Sophos UTM Architect (UTMA)

This course provides an in-depth study of UTM, designed for technical professionals who will be planning, installing, configuring and supporting deployments in production environments. The course will be delivered in a classroom setting, and consists of presentations and practical lab exercises to reinforce the taught content. Printed copies of the supporting documents for the course will be provided to each trainee. Due to the nature of delivery, and the varying experiences of the trainees, open discussion is encouraged during the training.

 

Objectives

On completion of this course, trainees will be able to:

  • Understand the product architecture
  • Complete a complex evaluation or deployment.
  • Design and implement a solution to fit a customer’s requirements.
  • Complete a PoC


Target audience

This course is designed for technical professionals who will be planning, installing, configuring and supporting deployments in production environments. And for individuals wishing to obtain the UTM Certified Architect certification.


Prerequisites

Prior to attending this course, trainees should:

  • Complete the Sophos Certified Engineer UTM course and should have passed the Certified Engineer exam
  • Have a strong working knowledge of network configuration and troubleshooting before attending this course. Similar to the level of knowledge required to pass the CCNA or CompTIA Network plus certification programs.
  • Have a good understanding of IT security. CompTIA Security plus and CISSP are good evidence of such knowledge.


Certification

To achieve the Sophos Certified Architect certification in UTM trainees must take and pass an online assessment. The assessment tests their knowledge of both the taught and practical content. The pass mark for the assessment is 80%, and it may be taken a maximum of three times.


Duration

4 days


Course Modules

Module 1: Engineer Review

  • Recall important information from the Engineer course
  • Lab
    • Configure a UTM without using the Setup Wizard
    • Deploy the HTTPS CA Certificate


Module 2: Deployment

  • Describe the deployment modes supported by the Sophos UTM
  • Understand the types of interfaces that can be created
  • Configure various routing options
  • Lab
    • Configure Uplink Balancing
    • Configure Multipath Rules
    • Configure Quality of Service (QoS)
    • Create a policy-based route for an MPLS scenario


Module 3: Network Protection

  • Understand the packet progression through the UTM
  • Examine firewall rules and NAT
  • Optimize IPS policies
  • Lab
    • Configure NATing and Routing for the simulated Intranet network
    • Configure NATing and Routing for the simulated Warehouse network
    • Advanced Intrusion Prevention (IPS) Configuration


Module 4: Web Server Protection

  • Describe the features in Webserver Protection
  • Configure the web application firewall
  • Implement reverse authentication
  • Configure SlowHTTP protection
  • Lab
    • Web Application Firewall
    • Load balancing with Web Server Protection
    • Web Server Authentication and path-specific routing


Module 5: Site-to-Site Connections

  • Configure IPsec VPNs using RSA and certificate authentication
  • Create a VPN to an Amazon VPC using the VPC connector
  • Configure advanced RED functions include: Balancing and failover, VLANS, UTM to UTM RED
  • Lab
    • Create an IP-SEC Site-to-Site VPN with Cross Signed Certificates
    • Create a RED Tunnel between Two UTMs
    • Configure Routing For a UTM-to-UTM RED Tunnel


Module 6: Authentication

  • Configure the Sophos Authentication Agent
  • Deploy STAS in a complex environment
  • Troubleshoot authentication
  • Lab
    • Configure an Active Directory Authentication Server
    • Sophos Authentication Agent
    • Configure Single Sign-On Using STAS
    • Configure STAS on Multiple Domain Controllers
    • SSO with STAS for Web Filtering


Module 7: Web Protection

  • Explain the different HTTPS scanning modes
  • Configure advanced Web Protection features including:
  • Proxy automatic configuration
  • Parent proxies
  • Proxy target services
  • Explain the difference between transparent and full transparent mode
  • Configure the FTP proxy


Module 8: Email Protection

  • Configure advanced Email Protection features, including:
  • DKIM
  • Modifying email headers
  • TLS settings
  • Enable POP3 scanning
  • Configure email encryption using Open PGP and S/MIME
  • Lab
    • Advanced email configuration
    • Encryption Using OpenPGP/ S/MIME


Module 9: Wireless Protection

  • Review wireless deployment
  • Configure mesh networks
  • Configure radius authentication for enterprise authentication
  • Understand what may effect wireless performance
  • Lab
    • Wireless Network Configuration
    • Hotspot Configuration


Module 10: Remote access

  • Use advanced remote access VPN configuration
  • Create L2TP over IPsec VPNs
  • Create IPsec VPNs
  • Lab
    • IPsec Remote Access


Module 11: High Availability

  • Configure two UTMs as a high-availability pair
  • Explain how workload is managed in a cluster
  • Create a cluster with two or more UTMs
  • Review log files on a slave node of a cluster
  • Lab
    • Active-Active Cluster
    • Active-Passive High Availability


Module 12: Sizing, Troubleshooting and API

  • Size a hardware, software or virtual Sophos UTM appropriately
  • Identify factors that can affect sizing
  • Perform basic troubleshooting using tcpdump
  • Enable debug logging
  • Understand how to use the API
  • Lab
    • Debug logging
    • Troubleshooting an Issue From an Imported Configuraton File