Visão Geral

Neste Curso Forcepoint NGFW Administrator, prático de treinamento virtual ministrado por instrutor (VILT) 24 horas, você aprenderá as habilidades necessárias para atuar como administrador de sistema responsável pela instalação, configuração, administração e suporte do Forcepoint NGFW.

Por meio de conteúdo instrucional, demonstrações e exercícios práticos de laboratório, você aprenderá os requisitos e recomendações para implantar com sucesso o Forcepoint NGFW em uma variedade de ambientes de rede.

Você desenvolverá experiência na criação de regras e políticas de segurança, gerenciamento de usuários e autenticação, configuração de VPNs, execução de inspeção profunda de tráfego e realização de tarefas administrativas comuns, incluindo monitoramento de status e relatórios.

Objetivo

Após concluir este Curso Forcepoint NGFW Administrator, você será capaz de:

• Acesse o ambiente virtual de treinamento, materiais de aula e ambiente de laboratório.
• Articule os benefícios e diferenciais do Sistema NGFW.
• Identifique os componentes do SMC e suas funções.
• Administre os componentes do SMC e use-os para gerenciar e monitorar firewalls NGFW.
• Configure políticas de segurança e controle de acesso.
• Configurar tradução de endereço de rede.
• Configurar um proxy Sidewinder.
• Implemente inspeção profunda por meio de políticas e modelos.
• Implemente filtragem de arquivos e detecção de malware.
• Implementar alertas e notificações.
• Gerenciar usuários e autenticação.
• Configurar soluções VPN móveis.
• Configure uma VPN site a site.
• Gerenciar coleta e armazenamento de logs.
• Utilize monitoramento, estatísticas e relatórios.
• Utilize ferramentas de gerenciamento de políticas.
• Execute solução de problemas básicos do NGFW.

Publico Alvo

• Usuários finais do Forcepoint NGFW

Pre-Requisitos

• Compreensão geral de administração de sistemas e serviços de Internet
• Conhecimento básico de conceitos de redes e segurança de computadores

Materiais

Conteúdo Programatico

Module 0: Introduction

1. Prepare to use the virtual training environment.

Module 1: NGFW Overview

1. List NGFW benefits and/or differentiators.
2. Explain the differences between the operating roles.
3. Describe the NGFW engine and appliances.
4. Describe at least one of the installation methods.
5. Explain the three platforms on which the NGFW can be deployed.

Module 2: SMC Overview

1. Describe the Security Management Center and its key features.
2. Describe the NGFW system architecture.
3. Identify the ports used for communication between SMC components.
4. Explain the use of locations and contact addresses.
5. Explain the use of SMC Domains.

Module 3: Getting Started with SMC

1. Describe the management client and how it works.
2. Create system backups.
3. Describe SMC high availability options.
4. Configure SMC Administrator Access
5. Apply configuration to NGFW engines.
6. Describe how logs work.

Module 4: NGFW Policies and Templates

1. Describe the types of NGFW policies.
2. Define firewall policy templates.
3. Create a firewall policy hierarchy.
4. Describe the benefits of aliases and continue rules.

Module 5: Access Control and NAT

1. Explain how traffic is matched in access rules.
2. Explain the different types of access rules.
3. Describe the actions for processing traffic in access rules.
4. Explain the different types of NAT.
5. Configure NAT rules.

Module 6: Traffic Inspection

1. Explain the difference between service, service with protocol, and proxy.
2. Explain enhanced access control methods.
3. Explain different ways to control applications.
4. List the detection methods used in the NGFW Inspection.
5. Describe AETs and normalization.
6. Describe TLS Inspection.
7. Configure Snort inspection on the NGFW.
8. List the Forcepoint products that integrate with the NGFW.

Module 7: Inspection Policies

1. Explain how to send traffic for deep packet inspection.
2. Describe Situations and how to use them.
3. Define the different type of rules in the inspection policy.
4. Tune an inspection policy.

Module 8: Malware Detection and File Filtering Policies

1. List the different options for detecting malware.
2. Explain how to send traffic for malware detection.
3. Configure a file filtering policy.
4. Integrate the NGFW with a Data Loss Prevention system.

Module 9: Alerting and Notifications

1. Explain the alert escalation process in the NGFW system.
2. Create an alert policy and alert chain to escalate an alert.

Module 10: Users and Authentication

1. Identify supported directory servers and authentication methods.
2. Explain the browser-based user authentication mechanism.
3. Configure user authentication.
4. Differentiate between user authentication and user identification.
5. Explain the difference between the Forcepoint FUID and ECA.
6. Configure user behavior monitoring.

Module 11: Mobile VPN and SSL VPN Portal

1. List NGFW Mobile VPN Access options.
2. Describe the SSL VPN Portal and the URL Rewrite translation method.
3. Configure an SSL VPN Portal.

Module 12: Site-to-Site VPN

1. Define the terms used in NGFW VPN Terminology.
2. Explain how Site-to-site VPNs work.
3. Describe Full Mesh, Star and Hub VPN topologies.
4. List SD-WAN features supported by the NGFW.
5. Configure a Policy-Based VPN.
6. Describe How a Route-based VPN Works.

Module 13: Using Logs

1. Describe the log entry types available in the NGFW.
2. Use the interface to interpret and analyze logs.
3. Configure and Manage Logs.
4. Create permanent filters.
5. Analyze how pruning filters affect log data.
6. Configure the log server to forward logs to third-party SIEM systems.
7. Describe the methods available for managing the space consumed by log data.

Module 14: Monitoring, Statistics, and Reporting

1. Describe the benefits of Policy Snapshots.
2. Search rules in an NGFW Policy.
3. Analyze policy structure and apply tools to optimize the access rules.

Module 15: Policy Tools

1. Monitor the system and firewall activity.
2. Describe the use of overviews in the SMC user interface.
3. Configure and generate reports.
4. Monitor third-party components.

Module 16: Troubleshooting

1. Explain the troubleshooting process.
2. Use the SMC to troubleshoot your systems.
3. Explain how to collect diagnostics for Support.
4. Resolve common SMC issues.
5. Explain how NGFW packet processing works.

Module 17: Single Firewall Installation (classroom only)

1. Describe NGFW deployment options.
2. List features specific to single firewalls.
3. Configure a single firewall in the SMC.
4. Configure an NGFW engine for initial contact with the SMC.
5. Establish the trust between SMC and a newly installed NGFW engine.

Module 18: What’s new in NGFW

1. Identify key features new to the NGFW in version 6.10.
2. Locate the documentation needed to implement these features. ?