It is assumed that attendees possess the following background knowledge and skills:
- Attended Securing Email with Cisco Email Security Appliance Part 1 (SESA1), or knowledge of material covered in SESA1 course.
- A moderate knowledge of TCP / IP fundamentals, including IP addressing and sub-netting, static IP routing and DNS.
- Experience with Internet-based messaging, including SMTP, Internet message formats, and MIME message format.
- Familiarity with command line interface (CLI) and graphical user interface (GUI).
- Previous experience with email security would be helpful.
This one day training course provides advanced information for successful configuration and operation of a Cisco Email Security Appliance (Formerly Cisco IronPort Email Security Appliance). By exploring in depth specific product features, mail administrators will receive in-depth training to meet specific needs with emphasis on: - Integrating with a directory server via LDAP - Debugging of LDAP integration issues - Using message filters to redirect and modify messages - Safe deployment and debugging of message filters - Configuring TLS and Guaranteed Secure Delivery - Email Authentication with DKIM and SPF Extensive lab exercises provide attendees with critical hands-on experience working with advanced features of the Cisco Email Security Appliance. Attendees gain working knowledge of how to use the Cisco appliance to successfully manage and troubleshoot email traffic entering and leaving the enterprise network. Attendees will also learn about advanced Internet email concepts and receive an overview of other product features that can be used for more customized configurations.
This course enables students for successful configuration and operation of a Cisco Email Security Appliance which includes:
- Integrating with a directory server via LDAP
- Debugging of LDAP integration issues
- Using message filters to redirect and modify messages
- Safe deployment and debugging of message filters
- Configuring TLS and Guaranteed Secure Delivery
- Email Authentication with DKIM and SPF
- Module 1: Configuring LDAP Queries This module focuses directly on common LDAP configurations and issues. A brief overview of the Lightweight Directory Access Protocol is provided to give those new to LDAP some familiarity, but the bulk of the module assumes a basic understanding of LDAP terms and concepts. Active Directory is emphasized in a number of case studies to highlight the various installation choices. These include addressing the use of the ESA against multiple directories in a heterogeneous enterprise.
- Module 2: Message Filters (Advanced Policy) This module focuses on advanced filter options with specific emphasis on creating, troubleshooting, simplification / streamlining and regular expressions. Helpful tips and tricks for both Message and Content filters are covered. Extensive hands-on exercises are designed to give the students practice working with the Command Line Interface (CLI), as well as practical experience troubleshooting and examining logs.
- Module 3: Configuring TLS This module focuses on email encryption with TLS. We briefly introduce the TLS technology and then review configuration of the appliance as a STARTTLS Server and STARTTLS Client. We consider reporting and logging of TLS failures. Email envelope encryption is introduced as a failback mechanism for unsuccessful TLS connections. This mechanism is known as Guaranteed Secure Delivery.
- Module 4: Email Authentication This module focuses introducing Domain Keys Identified Mail and Sender Profile Framework, their role in Email Authentication and the issues of configuring it on the Cisco Appliance. Helpful examples and laboratories are provided to introduce the user to practical implementations.
Who Should Attend
- Channel Partner / Reseller