Sophos Data Protection (Safeguard) Architect (DATA)

This course provides an in-depth study of Sophos Data Protection (SafeGuard Encryption), designed for experienced technical professionals who will be planning, installing, configuring and supporting deployments in production environments. The course is intended to be delivered in a classroom setting, and consists of presentations and practical lab exercises to reinforce the taught content. Printed copies of the supporting documents for the course will be provided to each trainee. Due to the nature of delivery, and the varying experiences of the trainees, open discussion is encouraged during the training.
 
Objectives
  • Size, scope and architect a SafeGuard Enterprise solution to fit a customer’s environment.
  • Install and configure SafeGuard Enterprise according to best practice.
  • Troubleshoot individual SafeGuard Enterprise components.
  • Describe the advanced architecture and features of SafeGuard Enterprise.
 
Target audience
This course is designed for experienced technical professionals who will be planning, installing, configuring and supporting deployments in production environments. And for indivudials wishing to obtain the Sophos Data Protection (Safeguard Encryption) Certified Architect certification.
 
Prerequisites
Prior to attending this course, trainees should:
  • Complete the Sophos Data Protection (Safguard Encryption) Certified Engineer  course and should have passed the Certified Engineer exam
  • Have sufficient knowledge to troubleshoot and resolve Windows networked environments.
 
Certification
To achieve the Sophos Certified Architect certification in SafeGuard Encryption trainees must take and pass an online assessment. The assessment tests their knowledge of both the taught and practical content. The pass mark for the assessment is 80%, and it may be taken a maximum of three times.
 
Duration
3 days
 
Course Modules
Module 1: Engineer course recap
  • Product overview
  • SafeGuard Management Center
  • Device Encryption
  • Native Device Encryption
  • Data Exchange
  • Encryption for File Shares
  • Encryption for Cloud Storage
  • Mobile Encryption
 
Module 2: Preparation
  • System requirements
  • SSL
  • Internet Information Services (IIS)
  • Users and groups
  • SQL configuration
  • Database connection test
 
Module 3: Installation
  • Overview
  • SGN Server
  • SafeGuard database
  • Management Center
  • Server configuration package
  • Additional Management Centers
  • Web Help Desk
  • Troubleshooting
 
Module 4: Server configuration
  • Licensing
  • Active Directory synchronization
  • Scheduling
  • Manually created objects
  • Security officers
  • Client configuration package
  • Installation overview revisited
  • BitLocker management
  • Reporting
  • Auditing
 
Module 5: Client Deployment
  • System requirements
  • Preparation
  • Installation overview
  • Deployment strategy
  • Standalone clients
  • Client configuration package
  • User machine assignment
  • POA users and groups
  • System tray application
  • Troubleshooting
 
Module 6: Policies
  • Recap
  • Policies
  • Authentication
  • General Settings
  • Logging
  • Password
  • PIN
  • Passphrase
  • Specific Machine Settings
  • Disk Encryption
  • Data Exchange
  • File Shares
  • Cloud Storage
  • Policy groups
  • Inheritance
  • Troubleshooting
 
Module 7: Client architecture
  • Boot process
  • SafeGuard kernel
  • Encryption keys
  • Volume-based encryption
  • File-based encryption
  • Volume vs. file-based encryption
  • Decommissioning
 
Module 8: Recovery
  • Logon
  • Logon recovery
  • Client recovery
  • Virtual client
  • Server and database recovery
  • Disaster recovery planning
 
Module 9: Upgrading
  • Process overview
  • Server upgrade
  • Client upgrade
  • Troubleshooting
 
Module 10: Advanced management
  • Multi tenancy
  • DMZ server
  • SGN Server configuration
  • Sophos encryption to SSL conversion
  • Load balancing
  • Database replication
  • Database maintenance
  • Scripting API
  • Token and smartcard support
  • Middleware support
  • Using tokens