Description

The Securing Email with Cisco Email Security Appliance (SESA) v2.1 is a 3-day instructor-led course that introduces the learners to the Cisco Email Security Appliances (ESA), and to how to manage and troubleshoot email security in their networks. Attendees receive in-depth instructions on Cisco ESAs popular features, learn advanced Internet email security concepts, and receive an overview of how to customize configurations for their organizations. This course also teaches advanced configuration and operation of the Cisco ESA.
The course provides students with practical activities that will prepare them to configure, administer, and conduct troubleshooting tasks on a secure email network in SMB and enterprise installations.
Extensive lab exercises provide critical hands-on experience with advanced features of the Cisco ESA.

Objectives

Upon completing this course, the learner will be able to meet these overall objectives:
  • Articulate the Cisco ESA product, including management series, SMTP conversation, terms and definitions, pipeline, and licensing
  • Administer the Cisco ESA
  • Explain the differences between the HAT and the RAT
  • Discuss SensorBase and the antispam engine, make adjustments to the HAT, and the anti-spam policies, manage the spam quarantine both locally or using the management series
  • Enable one or both antivirus engines, use one or both antivirus engines in mail policies, and identify best practices for managing antivirus
  • Separate enterprise groups with different filtering requirements
  • Describe content filters
  • Describe the RSA DLP engine, and prevent the loss of sensitive data in outbound email through the use of the RSA DLP engine
  • Configure LDAP to control the flow of email, and configure LDAP to enforce user access polices
  • Configure TLS to encrypt email, configure the Cisco Email Security Appliance to work with the Cisco Registered Envelope Service to encrypt mail, and use DKIM and SPF to authenticate email
  • Identify message filters in the Cisco Email Security Appliance and create and manage message filters
  • Recognize different quarantines, explain how space is allocated to quarantines, create custom quarantines, and identify different delivery methods
  • Create a clustered environment and manage a clustered environment
  • Troubleshoot using several advanced troubleshooting tools

Outline

The course contains these components:
  • Reviewing the Cisco Email Security Appliance
    • Reviewing the Cisco Security Management Appliance
    • Defining an SMTP Conversation
    • Identifying Terms and Definitions
    • Examining the Pipeline
    • Describing Cisco Email Security Appliance Models and Licensing
    • Installing and Verifying the Cisco Email Security Appliance
    • Lab: Access the Cisco Remote Lab
    • Lab: Install Your Cisco Email Security Appliance
  • Administering the Cisco Email Security Appliance
    • Configuring Localized Message Tracking and Reporting
    • Configuring Centralized Tracking and Reporting
    • Tracking and Reporting Messages
    • Administering the Cisco Email Security Appliance
    • Managing Log Files
    • Creating and Using Administrator Accounts
    • Lab: Perform Administration
  • Controlling Sender and Recipient Domains
    • Configuring Public and Private Listeners
    • Describing the HAT
    • Describing the RAT
    • Describing Email Authentication Methods
    • Defining Domain-Based Message Authentication
    • Troubleshooting with Mail Logs
    • Lab: Test Your Listener Settings
    • Lab: Prevent Domain Spoofing with DMARC
  • Controlling Spam with Cisco SensorBase and Antispam
    • Describing SensorBase
    • Configuring Antispam
    • Quarantining Spam on the Cisco Email Security Appliance
    • Describing Safelist and Blocklist
    • Quarantining Spam on the Cisco Security Management Appliance
    • Configuring Bounce Verification
    • Describing Web Reputation Filters
    • Defining Outbreak Filters
    • Lab: Defend Against Spam with SensorBase and Antispam
  • Using Antivirus, Virus Outbreak Filters, and Advanced Malware Protection
    • Enabling Antivirus Engines
    • Using Outbreak Filters
    • Using Advanced Malware Protection
    • Lab: Defend Against Viruses
    • Lab: Prevent Advanced Persistent Threats with Advanced Malware Protection
  • Using Mail Policies
    • Describing Email Security Manager
    • Creating User-Based Mail Policies
    • Using Message Splintering
    • Lab: Customize Mail Policies for Your End Users
  • Using Content Filters
    • Describing Content Filtering
    • Configuring Basic Content Filtering
    • Applying Content Filter Applications
    • Describing and Configuring Message Filtering
    • Lab: Enforce Your Business Policies in Email Delivery
    • Lab: Manage High-Volume Mail Flow
  • Preventing Data Loss
    • Identifying the Data Loss Problem
    • Choosing a Cisco DLP Solution
    • Implementing DLP Configuration
    • Describing the RSA Engine
    • Lab: Configure DLP
  • Using LDAP
    • Describing LDAP Features
    • Describing Query Tokens and Operators
    • Configuring LDAP Profiles
    • Configuring SMTP Call-Ahead
    • Reviewing Case Studies
    • Using LDAP Group Queries
    • Lab: Configure LDAP Accept
    • Lab: Configure SMTP Call-Ahead
    • Lab: Accommodate Multiple Domains Using LDAP Accept Bypass and Domain Assignments
    • Lab: Control Mail Policies with LDAP Group Queries
  • Using Authentication and Encryption
    • Configuring Cisco Registered Envelope Service
    • Describing TLS
    • Authenticating Email with SPF
    • Lab: Configure Envelope Encryption
    • Lab: Encrypt Email with TLS
    • Lab: Verify SIDF and SPF
  • Using Message Filters
    • Identifying Message Filters
    • Describing Regular Expression Basics
    • Applying Message Filters
    • Lab: Redirect Mail with Message Filters
  • Using System Quarantines and Delivery Methods
    • Describing Quarantines
    • Describing Policy, Virus, and Outbreak Quarantines
    • Setting Delivery Limits
    • Creating Virtual Gateways
    • Configuring Bounce Profiles
    • Lab: Configure Virtual Gateways
  • Understanding Clustering
    • Creating a Clustered Environment
    • Joining an Existing Cluster
    • Managing a Clustered Environment
    • Administering a Cluster from the GUI
    • Lab: Configure Clusters
  • Troubleshooting
    • Identifying Appliance-Related Problems
    • Monitoring the System
    • Diagnosing Problems
    • Locating Common Problems and Solutions
    • Lab: Troubleshooting

Prerequisite Knowledge

The knowledge and skills that a learner should possess before attending this course are as follows:
  • Basic computer literacy, including the use of general office software such as Microsoft Office
  • Basic Microsoft Windows navigation and keyboard proficiency skills
  • Basic Internet usage skills, including use of a browser and search tools
  • Basic email usage skills
  • Moderate knowledge of TCP/IP fundamentals
  • Experience with Internet-based messaging, including SMTP, Internet message formats, and MIME message formats