دوره Securing Email with Cisco ESA

◦ Cisco Email Security Appliance Overview
◦ Technology Use Case
◦ Cisco Email Security Appliance Data Sheet
◦ SMTP Overview
◦ Email Pipeline Overview
◦ Installation Scenarios
◦ Initial Cisco Email Security Appliance Configuration
◦ Centralizing Services on a Cisco Content Security Management Appliance (SMA)
◦ Release Notes for AsyncOS 14.x

◦ Distributing Administrative Tasks
◦ System Administration
◦ Managing and Monitoring Using the Command Line Interface (CLI)
◦ Other Tasks in the GUI
◦ Advanced Network Configuration
◦ Using Email Security Monitor
◦ Tracking Messages
◦ Logging

◦ Public and Private Listeners
◦ Configuring the Gateway to Receive Email
◦ Host Access Table Overview
◦ Recipient Access Table Overview
◦ Configuring Routing and Delivery Features

◦ SenderBase Overview
◦ Anti-Spam
◦ Managing Graymail
◦ Protecting Against Malicious or Undesirable URLs
◦ File Reputation Filtering and File Analysis
◦ Bounce Verification

◦ Anti-Virus Scanning Overview
◦ Sophos Anti-Virus Filtering
◦ McAfee Anti-Virus Filtering
◦ Configuring the Appliance to Scan for Viruses
◦ Outbreak Filtersv ◦ How the Outbreak Filters Feature Works
◦ Managing Outbreak Filters

◦ Email Security Manager Overview
◦ Mail Policies Overview
◦ Handling Incoming and Outgoing Messages Differently
◦ Matching Users to a Mail Policy
◦ Message Splintering
◦ Configuring Mail Policies

◦ Content Filters Overview
◦ Content Filter Conditions
◦ Content Filter Actions
◦ Filter Messages Based on Content
◦ Text Resources Overview
◦ Using and Testing the Content Dictionaries Filter Rules
◦ Understanding Text Resources
◦ Text Resource Management
◦ Using Text Resources

◦ Message Filters Overview
◦ Components of a Message Filter
◦ Message Filter Processing
◦ Message Filter Rules
◦ Message Filter Actions
◦ Attachment Scanning
◦ Examples of Attachment Scanning Message Filters
◦ Using the CLI to Manage Message Filters
◦ Message Filter Examples
◦ Configuring Scan Behavior

◦ Overview of the Data Loss Prevention (DLP) Scanning Process
◦ Setting Up Data Loss Prevention
◦ Policies for Data Loss Prevention
◦ Message Actions
◦ Updating the DLP Engine and Content Matching Classifiers

◦ Overview of LDAP
◦ Working with LDAP
◦ Using LDAP Queries
◦ Authenticating End-Users of the Spam Quarantine
◦ Configuring External LDAP Authentication for Users
◦ Testing Servers and Queries
◦ Using LDAP for Directory Harvest Attack Prevention
◦ Spam Quarantine Alias Consolidation Queries
◦ Validating Recipients Using an SMTP Server

◦ Configuring AsyncOS for SMTP Authentication
◦ Authenticating SMTP Sessions Using Client Certificates
◦ Checking the Validity of a Client Certificate
◦ Authenticating User Using LDAP Directory
◦ Authenticating SMTP Connection Over Transport Layer Security (TLS) Using a Client Certificate
◦ Establishing a TLS Connection from the Appliance
◦ Updating a List of Revoked Certificates

◦ Email Authentication Overview
◦ Configuring DomainKeys and DomainKeys Identified Mail (DKIM) Signing
◦ Verifying Incoming Messages Using DKIM
◦ Overview of Sender Policy Framework (SPF) and SIDF Verification
◦ Domain-based Message Authentication Reporting and Conformance (DMARC) Verification
◦ Forged Email Detection

◦ Overview of Cisco Email Encryption
◦ Encrypting Messages
◦ Determining Which Messages to Encrypt
◦ Inserting Encryption Headers into Messages
◦ Encrypting Communication with Other Message Transfer Agents (MTAs)
◦ Working with Certificates
◦ Managing Lists of Certificate Authorities
◦ Enabling TLS on a Listener’s Host Access Table (HAT)
◦ Enabling TLS and Certificate Verification on Delivery
◦ Secure/Multipurpose Internet Mail Extensions (S/MIME) Security Services

◦ Describing Quarantines
◦ Spam Quarantine
◦ Setting Up the Centralized Spam Quarantine
◦ Using Safelists and Blocklists to Control Email Delivery Based on Sender
◦ Configuring Spam Management Features for End Users
◦ Managing Messages in the Spam Quarantine
◦ Policy, Virus, and Outbreak Quarantines
◦ Managing Policy, Virus, and Outbreak Quarantines
◦ Working with Messages in Policy, Virus, or Outbreak Quarantines
◦ Delivery Methods

◦ Overview of Centralized Management Using Clusters
◦ Cluster Organization
◦ Creating and Joining a Cluster
◦ Managing Clusters
◦ Cluster Communication
◦ Loading a Configuration in Clustered Appliances
◦ Best Practices

◦ Debugging Mail Flow Using Test Messages: Trace
◦ Using the Listener to Test the Appliance
◦ Troubleshooting the Network
◦ Troubleshooting the Listener
◦ Troubleshooting Email Delivery
◦ Troubleshooting Performance
◦ Web Interface Appearance and Rendering Issues
◦ Responding to Alerts
◦ Troubleshooting Hardware Issues
◦ Working with Technical Support

◦ Model Specifications for Large Enterprises
◦ Model Specifications for Midsize Enterprises and Small-toMidsize Enterprises or Branch Offices
◦ Cisco Email Security Appliance Model Specifications for Virtual Appliances
◦ Packages and Li