http://www.firewalllearning.com/
Hyderabad: #304,305 Ashoka Capital building, Road Number 2 , BanjaraHills, Hyderabad, Telangana, India – 500034. Ph: 8686348800, 9100058419 | [email protected]
Certified Network & Firewall Specialist – CNFS Training
The Certified Network & Firewall Specialist – CNFS Course consists of multiple
training and certification tracks that map to industry job roles. This course
provides the latest technologies and job skills that make you an innovator in
Security technologies..This course provides Specialized knowledge about
Deploying, configuring, Managing & Troubleshooting enterprise firewalls,
Intrusion Detection systems, Intrusion prevention systems, Firewall clusters &
Load balancers, gateway-based anti-virus, anti-spam, SSL VPN and web content
filtering, along with application control and flexible configuration options of
major vendors in industry such as cisco, Juniper, Checkpoint, Fortinet, paloalto , F5, Bluecaot,Riverbed,
wireshark & also it will be extensively going through with different hacking techniques & hacker
methodologies and approach of security administrators to defend networks against cyber threats.
This course is designed by industry experts by identifying the skills required by current job market.
Multiple vendor course are added in this course why because many companies infrastructures are hybrids
of multiple vendors
Duration:
6 months
Module-1: Networking
Introduction to Networking
Local Area networks
Understanding the OSI Model
Understanding TCP/IP
Understanding Network Services
Understanding Wires & wireless Networks
Internet Protocol v4
Wide Area Networks
Understanding Ip header
Understanding TCP Flags
http://www.firewalllearning.com/
Hyderabad: #304,305 Ashoka Capital building, Road Number 2 , BanjaraHills, Hyderabad, Telangana, India – 500034. Ph: 8686348800, 9100058419 | [email protected]
Module-2: Microsoft Basics
AD Overview
Configuring AD
Understanding AD Forest, Tree, Domain, OU
Understanding GPO
Deploying GPO
Understanding DHCP Process
Configuring DHCP
Understanding DNS Architecture
Configuring DNS
Configuring RADIUS
Creating Network policy servers to integrate with Firewalls & Routers
Module-3: Linux Basics
Linux Architecture
Linux installation
Understanding Linux File System Hierarchy
File permissions
System Logging in Linux
Configuring Syslog server
Log monitoring in Syslog
Reset Root Password
Module-4: CCNA ( Routing & Switching )
IPADDRESSING
TCP/IP Protocol Suite
IPv4 Address Classes
Addressing Fundamentals
IPV4 SERVICES
Domain Name System
Internet Control Message Protocol (ICMP)
Transmission Control Protocol (TCP)
http://www.firewalllearning.com/
Hyderabad: #304,305 Ashoka Capital building, Road Number 2 , BanjaraHills, Hyderabad, Telangana, India – 500034. Ph: 8686348800, 9100058419 | [email protected]
User Datagram Protocol (UDP)
Differences between TCP & UDP
SUBNETTING
Classful vs. Classless Addressing
Subnet Calculation Process
VLSM
CIDR
Summarization
ROUTER
Introduction to Router
Configuring a Router
Managing Cisco IOS Software
IOS backup & Recovery
Password Recovery of router
ROUTING BASICS
Introduction to Routing Protocols
Static Routing
Default Routing
Dynamic Routing
IP ROUTING PRINCIPLES
IP Routing Fundamentals
Link State Protocol
Administrative Distance
ROUTING PROTOCOLS
IGRP
Differences between RIPv1 & RIPv2
Configuring RIP
http://www.firewalllearning.com/
Hyderabad: #304,305 Ashoka Capital building, Road Number 2 , BanjaraHills, Hyderabad, Telangana, India – 500034. Ph: 8686348800, 9100058419 | [email protected]
OSPF
OSPF Fundamentals
Configuring OSPF
OSPF Route Selection
OSPF Route Preferences
EIGRP
EIGRP Fundamentals
Configuring EIGRP
EIGRP Route Selection
EIGRP Troubleshooting
Access Control Lists (ACLs)
Access-List Fundamentals
Configuring ACL
Access-List Processing
Wildcard Masks
Standard IP Access-Lists
Extended IP Access-Lists
Troubleshooting Access-Lists
NETWORK ADDRESS TRANSLATION (NAT)
Introduction to NAT
NAT Fundamentals
Configuring static NAT
Configuring Dynamic NAT
NAT Troubleshooting
Port Address Translation
Introduction to PAT
Configuring PAT
FRAME RELAY
http://www.firewalllearning.com/
Hyderabad: #304,305 Ashoka Capital building, Road Number 2 , BanjaraHills, Hyderabad, Telangana, India – 500034. Ph: 8686348800, 9100058419 | [email protected]
Frame-Relay Fundamentals
Implementing Frame-Relay
Frame-Relay with ARP
Frame-Relay Serial Interface
SWITCHING
Introduction to Switching
Switch Architecture
Configuring Cisco switches
Running debug commands
VLANS
Introduction to VLAN Technology
VLAN Principles
Creating VLANs
VLAN Trunking
Configuring Inter-VLAN Routing
Spanning-Tree protocol
Spanning-Tree Basics
Configuring Spanning-tree
Spanning-Tree Convergence
Spanning-Tree Enhancements
Spanning-Tree Troubleshooting
Introduction to IPV6
IPv6 Fundamentals
IPv6 Routing
Configuring EIGRP for IPv6
Completing IPv6 Configuration
WLAN Technology
Wireless Fundamentals
Wireless LAN Components
http://www.firewalllearning.com/
Hyderabad: #304,305 Ashoka Capital building, Road Number 2 , BanjaraHills, Hyderabad, Telangana, India – 500034. Ph: 8686348800, 9100058419 | [email protected]
Wireless LAN Types
Wireless LAN Operation
Wireless LAN Security
Configuring wireless router
Security Device Manager (SDM)
Introduction to SDM
Prerequisites of SDM
Configuring SDM
Troubleshooting SDM
Module-5: CCNA ( Security )
Fundamentals of Security
Introduction to CIA
Goals of Security
Profiles of Attackers
Types of Attackers
Typical Threats/Attacks
Cisco Device Security
Configuring SSH server
Configuring Syslog Server
Configuring NTP server
Role based access
AAA ( Authentication, Authorization & Accounting)
Understanding AAA Framework
Implement AAA on Cisco routers using
Understanding TACACS+
Configuring TACACS+
Configuring Cisco Secure ACS
CISCO Router Based Firewalls
http://www.firewalllearning.com/
Hyderabad: #304,305 Ashoka Capital building, Road Number 2 , BanjaraHills, Hyderabad, Telangana, India – 500034. Ph: 8686348800, 9100058419 | [email protected]
Classic IOS Firewall
Drawbacks of CBAC
CBAC Configuration
Configuring Zone Based Firewalls
Implement the Cisco IOS firewall feature set using SDM
Access control Lists
Access-List Basics
Exploring Access-Lists
Applying standard Access /lists
Extended ACL configuration
Intrusion Detection & Prevention
IDS/IPS Fundamentals
Threat Detection Techniques
Configuring IOS based IPS
Virtual Private Network
Introduction to VPN
Types of VPNs
Internet Key Exchange
IPSEC Fundamentals
Configuring Router based Remote Access VPN
Configuring Site-to-site VPN
Hardening Router
Running Vulnerability assessment of a router
Auditing cisco router using SDM
Configuring one step Lockdown
Implement secure network management and reporting
Switch Security
VLAN Attack and Defense
http://www.firewalllearning.com/
Hyderabad: #304,305 Ashoka Capital building, Road Number 2 , BanjaraHills, Hyderabad, Telangana, India – 500034. Ph: 8686348800, 9100058419 | [email protected]
Spoofing Attacks
MAC Flooding/CAM Overflow
STP Attack and Defense
Configuring BPDU Guard
Configuring Root Guard
Overview of Storm control
Configuring Storm control
Module-6: ASA Firewall administration
Securing Networks with Cisco Routers and Switches
Deploying Cisco IOS Software Network Foundation Protection Lesson
Deploying Network Foundation Protection Controls
Deploying Advanced Switched Data Plane Security Controls
Implementing Cisco Identity-Based Network Services
Deploying Basic 802.1X Features
Deploying Advanced Routed Data Plane Security Controls
Deploying Advanced Control Plane Security Controls
Deploying Advanced Management Plane Security Controls
Deploying Cisco IOS Software Threat Control and Containment
Deploying Cisco IOS Software Network Address Translation
Deploying Basic Zone-Based Policy Firewalls
Deploying Advanced Zone-Based Policy Firewalls
Deploying Cisco IOS Software IPS
Deploying Cisco IOS Software Site-to-Site Transmission Security
Site-to-Site VPN Architectures and Technologies
Deploying VTI-Based Site-to-Site IPsec VPNs
Deploying Scalable Authentication in Site-to-Site IPsec VPNs
Deploying DMVPNs
Deploying High Availability in Tunnel-Based IPsec VPNs
Deploying GET VPN
Deploying Secure Remote Access with Cisco IOS Software
Remote Access VPN Architectures and Technologies
http://www.firewalllearning.com/
Hyderabad: #304,305 Ashoka Capital building, Road Number 2 , BanjaraHills, Hyderabad, Telangana, India – 500034. Ph: 8686348800, 9100058419 | [email protected]
Deploying Remote Access Solutions Using SSL VPN
Deploying Remote Access Solutions Using Cisco Easy VPN
Deploying Cisco ASA Firewall Solutions
Introduction to the Cisco ASA Adaptive Security Appliance
Implementation of Basic Connectivity and Device Management
Deployment of Cisco ASA Adaptive Security Appliance Access Control Features
Deployment of Cisco ASA Adaptive Security Appliance Network Integration Features
Deployment of Cisco ASA Adaptive Security Appliance Virtualization and High-
Availability Features
Integration of Cisco ASA Adaptive Security Appliance Security Service Modules
Configuring Routing on the Cisco ASA Adaptive Security Appliance
Configuring Dynamic Routing
Deploying Cisco ASA VPN Solutions
Evaluate the Cisco ASA adaptive security appliance VPN subsystem
Deploy Cisco ASA adaptive security appliance IPsec VPN solutions
Deploy Cisco ASA adaptive security appliance Cisco AnyConnect remote access VPN
solutions
Deploy Cisco ASA adaptive security appliance clientless remote access VPN solutions
Deploy advanced Cisco ASA adaptive security appliance VPN
Implementing Cisco Intrusion Prevention System
Introduction to Intrusion Prevention and Detection,
Cisco IPS Software,and Supporting Devices
Installing and Maintaining Cisco IPS Sensors
Applying Cisco IPS Security Policies
Adapting Traffic Analysis and Response to the Environment
Managing and Analyzing Events
Configuring and Maintaining Specific Cisco IPS Hardware
http://www.firewalllearning.com/
Hyderabad: #304,305 Ashoka Capital building, Road Number 2 , BanjaraHills, Hyderabad, Telangana, India – 500034. Ph: 8686348800, 9100058419 | [email protected]
Module-6: Checkpoint Administration
Introduction to Checkpoint Technologies
What’s new in checkpoint R77.30
Checkpoint’s Architecture
Implementing 3 tier Architecture of checkpoint
Deployment Platforms
Checkpoint supported platforms
Installing Checkpoint on Windows o/s
Installing Checkpoint on GAiA
Configuring checkpoint in standard setup
Configuring checkpoint in distributed setup
Introduction to Security policy
Understanding Checkpoint Licensing
VerifySIC establishment between the Security Management Server and the Gateway using Smart
Dashboard
Creating a basic Rulebase
Implicit rules vs Explicit rules
Configuring hide NAT
Configuring Static NAT
Configuring PAT & Port Redirection
User management & Authentication
Configure user & group accounts in checkpoint
Configure policies for authentication
Local Authentication Methods
Configuring user authentication
Configuring Session authentication
Configuring Client Authentication
http://www.firewalllearning.com/
Hyderabad: #304,305 Ashoka Capital building, Road Number 2 , BanjaraHills, Hyderabad, Telangana, India – 500034. Ph: 8686348800, 9100058419 | [email protected]
External Authentication
Creating LDAP & TACACS+ objects
Integrating active directory server with checkpoint gateway
Configuring Tacacs+ server
Integrating Tacacs+ server with checkpoint gateway
Integrating Radius Server
Identity Awareness
Introduction to Identity Awareness
Configuring Identity Awareness
Using Identity awareness to provide access to network resource
Checkpoint VPN Introduction
Understanding VPN terminology
Understanding IKEv2
Understanding Phase-1& Phase-2
Implementing site-to-site vpn with head office & Branch office
Monitoring
Using smartview tracker for Analyzing logs
Using smartview Monitor for monitoring traffic
Using queries in smartview tracker
Filtering logs in smartview tracker
SMART UPDATE
Monitor remote Gateways using SmartUpdate
Patch Management
http://www.firewalllearning.com/
Hyderabad: #304,305 Ashoka Capital building, Road Number 2 , BanjaraHills, Hyderabad, Telangana, India – 500034. Ph: 8686348800, 9100058419 | [email protected]
Manage New installations
license modifications
Upgrading Checkpoint Gw’s & Management server using Smart update
Module-7: Checkpoint Expert
Advance Firewall
Debugging firewall Modules
Upgrade & troubleshoot Management server
Performing Backup of Management server
Backup using snapshot
Backup using cpbackup
Backup using upgrade tools
Command Line Administration
Understanding standard mode & Expert mode shells
Running Checkpoint commands
Accessing Firewall Directory
Advance VPN
Troubleshoot a site-to-site or certificatebased VPN Using ikeview
Optimize VPN Performance
Implementing an SSL Web based VPN
Implementing Tunnel based SSL VPN
Troubleshooting SSL VPN
UTM Features
Configuring Antivirus blade in checkpoint gateway
http://www.firewalllearning.com/
Hyderabad: #304,305 Ashoka Capital building, Road Number 2 , BanjaraHills, Hyderabad, Telangana, India – 500034. Ph: 8686348800, 9100058419 | [email protected]
Verifying Antivirus modules
Implementing content filtering
Configuring cvp & ufp policies
Configuring URL filtering
Testing URL filtering
Advance UTM Features
Java & ActiveX based attacks
Implementing Java & activeX blocking
Configuring Application control
Using smart event intro for analyzing application traffic
IDS/IPS
Configuring IPS blade
Updating IPS signatures
Configuring IPS policies
Customizing IPS profiles
Implementing location based restrictions
Verifying IPS
QOS
Understanding Checkpoint QOS architecture
Enabling QOS blade
Bandwidth Monitoring using QOS
Segregate Bandwidth to different networks
Writing QOS policies in rulebase
CLUSTERING
Building clusterXL for loadbalancing
Adding gateways into cluster
http://www.firewalllearning.com/
Hyderabad: #304,305 Ashoka Capital building, Road Number 2 , BanjaraHills, Hyderabad, Telangana, India – 500034. Ph: 8686348800, 9100058419 | [email protected]
Verify Load balancing
Bulding clusterXL for High Availabilty
Deploying HA on an Enterprise network
Verifying HA using smartview monitor
Management sever Clustering
Management server recovery
Reporting
Create Events using SmartEvent
Generate reports using SmartReporter
Analyzing Industry Complaince Information
Module-8: Fortigate Administration
Introduction to fortinet
Understanding Features of Fortigate
Understanding Fortigaurd Queries & Packages
Initial Configuration
Upgrading Firmware
Backup & Restore
Configuring DHCP
Firewall Policies
Implicit vs Explicit Policies
Understanding Firewall Components
Understanding NAT
Configuring Source NAT
Configuring DNAT using Virtual Server
Authentication
Understanding Authentication Protocols
Integrating Active Directory Server
Integrating Radius Server
Create Authentication Policies
Configure Captive Portal
Monitor firewall Users
http://www.firewalllearning.com/
Hyderabad: #304,305 Ashoka Capital building, Road Number 2 , BanjaraHills, Hyderabad, Telangana, India – 500034. Ph: 8686348800, 9100058419 | [email protected]
SSL VPN
Understanding SSL Architecture
Operation Modes of SSL
Configuring SSL VPN WebMode
Configuring Bookmark
Configure firewall policies for SSL VPN
Monitor SSL Users
Basic IPSEC VPN
Understanding Architecture of IPSEC
Understanding IKE Phase 1 & 2
Understanding SAD,SPD
Configure IPSEC between two networks
Monitor VPN Traffic
Antivirus
Types of Virus & Malware
Proxy based vs flow based scans
Forti Sandbox
Submit virus sample to fortiguard
Configure Antivirus scanning
Identify order of Evaluation
Explicit Proxy
Implicit vs Explicit Proxy
Configuring Explicit Proxy
PAC vs WPAD
Configuring Web cache
Monitor Proxy Users
Webfilter
Understanding Fortigate Webfiltering Mechanism
Configuring Content Filtering
Configuring URL Filtering
Configuring Web filter overrides
http://www.firewalllearning.com/
Hyderabad: #304,305 Ashoka Capital building, Road Number 2 , BanjaraHills, Hyderabad, Telangana, India – 500034. Ph: 8686348800, 9100058419 | [email protected]
Monitor Webfilter logs
Application Control
Updating Application Control Database
Configuring Application control profile
Traffic Shaping
Logging Application control events
Logging & Monitoring
Understanding Log severity levels
Understanding Logs & Sublog types
Understanding Log structures
Configuring log settings
Configuring Forticloud
Redirect logs to Syslog & SNMP
Module-9: Fortigate Expert
Routing
Interpret Routing Tables
Configuring Wan Link load balance
Configuring RPF
Overriding Static route using Policy base routing
Diagnose Routing Issues
Virtual Domains
Understanding VDOM’s
VDOM resource vs Global resource
Configuring Independent VDOM
Configuring Management through VDOM
Configuring Intervdom Links
Monitoring VDOM Traffic
Transparent Mode
Changing Operation Mode
http://www.firewalllearning.com/
Hyderabad: #304,305 Ashoka Capital building, Road Number 2 , BanjaraHills, Hyderabad, Telangana, India – 500034. Ph: 8686348800, 9100058419 | [email protected]
Configuring Forward Domains
Configuring Port pairing
Implementing Security Profiles
Monitor Mac Table
High Availability
Understanding Active-Active, Active-Passive modes
Implementing HA Solution
Configuring Session Synchronization
Configuring FGSP
Upgrading Firmware on a cluster
Monitor HA Statistics
Advance IPSEC VPN
Differentiate Main Mode & Aggressive Mode
Deploy a remote access vpn using Forticlient
Configure redundant VPN
Diagnose VPN Tunnels
Intrusion Prevention system
Choose IPS Signatures
Configure Anomaly based Detection
Configure signature based detection
Configure DOS Sensor
Monitor & Recognize Attacks using IPS
FSSO
Understanding FSSO
DC Agent Vs Polling mode
Configure DC agent
Monitor FSSO logins
Certificate Operations
Generating a CSR
Importing CRL into Fortigate
Configuring SSL/SSH inspection
http://www.firewalllearning.com/
Hyderabad: #304,305 Ashoka Capital building, Road Number 2 , BanjaraHills, Hyderabad, Telangana, India – 500034. Ph: 8686348800, 9100058419 | [email protected]
Generating Self signed Certificate
Enable SSL Inspection in fortigate
Data Leakage Prevention
Understanding Function of DLP
Filter files & Messages
Fingerprinting
Watermark Based inspection
Diagnostics
Identifying Normal Behavior
Understanding Traffic flow
Connectivity Troubleshooting
Diagnose Resource Issues
Testing Firmware Without Installing
Hardware Acceleration
Understanding ASIC
Understanding NP, SP, CP, SOC
Offloading Sessions to NP
Configure Content Inspection using CP
Configure Antivirus Inspection using SP
Module-10: Juniper JNCIA
Chapter 1: Course Introduction
Chapter 2: Junos Operating System Fundamentals
The Junos OS
Traffic Processing
Platforms Running the Junos OS
Chapter 3: User Interface Options
User Interface Options
The Junos CLI: CLI Basics
http://www.firewalllearning.com/
Hyderabad: #304,305 Ashoka Capital building, Road Number 2 , BanjaraHills, Hyderabad, Telangana, India – 500034. Ph: 8686348800, 9100058419 | [email protected]
The Junos CLI: Operational Mode
The Junos CLI: Configuration Mode
Lab 1: The Junos CLI
Chapter 4: Initial Configuration
Factory-Default Configuration
Initial Configuration
Interface Configuration
Lab 2: Initial System Configuration
Chapter 5: Secondary System Configuration
User Configuration and Authentication
System Logging and Tracing
Network Time Protocol
Archiving Configurations
SNMP
Lab 3: Secondary System Configuration
Chapter 6: Operational Monitoring and Maintenance
Monitoring Platform and Interface Operation
Network Utilities
Maintaining the Junos OS
Password Recovery
Chapter 7: Routing Fundamentals
Routing Concepts: Overview of Routing
Routing Concepts: The Routing Table
Routing Concepts: Routing Instances
Static Routing
Dynamic Routing
Lab 1: Routing Fundamentals
http://www.firewalllearning.com/
Hyderabad: #304,305 Ashoka Capital building, Road Number 2 , BanjaraHills, Hyderabad, Telangana, India – 500034. Ph: 8686348800, 9100058419 | [email protected]
Chapter 8: Routing Policy
Routing Policy Overview
Case Study: Routing Policy
Lab 2: Routing Policy
Chapter 9: Firewall Filters
Firewall Filters Overview
Case Study: Firewall Filters
Unicast Reverse-Path-Forwarding Checks
Lab 3: Firewall Filters
Module-11: Juniper JNCIS
Chapter 1: Course Introduction
Chapter 2: Introduction to Junos Security
Traditional Routing
Traditional Security
The Junos OS Architecture
Chapter 3: Zones
The Definition of Zones
Zone Configuration
Monitoring Security Zones
Lab 1: Configuring and Monitoring Zones
Chapter 4: Security Policies
Security Policy Overview
Junos ALGs
Policy Components
Verifying Policy Operation
Policy Scheduling and Rematching
Policy Case Study
Lab 2: Security Policies
http://www.firewalllearning.com/
Hyderabad: #304,305 Ashoka Capital building, Road Number 2 , BanjaraHills, Hyderabad, Telangana, India – 500034. Ph: 8686348800, 9100058419 | [email protected]
Day 2
Chapter 5: Firewall User Authentication
Firewall User Authentication Overview
Pass-Through Authentication
Web Authentication
Client Groups
Using External Authentication Servers
Verifying Firewall User Authentication
Lab 3: Configuring Firewall Authentication
Chapter 6: Screen Options
Multilayer Network Protection
Stages and Types of Attacks
Using Junos Screen Options—Reconnaissance Attack Handling
Using Junos Screen Options—Denial of Service Attack Handling
Using Junos Screen Options—Suspicious Packets Attack Handling
Applying and Monitoring Screen Options
Lab 4: Implementing Screen Options
Chapter 7: Network Address Translation
NAT Overview
Source NAT Operation and Configuration
Destination NAT Operation and Configuration
Static NAT Operation and Configuration
Proxy ARP
Monitoring and Verifying NAT Operation
Lab 5: Network Address Translation
Day 3
Chapter 8: IPsec VPNs
VPN Types
Secure VPN Requirements
IPsec Details
Configuration of IPsec VPNs
IPsec VPN Monitoring
http://www.firewalllearning.com/
Hyderabad: #304,305 Ashoka Capital building, Road Number 2 , BanjaraHills, Hyderabad, Telangana, India – 500034. Ph: 8686348800, 9100058419 | [email protected]
Lab 6: Implementing IPsec VPNs
Chapter 9: Introduction to Intrusion Detection and Prevention
Introduction to Junos IDP
IDP Policy Components and Configuration
Signature Database
Case Study: Applying the Recommended IDP Policy
Monitoring IDP Operation
Lab 7: Implementing IDP
Chapter 10: High Availability Clustering Theory
High Availability Overview
Chassis Cluster Components
Advanced Chassis Cluster Topics
Chapter 11: High Availability Clustering Implementation
Chassis Cluster Operation
Chassis Cluster Configuration
Chassis Cluster Monitoring
Lab 8: Implementing High Availability Techniques
Chapter 12: UTM Overview
Branch Office Challenges
UTM Feature Overview
Design Basics
Hardware Support
Licensing of Features
Lab 1: Connecting to the Lab Equipment and Testing Connectivity
Chapter 13: Antispam
Antispam Terminology
Overview of Antispam Process
UTM Policy Overview
Configuration Steps
Monitoring Antispam
http://www.firewalllearning.com/
Hyderabad: #304,305 Ashoka Capital building, Road Number 2 , BanjaraHills, Hyderabad, Telangana, India – 500034. Ph: 8686348800, 9100058419 | [email protected]
Lab 2: Configuring an Antispam Policy
Chapter 14: Full File-Based and Express Antivirus
Antivirus Terminology
Overview of Antivirus Process
AV Operation
Full File-based AV Configuration
Express AV Configuration
Monitoring AV
Lab 3: Antivirus Configuration and Testing
Chapter 15: Content and Web Filtering
Overview and Terminology
Configuration
Verification and Monitoring
Lab 4: Configuring Content and Web Filtering
Module-12: Paloalto Network Essentials
Platforms and Architecture
Single Pass Architecture
Flow Logic
Initial Configuration
Initial Access to the System
Configuration Management
Licensing and Software Updates
Account Administration
Interface Configuration
Security Zones
Layer 2, Layer 3, Virtual Wire, and Tap
Sub-interfaces
DHCP
http://www.firewalllearning.com/
Hyderabad: #304,305 Ashoka Capital building, Road Number 2 , BanjaraHills, Hyderabad, Telangana, India – 500034. Ph: 8686348800, 9100058419 | [email protected]
Virtual Routers
Security and NAT Policies
Security Policy Configuration
Policy Administration
NAT (source and destination)
App-ID
App-ID Overview
Application Groups and Filters
Content-ID
Antivirus
Anti-spyware
Vulnerability
URL Filtering
File Blocking: WildFire
Security Profiles File Blocking
WildFire
Decryption
Certificate Management
Outbound SSL Decryption
Inbound SSL Decyrption
User-ID
Enumerating Users
Mapping Users to IP addresses
User-ID Agent
http://www.firewalllearning.com/
Hyderabad: #304,305 Ashoka Capital building, Road Number 2 , BanjaraHills, Hyderabad, Telangana, India – 500034. Ph: 8686348800, 9100058419 | [email protected]
Site-to-Site VPN
IPsec Tunnels
Management & Reporting
Dashboard
Basic Logging
Basic Reports
Panorama
Active/Passive High Availability
Configuring Active/Passive HA
Module-13: Paloalto Advance Administration
Advanced Interface Config
Advanced NAT
Policy Based Forwarding
Routing Protocols (OSPF)
App-ID: Custom Apps
Defining new Application Signatures
Application Override
Advanced Content-ID™
Custom Threat Signatures
Data Filtering
DoS Protection
Botnet Report
Advanced User-ID™
Terminal Server Agent
Captive Portal
http://www.firewalllearning.com/
Hyderabad: #304,305 Ashoka Capital building, Road Number 2 , BanjaraHills, Hyderabad, Telangana, India – 500034. Ph: 8686348800, 9100058419 | [email protected]
XML API
QoS
Configuring Quality of Service
Monitoring and Reporting
Log Forwarding
SNMP
Reporting
GlobalProtect
Implementation of GlobalProtect
Install and Configure Portal, Gateway, and Agents
MSM
GP-100 Overview
Deployment Policies
Managing Mobile Devices
Module-14: F5 LTM Administration
Chapter 1: Setting Up the BIG-IP System
Introducing the BIG-IP System
Initially Setting Up the BIG-IP System
Archiving the BIG-IP Configuration
Leveraging F5 Support Resources and Tools
Chapter 2: Traffic Processing Building Blocks
Identifying BIG-IP Traffic Processing Objects
Network Packet Flow
Configuring Virtual Servers and Pools
Load Balancing Traffic
Viewing Module Statistics and Logs
Using the Traffic Management Shell (TMSH)
http://www.firewalllearning.com/
Hyderabad: #304,305 Ashoka Capital building, Road Number 2 , BanjaraHills, Hyderabad, Telangana, India – 500034. Ph: 8686348800, 9100058419 | [email protected]
Understanding the TMSH Hierarchical Structure
Navigating the TMSH Hierarchy
Managing BIG-IP Configuration State and Files
BIG-IP System Configuration State
Loading and Saving the System Configuration
Shutting Down and Restarting the BIG-IP System
Saving and Replicating Configuration Data (UCS and SCF)
Viewing the BIG-IP Connection Table
Chapter 3: Using NATs and SNATs
Address Translation on the BIG-IP System
Mapping IP Addresses with NAT
Solving Routing Issues with SNATs
Configuring SNAT Auto Map on a Virtual Server
Monitoring for and Mitigating Port Exhaustion
Chapter 4: Monitoring Application Health
Introducing Monitors
Types of Monitors
Monitor Interval and Timeout Settings
Configuring Monitors
Assigning Monitors to Resources
Managing Pool, Pool Member, and Node Status
Using the Network Map
Chapter 5: Modifying Traffic Behavior with Profiles
Introducing Profiles
Understanding Profile Types and Dependencies
Configuring and Assigning Profiles
Chapter 6: Modifying Traffic Behavior with Persistence
Understanding the Need for Persistence
Introducing Source Address Affinity Persistence
Introducing Cookie Persistence
Introducing SSL Offload and SSL Re-Encryption
Managing Object State
Introducing Action on Service Down
http://www.firewalllearning.com/
Hyderabad: #304,305 Ashoka Capital building, Road Number 2 , BanjaraHills, Hyderabad, Telangana, India – 500034. Ph: 8686348800, 9100058419 | [email protected]
Chapter 7: Troubleshooting the BIG-IP System
Configuring Logging
Introducing BIG-IP System Logging
Legacy Remote Logging
Introducing High Speed Logging (HSL)
High-Speed Logging Filters
HSL Configuration Objects
Configuring High Speed Logging
Using tcpdump on the BIG-IP System
Chapter 8: Administering the BIG-IP System
Leveraging Always-On Management (AOM)
Expanding Availability with Device Service Clustering (DSC)
Viewing BIG-IP System Statistics
Defining User Roles and Administrative Partitions
Leveraging vCMP
Chapter 9: Customizing Application Delivery with iRules
Identifying iRules Components
Triggering iRules with Events
Leveraging the iRules Ecosystem on DevCentral
Chapter 10: Reviewing Local Traffic Configuration
Reviewing Nodes, Pools, and Virtual Servers
Reviewing Address Translation
Reviewing Routing Assumptions
Reviewing Application Health Monitoring
Reviewing Traffic Behavior Modification with Profiles
Reviewing the TMOS Shell (TMSH)
Reviewing Managing BIG-IP Configuration Data
Chapter 11: Load Balancing Traffic with LTM
Exploring Load Balancing Options
Using Priority Group Activation and Fallback Host
Comparing Member and Node Load Balancing
http://www.firewalllearning.com/
Hyderabad: #304,305 Ashoka Capital building, Road Number 2 , BanjaraHills, Hyderabad, Telangana, India – 500034. Ph: 8686348800, 9100058419 | [email protected]
Chapter 12: Modifying Traffic Behavior with Persistence
Reviewing Persistence
Introducing SSL Persistence
Introducing SIP Persistence
Introducing Universal Persistence
Introducing Destination Address Affinity Persistence
Using Match Across Options for Persistence
Chapter 13: Monitoring Application Health
Differentiating Monitor Types
Customizing the HTTP Monitor
Monitoring an Alias Address and Port
Monitoring a Path vs. Monitoring a Device
Managing Multiple Monitors
Using Application Check Monitors
Using Manual Resume and Advanced Monitor Timer Settings
Chapter 14: Processing Traffic with Virtual Servers
Virtual Servers Concepts
Path Load Balancing
Introducing Auto Last Hop
Chapter 15: Processing Traffic with SNATs
Overview of SNATs
SNAT Auto Map
Using SNAT Pools
SNATs as Listeners
SNAT Specificity
VIP Bounceback
Additional SNAT Options
Network Packet Processing
Chapter 16: Configuring High Availability
Sync-Failover Group Concepts
Synchronization, State and Failover
http://www.firewalllearning.com/
Hyderabad: #304,305 Ashoka Capital building, Road Number 2 , BanjaraHills, Hyderabad, Telangana, India – 500034. Ph: 8686348800, 9100058419 | [email protected]
Traffic Group Concepts
N+1 Concepts
Chapter 17: Configuring High Availability Part 2
Failover Triggers and Detection
Stateful Failover
Device Group Communication
Sync-Only Device Groups
Chapter 18: Modifying Traffic Behavior with Profiles
Profiles Overview
Common Protocol Profile Types and Settings
TCP Express Optimization
Performance Improvements
Configuring and Using Profiles
HTTP Profile Options
OneConnect
Offloading HTTP Compression to BIG-IP
HTTP Caching
Stream Profiles
F5 Acceleration Technologies
Analytics
Chapter 19: Deploying Application Services with iApps
Simplifying Application Deployment with iApps
Using iApps Templates
Deploying an Application Service
Reconfiguring an Application Service
Leveraging the iApps Ecosystem on DevCentral
Chapter 20: Customizing Application Delivery with iRules and Local Traffic Policies
Getting Started with iRules
Triggering an iRule
Introducing iRule Constructs
Leveraging the DevCentral Ecosystem
Deploying and Testing iRules
Getting Started with Local Traffic Policies
http://www.firewalllearning.com/
Hyderabad: #304,305 Ashoka Capital building, Road Number 2 , BanjaraHills, Hyderabad, Telangana, India – 500034. Ph: 8686348800, 9100058419 | [email protected]
What Can You Do with a Local Traffic Policy?
How Does a Local Traffic Policy Work?
Understanding Local Traffic Policy Workflow
Introducing the Elements of a Local Traffic Policy
Specifying the Matching Strategy
What Are Rules?
Understanding Requires and Controls
Configuring and Managing Policy Rules
Configuring a New Rule
Including Tcl in Certain Rule Settings
Module-15: Bluecoat Administration
Introduction to ProxySG
ProxySG Security Deployments
ProxySG Initial Security Configuration
ProxySG Management Console
ProxySG Security Licensing
Proxy Services
Hypertext Transfer Protocol
Introduction to Visual Policy Manager
Content Filtering and WebPulse
Managing Downloads
Authenticating users on the ProxySG
Authentication Realms
Authentication with Transparent Proxy
Exceptions and Notifications
Access Logging
Managing SSL Traffic
http://www.firewalllearning.com/
Hyderabad: #304,305 Ashoka Capital building, Road Number 2 , BanjaraHills, Hyderabad, Telangana, India – 500034. Ph: 8686348800, 9100058419 | [email protected]
Module-16: Riverbed Wan 200 Essentials
Steelhead Appliance
Intro to RiOS® Optimization
In-Path Deployment
Out-of-Path Deployment
Logical In-Path w/ WCCPv2
Satellite w/ High-Speed TCP
Introduction to Interceptor®
Scaling Your Deployment
Sizing Your Deployment
Deployment Troubleshooting
Central Management Console
Managing Your Deployment
CMC Policies
Appliance Grouping
Deploying the CMC
Steelhead Mobile
Mobilizing Your Workforce
Acceleration Policies
Integrating Steelhead Mobile
Virtual Services Platform
VSP & ESXi Architecture
Deploying VM Packages
Granite
Storage & iSCSI Basics
Granite Solution Overview
LUN Configuration
Granite Core & EX Edge Install
Mapping LUNs (VSP/Non-VSP)
http://www.firewalllearning.com/
Hyderabad: #304,305 Ashoka Capital building, Road Number 2 , BanjaraHills, Hyderabad, Telangana, India – 500034. Ph: 8686348800, 9100058419 | [email protected]
Module-17: wireshark Packet Analysis
Introduction to Wireshark
Navigating in the GUI
Arranging Wireshark Your Way
Dissectors
Profiles
Latency
Controlling the Capture
Capture Filters
Display Filters
Adv. Display Filters
Upgrading Wireshark
Sorting out a Troubled Network
Regular Expressions
Exporting
Input/Output graphs
Expert Infos in Wireshark
Seeing What the User Downloaded
VoIP
IPv6 Packet Monitoring