Module 1: XG Firewall Overview
- Identify the features of the XG Firewall and how the protection against common
- Identify the deployment options available for the XG Firewall
- Identify the add-ons for central management and reporting
- Register for a Sophos Central evaluation
Module 2: Beginning with XG Firewall
- Identify the deployment modes of the XG Firewall
- Configure an XG Firewall using the Initial Setup Wizard
- Navigate the WebAdmin
- Manage objects
- Explain what zones are, and identify the default system zones
- Configure basic networking
- Manage device access and certificates
- Manage device access and certificates
- Configure static routing
- Use the Initial Setup Wizard to configure a Sophos XG Firewall
- Configure a new Sophos XG Firewall by importing a configuration backup
- Navigate the WebAdmin
- Configure Zones and Interfaces
- Create Static Routes
- Create Definitions
- Configure DNS Request Routes
- Import CA Certificates
- Create a Configuration Backup
- Restore a configuration backup to an XG Firewall
Module 3: Configuring & TroubleShooting of Network Protection
- Identify the different types of firewalls and understand the purpose of each
- Create and manage firewall rules
- Configure and apply intrusion prevention policies
- Configure DoS & Spoof Protection
- Enable Security Heartbeat and apply restrictions in firewall rules
- Configure Advanced Threat Protection
- Configure Logging
- Create Network Firewall Rules
- Install the SSL CA Certificates
- Install Sophos Central
- Publish Servers Using Business Application Rules
- Configure IPS Policies
- Enable Advanced Threat Protection
- Enable DoS (Denial of Service) and Spoof Protection
- Configure Security Heartbeat
Module 4: Configuring & TroubleShooting of Site-to-Site Connections
- Explain the VPN options available for site-to-site connections
- Configure an IPsec site-to-site VPN using the wizard
- Configure an SSL VPN
- Explain the deployment modes for RED
- Configure and deploy REDs
- Create an SSL site-to-site VPN
- Create an IPsec site-to-site VPN
Module 5: Configuring & TroubleShooting of Authentication
- Identify the supported authentication sources and enable them for services on the XG Firewall
- Explain the types of users on the XG Firewall and know when to use them
- Configure NTLM authentication for the web proxy
- Install and configure STAS for single sign-on
- Create identity-based policies
- Enable and use one-time passwords (OTP)
- Create an Active Directory Authentication Server
- Configure Single Sign-On Using STAS
- Create User-based policies
- Configure One Time Passwords
Module 6: Configuring & TroubleShooting of Web Protection and Application Control
- Configure Web Protection Policies
- Identify the activities that can be used to control web traffic
- Create keyword content filters
- Configure Surfing Quotas
- Configure Traffic Quotas
- Configure Application Filters
- Categorize applications using Synchronized App Control
- Create Custom Web Categories and User Activities
- Create a Content Filter
- Create a Custom Web Policy
- Create a Surfing Quota for Guest Users
- Create an Application Filter Policy
Module 7: Configuring & TroubleShooting of Email Protection
- Identify the two deployment modes for Email Protection and their differences
- Configure global settings include relay settings
- Configure SMTP policies for MTA mode and legacy mode
- Configure policies for client protocols
- Create Data Control Lists and use them in policy
- Configure encryption using SPX
- Manage the quarantine using digests and the User Portal
- Enable and Configure Quarantine Digests
- Configure an Email Protection policy
- Configure Data Control and SPX Encryption
- User Quarantine Management
Module 8: Configuring & TroubleShooting of Wireless Protection
- Identify the access points available and the differences between them
- Configure wireless networks
- Explain the different security mode
- Deploy wireless access points and assign wireless networks
- Configure hotspots for wireless networks
- Create a hotspot
Module 9: Configuring & TroubleShooting of Remote Access
- Configure remote access using SSL VPN
- Configure Clientless Access via the User Portal
- Configure remote access for mobile devices
- Configure an SSL Remote Access VPN
Module 10: Configuring & TroubleShooting of Logging and Reporting
- Customize and run reports
- Schedule reports
- Use the Log Viewer to monitor the XG Firewall
- Configure logging
- Identify and use diagnostic and troubleshooting tools on the XG Firewall
- Run, Customize and Schedule Reports
- View Sandstorm Activity
- Use SF Loader Tools
- Connection Table
- Packet Capture
- Dropped Packet Capture