Sophos XG Technician Training (February 23-24, 2021)
This course is designed for technical professionals who will be supporting Sophos XG Firewall and provides an overview of how to troubleshoot the product.
Sophos XG Technician Training (2 days Training) – Tuesday 23 February 2021– Wednesday 24 February 2021
The course is expected to take 2 days (16 hours) to complete, of which approximately 4 hours will be spent on the practical exercises.
On completion of this course, trainees will be able to:
- Apply the troubleshooting process to issues
- Use the tools available on the XG Firewall to gather information and investigate issues
- Locate and read log files on the XG Firewall
- Identify and resolve common issues
Prerequisites
Prior to taking this training, you should:
- Have completed and passed the XG Firewall Certified Engineer course and any subsequent delta modules up to version 18.0
- We recommend students have the following knowledge and experience:
- Experience with Windows networking and the ability to troubleshoot issues
- A good understanding of IT security
- Experience configuring network security devices
- Experience configuring and administering Linux/UNIX systems
If you are uncertain whether you meet the necessary prerequisites to take this course, please email us at globaltraining@sophos.com and we will be happy to help.
Certification
To become a Sophos Certified Technician, trainees must take and pass an online assessment. The assessment tests their knowledge of both the presented and practical content. The pass mark for the assessment is 80% and is limited to 3 attempts.
Lab Environment
Each student will be provided with a pre-configured environment that simulates a company network with two sites, a head office and a branch office and contains Windows Servers, a Windows Desktop and three XG Firewalls
Content
- Module 1: Getting Started with Troubleshooting XG Firewall
- Module 2: Troubleshooting Network Protection
- Module 3: Troubleshooting Network Protection II
- Module 4: Troubleshooting Authentication
- Module 5: Troubleshooting Web Protection and Application Control
- Module 6: Troubleshooting Synchronized Security
- Module 7: Troubleshooting Web Server Protection
- Module 8: Troubleshooting Wireless Protection
- Module 9: Troubleshooting Email Protection
- Module 10: Troubleshooting Reporting and How to Get Help
Certification
+ exam: Sophos XG Technician
Duration 2 days
Agenda
Trainer: Michael Eleftheroglou
Day 1, Tuesday 23 February 2021
9:30-11:25 Module 1: Getting Started with Troubleshooting XG Firewall
- Apply the troubleshooting process to issues
- Resolve common device access issues
- Identify the cause of XG Firewall going into failsafe mode
- Troubleshoot and resolve common high availability issues
- Troubleshoot routing issues
- Labs
11:25-11:40 break
11:40-13:40 Module 2: Troubleshooting Network Protection
- Troubleshoot and resolve common configuration issues with firewall rules and NAT rules
- Manage TLS decryption errors
- Determine whether traffic is flowing through the FastPath
- Troubleshooting problems with IPS settings
- Manage ATP alerts
- Labs (40 mins)
- Cannot Access Server in New York from London (Scenario 2)
- DNAT Not Working (Scenario 1)
- DNAT Not Working (Scenario 2)
- Remote Desktop Not Working
13:40-14:15 Lunch
14:15-16:00 Module 3: Troubleshooting Network Protection II
- Troubleshoot and resolve common connection issues for IPsec site-to-site VPNs
- Identify and resolve common SSL VPN issues
- Locate the logs for Sophos Connect and modify the configuration file
- Troubleshoot and resolve common issues for Remote Ethernet Devices (RED)
- Labs (30 mins)
- IPsec VPN Could Not Be Established (Scenario 1)
- IPsec VPN Could Not Be Established (Scenario 2)
- SSL VPN Could Not Be Established
16:00-16:15 Break
16:15-17:45 Module 4: Troubleshooting Authentication
- Troubleshoot issues with the captive portal
- Identify and resolve authentication issues
- Work through the authentication flow to troubleshoot and resolve issues
- Resolve issues with tokens being out of sync
- Labs (20 mins)
- User Cannot Authenticate
- User Not Authenticated with STAS
Day 2, Wednesday 24 February 2021
9:30-11:00 Module 5: Troubleshooting Web Protection and Application Control
- Explain the differences between DPI web scanning and the web proxy, and troubleshoot basic web policy issues
- Enable debug logging for DPI web scanning
- Troubleshoot web proxy performance issues
- Troubleshoot web categorization
- Troubleshoot application control policy issues
- Labs (20 mins)
- Site Incorrectly Blocked for User
- Application Not Working for User
11:00-11:15 Break
11:15-12:45 Module 6 Troubleshooting Synchronized Security
Identify and resolve issues registering XG Firewall with Sophos Central
- Troubleshooting and resolve issues with Security Heartbeat
- Resolve problems with Synchronized User Identity
- Investigate and resolve problems related to lateral movement protection
- Labs (20 mins)
- Cannot Register XG Firewall with Sophos Central
- Endpoint Cannot Establish a Heartbeat with XG Firewall Configure VPN network NATing
12:45-13:30 Break and Lunch
13:30- 14:40 Module 7: Troubleshooting Web Server Protection
- Perform basic web server protection configuration
- Troubleshoot and resolve static URL hardening errors
- Troubleshoot and resolve static form hardening errors
- Troubleshoot and resolve threat filter rule errors
- Identify whether web server authentication issues are caused by the XG Firewall or the web server
- Labs (10 mins)
- Error Using Webmail Server
14:40-15:35 Module 8: Troubleshooting Wireless Protection
- Troubleshoot the access point deployment process
- Resolve common wireless network issues Resolve common wireless network issues
- Identify common causes of performance issues and the configuration that can help resolve them
- List the ports used by wireless protection and how to connect to the access point to gather additional informationLabs (Authenticate users over a site to site VPN)
15:35-15:50 Break
15:50-17:20 Module 9 : Troubleshooting Email Protection
- Identify and resolve basic mail flow problems
- Troubleshoot virus emails that are not detected
- Troubleshoot false positive and false negative spam detections
- Identify the cause of, and resolve, missing quarantine digest issues
- Labs (30 mins)
- Cannot Receive Email
- Cannot Send Email
- Virus Email Delivered
17:20-18:00 Module 10: Troubleshooting Reporting and How to Get Help
- Troubleshoot issues with report generation
- Find help when you are unable to resolve issues yourself