PROXYSG 6.6 Advanced Administration

Planifiée

The ProxySG 6.6 Advanced Administration course is intended for IT professionals who wish to learn to master the advanced features of the ProxySG.
Delivery Method

Instructor-led and Virtual Academy

Who Should Attend

This course is for IT network or security professionals who have practical experience with the ProxySG in the field and wish to master the advanced network security of the ProxySG.

Prerequisites

You must have working knowledge of ProxySG Administration and should possess advanced knowledge of networking, security, and authentication.

Hands-On

This course includes practical hands-on exercises that enable you to test your new skills and begin to use those skills in a working environment.

Course Objectives

By the completion of this course, you will be able to:

• Solve common authentication and SSL issues
• Understand the underlying architecture of SGOS
• Monitor and analyze ProxySG performance
• Use policy tracing as a troubleshooting tool

Module 1 Using Authentication Realms
• Describe the benefits of enabling authentication on the ProxySG

• Describe, at a high level, the ProxySG authentication architecture

• Understand the use of IWA realms, with both IWA Direct and IWA BCAAA connection methods
Module 2 Understanding Authentication Credentials
• Describe how NTLM and Kerberos authentication work in both IWA direct and IWA BCAAA deployments

• Configure the ProxySG to use Kerberos authentication
Module 3 Understanding Authentication Modes
• Describe authentication surrogates and authentication modes

• Describe ProxySG authentication in both explicit and transparent deployment mode
Module 4 Understanding Authentication Modes
• Describe key components of SSL encryption

• Describe how the SSL handshake works

• Describe some of the legal and security considerations related to use of the SSL proxy
Module 5 Managing SSL Traffic on the ProxySG
• Describe how the SSL proxy service handles SSL traffic

• Describe the standard keyrings that are installed by default on the ProxySG

• Identify the types of security certificates that the ProxySG uses
Module 6 Optimizing SSL Interception Performance
• Configure the ProxySG to process SSL traffic according to best practices for performance
Module 7 SGOS Architecture
• Identify key components of SGOS

• Explain the interaction among client workers and software workers in processing client requests

• Explain the significance of policy checkpoints

• Describe key characteristics of the SGOS storage subsystem

• Explain the caching behavior of the ProxySG
Module 8 Caching Architecture
• Describe the benefits of object caching on the ProxySG

• Explain the caching-related steps in a ProxySG transaction

• Identify and describe the HTTP request and response headers related to caching

• Describe, in general terms, how the ProxySG validates cached objects to ensure freshness

• Explain how the ProxySG uses cost-based deletion, popularity contests, and pipelining to improve object caching
Module 9 System Diagnostics
• Describe the use of the health monitor and health checks

• Explain the use of the event and access logs

• Describe the information available in advanced URLs and sysinfo files

• Describe the function of policy tracing and packet captures
Module 10 Introduction to Content Policy Language (CPL)
• Describe the fundamental concepts and purposes of ProxySG policy transactions

• Understand the relationship of layers, rules, conditions, properties, and triggers

• Describe the two types of actions in CPL

• Describe how to write, edit, and upload CPL code
Module 11 Using Policy Tracing for Troubleshooting
• Identify the two main types of ProxySG policy traces

• Describe the various sections of a policy trace result

• Configure a global and policy-driven trace

• Access and interpret policy trace results
Module 12 ProxySG Integration
• Identify other Symantec products that can be used as part of a complete security solution