Symantec ProxySG 6.6 Advanced Administration (BCCPP)

2 Days

12 CPD hours

This course is for IT network or security professionals who have practical experience with the ProxySG in the field and wish to master the advanced network security of the ProxySG.

Solve common authentication and SSL issuesUnderstand the underlying architecture of SGOSMonitor and analyze ProxySG performanceUse policy tracing as a troubleshooting tool

The ProxySG 6.6 Advanced Administration course is intended for IT professionals who wish to learn to master the advanced features of the ProxySG.

Using Authentication Realms

• Describe the benefits of enabling authentication on the ProxySG
• Describe, at a high level, the ProxySG authentication architecture
• Understand the use of IWA realms, with both IWA Direct and IWA BCAAA connection
• methods

Understanding Authentication Credentials

• Describe how NTLM and Kerberos authentication work in both IWA direct and IWA BCAAA deployments
• Configure the ProxySG to use Kerberos authentication

Understanding Authentication Modes

• Describe authentication surrogates and authentication modes
• Describe ProxySG authentication in both explicit and transparent deployment mode

Understanding HTTPS

• Describe key components of SSL encryption
• Describe how the SSL handshake works
• Describe some of the legal and security considerations related to use of the SSL proxy

Managing SSL Traffic on the ProxySG

• Describe how the SSL proxy service handles SSL traffic
• Describe the standard keyrings that are installed by default on the ProxySG
• Identify the types of security certificates that the ProxySG uses

Optimizing SSL Interception Performance

• Configure the ProxySG to process SSL traffic according to best practices for performance

SGOS Architecture

• Identify key components of SGOS
• Explain the interaction among client workers and software workers in processing client
• requests
• Explain the significance of policy checkpoints
• Describe key characteristics of the SGOS storage subsystem
• Explain the caching behavior of the ProxySG

Caching Architecture

• Describe the benefits of object caching on the ProxySG
• Explain the caching-related steps in a ProxySG transaction
• Identify and describe the HTTP request and response headers related to caching
• Describe, in general terms, how the ProxySG validates cached objects to ensure freshness
• Explain how the ProxySG uses cost-based deletion, popularity contests, and pipelining to improve object caching

System Diagnostics

• Describe the use of the health monitor and health checks
• Explain the use of the event and access logs
• Describe the information available in advanced URLs and sysinfo files
• Describe the function of policy tracing and packet captures

Introduction to Content Policy Language (CPL)

• Describe the fundamental concepts and purposes of ProxySG policy transactions
• Understand the relationship of layers, rules, conditions, properties, and triggers
• Describe the two types of actions in CPL
• Describe how to write, edit, and upload CPL code

Using Policy Tracing for Troubleshooting

• Identify the two main types of ProxySG policy traces
• Describe the various sections of a policy trace result
• Configure a global and policy-driven trace
• Access and interpret policy trace results

ProxySG Integration

• Identify other Symantec products that can be used as part of a complete security solution