Sophos XG Firewall Certified Engineer Training Course

By SGL Technologies

The only identity-based security certification that is accepted all across the world is the Sophos XG Firewall Certified Engineer Training course provided by SGL, a top supplier of cybersecurity training, provides security professionals with the Sophos XG Firewall Certified Engineer certification. The acknowledged rise in insider threats within organizations is the cause for the certified experts’ skill in identity-based security, which greatly benefits their careers.

Objectives:

  • Describe the primary technical features of Sophos XG Firewall and their advantages;
  • Deploy and administer Sophos XG Firewall in a basic environment; and
  • Know how to scale the system correctly.
  • Showcase the most functional aspects.

Course Outline

Deployment

  • Key details from the Engineering course.
  • Describe the XG Firewall’s supported deployment modes.
  • Recognize a variety of situations in which each deployment style is often utilized.
  • Utilize the built-in tools to solve problems.
  • Labs
    • Register for a Sophos Central evaluation

Base Firewall

  • Describe how to get access to the XG firewall.
  • Recognize the many interface types that may be made and the advantages of Fast Path technology.
  • Set up routing based on firewall rules.
  • Recognize the optimal procedures for allocating firewall rules.
  • Describe local NAT policy and be familiar with its configuration.
  • Labs
  • Set the Sophos XG firewalls to active.
  • Configuration after installation
  • Interfaces for bridges
  • Make a NAT rule to distribute the load among servers.
  • Make a local network policy.
  • Set up routing with several WAN lines.
  • Set up policy-based routing for a scenario using MPLS.
  • Put Sophos Central in place.

Network Protection

  • Describe IPS and how traffic may be offloaded to FastPath. Show how to configure IPS policies to optimize workload.
  • Analyze cutting-edge intrusion prevention and improve regulations.
  • Set very sophisticated rules for Dos Protection.
  • Showcase how networks may be protected by implementing the stringent policy.
  • Labs
    • Create advanced Dos Rules

Synchronized Security 

  • Describe the operation of Security Heartbeat.
  • Set Up Security Synchronization
  • Use the discover and inline modes to implement synchronized security.
  • Recognize the benefits and drawbacks of using synchronized security in various contexts.
  • Labs
  • Set up source-based Firewall rules for Security Heartbeat
  • Location-specific The security heartbeat is absent.
  • Protection for Lateral Movement and Security Heartbeat

Web Server Protection

  • Describe the operation of Web Server Protection.
  • Explain the features of protection.
  • Establish security settings for an online application.
  • Set up the authentication on the web server.
  • Use the Web Application Firewall to publish a web service.
  • To configure Web Server Protection for typical uses, use the predefined templates.
  • Set up security using SlowHTTP.
  • Labs
  • Web server protection combined with load balancing for Web application firewalls
  • The use of path-specific routing and
  • Web server authentication

Site-to-Site Connections

  • Set up and implement site-to-site virtual private networks in various settings.
  • Put IPsec NATing and failover in place.
  • Verify and adjust the priority of the route
  • Make RED passageways between the firewalls XG.
  • Recognize when to use red
  • Labs
  • Establish a site-to-site IPsec VPN.
  • Set up the NATing and failover VPN networks.
  • Switch on RED for the XG Firewall.
  • Build a red tunnel that connects two XG firewalls.
  • Configure the RED tunnel’s route.
  • Set up a VPN depending on routes.

Authentication

  • Show off how to set up and utilize RADIUS accounting.
  • Install STAS in expansive and intricate settings.
  • Set up STAS and SATC simultaneously.
  • Set up Secure LDAP and recognize the various secure connections that are accessible.
    Labs:

    • Set up a server for Active Directory authentication.
    • Set up STAS for single sign-on.
    • Utilize a site-to-site VPN to authenticate users.

Web Protection

  • Selecting the best kind of web protection for various deployment circumstances;
  • Enabling web filtering via the use of the DPI engine or a legacy web proxy;
  • Configuring TLS inspection through the use of the DPI engine or a legacy web proxy; and

Lab:

  • Establish the TLS inspection rules.
  • Install the SSL CA certificate.

Wireless

  • Set up RADIUS authentication;
  • Describe the deployment process for Sophos Access Points and mention some typical problems that could arise;
  • Configure a mesh network

Remote Access

  • Set up Sophos Connect and use Sophos Connect Admin to manage the setup;
  • Set up an IPsec remote access VPN;
  • Set up an L2TP remote access VPN for mobile devices.
  • Labs
    • Sophos Connect

High Availability

  • Give an explanation of high availability (HA) and how it works;
  • Showcase HA configuration and highlight the differences between rapid and manual configuration;
  • Enumerate the requirements for high availability
  • Ensure that high availability (HA) is configured appropriately by following troubleshooting procedures and reviewing the logs.
  • Describe the packet flow in high availability. Show how to stop HA. Conduct the
  • Labs:
    • Create an Active-Passive cluster
    • Stop high availability.

Public Cloud

  • Configure sophisticated networking and protection capabilities;
  • Explain how XG Firewall processes traffic and uses its information to guide configurations;
  • Install XG Firewall in complicated network settings.
    Labs:

    • XG Firewall deployment on public cloud infrastructure
    • Gather logs by running a service in debug mode;
    • Get log files; o Diagnose problems using imported configuration files;
    • Install an XG Firewall on Azure (Simulation)

Target Audience:
Professionals who have a desire for technical proficiency and who will be organizing, setting up, configuring, and maintaining installations in production settings are the target audience for this course. especially for those who want to become certified Sophos Central Certified Engineers.

Prerequisite:

It is recommended that students possess the following skills and knowledge:

  • Possess a CompTIA N+ certification in networking;
  • Have finished the Fundamentals – Certified Engineer course;
  • Have experience deploying network security devices.

 

Overview

Designed for seasoned technical experts who will be organizing, setting up, configuring, and maintaining deployments in production settings, this course offers a thorough examination of the Sophos XG Firewall.
Presentations and hands-on lab activities are used to reinforce the material being taught, and each learner will receive electronic copies of the course materials.

Through the implementation and configuration of Sophos XG Firewall Identity-based UTM, in addition to networking and security principles, the competency equips users with the ability to identify insider risks and user-targeted external threats.

The certification offers security professionals actual value and is thorough and simple to follow with examples from real-world situations.

Course Highlight:

SHARE :

Enquiry form