP addressing and sub-netting, static IP routing and DNS.
  • Experience with Internet-based messaging, including SMTP, Internet message formats, and MIME message format.
  • Familiarity with command line interface (CLI) and graphical user interface (GUI).
  • Previous experience with email security would be helpful.

Securing Your Email with IronPort™ C-Series Part I and II

Day One Agenda

Module 1 - IronPort Overview

  • Product Overview
  • Technology Overview

Module 2 - Defining Sender & Recipient Groups

  • Configuring Listeners
  • Mail Flow Policies
  • Host Access Table
  • Recipient Access Table
  • SMTP Routes

Module 3 - Anti-Spam

  • Recognize IronPorts Approach to Stop SPAM
  • Configure and Use Sender Base Reputation Scores
  • Configure and Use the Content Adaptive Scanning Engine

Module 4 - Anti-Virus & Virus Outbreak Filters

  • Enable one or both Anti-Virus Engines
  • Use one or both AV Engines in Mail Policies
  • Use Virus Outbreak Filters for Zero Hour protection

Module 5 - Policy Enforcement

  • Create User-Based Mail Policies
  • Identify Message Splintering
  • Describe Centralized Tracking & Reporting
  • Implement Message Tracking

Securing Your Email with IronPort™ C-Series Part I and II

Day Two Agenda

Module 6 - Quarantines & Delivery Methods

  • Create and manage quarantines
  • Assign Administrative Users to Quarantines
  • Assign Bounce Profiles
  • Create Virtual Gateways

Module 7 - Content Filters

  • Describe content scanning
  • Configure embedded object detection
  • Detect password-protected / non-protected attachments
  • Use Smart Identifiers

Module 8 - Email Encryption

  • Configure an Encryption Profile
  • Provision with the Cisco Registered Envelope Service
  • Provision with a Local Key Server
  • Associate a content filtering rule with an "Encrypt" action

Module 9 - Troubleshooting

  • Identify Issues
  • Diagnose and Isolate Problems
  • Troubleshooting tools and best practices
  • Log file contents and log administration

Module 10 - Administration

  • Support tools
  • System backup and recovery
  • Software upgrades

Appendix A - Installation & Configuration

  • Installation Planning
  • System Setup & Configuration

Securing Your Email with IronPort™ C-Series Part I and II

Day Two Agenda

Module 1 - LDAP

  • Introduction to LDAP
  • LDAP Accept Queries
  • Domain Assignments
  • Daisy Chains
  • Directory Harvest Attack Prevention
  • Group Queries
  • Routing & Masquerading
  • SMTP Authentication

Module 2 - Message Filters

  • Message Filter Overview
  • Regular Expression Syntax
  • Attachment Scanning
  • Footer Stamping

Module 3 - Email Authentication

  • Domain Keys Identified Mail
  • Sender Profile Framework