Digi Academy

Planning, Deploying and Managing Microsoft Forefront TMG 2010

Digi Academy
A Milano

Chiedi il prezzo
Chiedi informazioni a un consulente Emagister

Informazioni importanti

Tipologia Corso
Luogo Milano
Inizio Scegli data
  • Corso
  • Milano
  • Inizio:
    Scegli data
Descrizione

Introduction to Firewalls and Routers  Firewalls and Routers  Designing and Placement of Firewalls Introducing TMG and the Forefront Family  What is the Forefront Family of Products  TMG Principles and Architecture

Strutture (1)
Dove e quando
Inizio Luogo
Scegli data
Milano
Via Valtellina, 63, 20124, Milano, Italia
Visualizza mappa
Inizio Scegli data
Luogo
Milano
Via Valtellina, 63, 20124, Milano, Italia
Visualizza mappa

Cosa impari in questo corso?

Web master
Server
Security
VPN
Reporting
Cache
HTTP
Proxy
Management
Auto
Works
Testing
Web server
Outlook
Import
Firewall
Export
Email

Programma

 TMG Licensing and Scenarios


 Difference between TMG and UAG


Overview of TMG Features


 Main Features of TMG


 What is new in TMG compared to ISA 2006


 TMG Enterprise Features


 TMG Management Console


Deployment Scenarios


 How TMG works as a Firewall


 How TMG works as a Proxy/Cache


 How TMG provides Access to Internal Resources


 How TMG Protects Web and Mail Clients


 How TMG Provides Secure Remote Access


 How TMG Provides High Availability in the Enterprise


Understand what Firewalls and Routers are.


Know what is Forefront TMG 2010 and the Forefront family.


Know the features of Forefront TMG 2010.


Understand the deployment scenarios for Forefront TMG 2010.


This module describes how to install Forefront TMG 2010. Lessons presented in this module will detail the requirements of TMG 2010, applying security templates and customizing the configuration.


Installing TMG 2010


 System and Hardware Requirements


 Software Requirements


 Network Considerations


 Installing TMG


 Automating the Installation


 Installing the Management Console


Working with Quick Configurations


 Understanding TMG Default Configuration


 Automating Configure the Getting Started Wizard


 Using Pre-defined Security Templates


 Customizing the Configuration


 Configuring Administrative Roles


Configuring Networks and their Relationships


 Creating and Configuring Networks


 Modifying Network Rules and Routing


 Troubleshooting Network Connectivity


Review the Requirements to install TMG and configure LAN


Installing Forefront TMG Server 2010


Install the Management Console on a Client Machine


Configure TMG using the Getting Started Wizard


Use the Web Access Wizard


Configure the Management Console for a Client Machine


Create and Access Rules


Configuring Network Configuration of a new Network Card


Create a new Network


Creating an E-NAT rule


Adding Routs to TMG


Install Forefront TMG 2010.


Work with Quick configurations.


Configure additional networks.


This module describes how to configure the firewall role on TMG 2010. Lessons presented in this module will provide an overview of the firewall role and how to configure firewall rules and system policy rules. You will also configure and monitor Intrusion Detection and Network Inspection Systems (NIS).


Overview of TMG as a Firewall


 The Basics – OSI vs. TCP/IP


 What is Filtering


 What is Intrusion Detection


 How TMG Filters Network Traffic


Configuring Firewall Rules


 Understanding Firewall Policy Evaluation


 Adding Access Rules


 Default System Policy Rules


 Troubleshooting Firewall Rules


 Troubleshooting Firewall Rules – Tools


Configuring Intrusion Detection


 Overview of Intrusion Prevention


 Configuring Network Inspection Systems


 Implementing Intrusion Detection


 Monitoring Intrusion Detection


Create and Configure Access Rules


Modify the System Policy Rules


Troubleshoot Firewall Rules


Configure NIS Deployment


Create and Alert for Intrusion Detection


Configure Intrusion Detection


Understand how TMG works as a firewall.


Configure Rules on the firewall.


Configure intrusion detection.


This module describes how to configure the proxy and caching roles on TMG 2010. Lessons presented in this module will explain the proxy and caching roles and how to configure and troubleshoot these roles. You will also learn about Cache Array Routing Protocol (CARP), Web Proxy Auto Discovery (WPAD) and how to configure and troubleshoot CARP and WPAD.


Configuring the Proxy Server Role


 What is a Proxy


 Enabling and Configuring a Proxy


 Configuring Applications


 Troubleshooting Proxy Connections


Configuring Caching Server Role


 What is a Proxy Cache


 Configuring TMG Proxy Cache


 Troubleshooting Cache Performance


Configuring Cache Routing and Distribution


 Understanding CARP


 Configuring CARP Routing


Configuring Web Proxy Auto Discovery


 WPAD Configuration


 Configuring Auto Discovery


Configuring TMG Clients


 Types of TMG Clients


 Choosing and Designing Clients


 Configuring TMG Client Software Clients


 Configuring SecureNAT Clients


Enable and Configure a Web Access Policy


Configure Internet Explorer to use TMG Proxy


Configure Mozilla Firefox to use TMG Proxy


Create a Cache Drive


Create a Cache Rule


Create a Content Download Job


Inspect Array Communications


Inspect and Adjust CARP Load Factor


Configure DHCP for Automatic Discovery


Configure DNS for Automatic Discovery


Enable Automatic Discovery on TMG


Configure a Client for Automatic Discovery


Inspect and Verify TMG Client Server Settings


Install the TMG Client Software


Configure Client as a SecureNAT Client


Configure the Proxy Server Role.


Configure the Caching Server Role.


Configure Cache Routing and Distribution.


Configure Web Proxy Auto Discovery.


Configure TMG Clients.


This module describes how to configure client protection using TMG 2010. Lessons presented in this module will provide an overview of Malware Inspection, URL Filtering, Email Inspection, Application Filter and HTTP/HTTPS Inspection. You will also learn how to implement, configure, monitor and troubleshoot using these tools and techniques.


Configuring Malware Inspection


 Overview of Malware Inspection


 Implementing Malware Inspection


 Monitoring Malware Inspection


Configuring URL Filtering


 Overview of URL Filtering


 Understanding Microsoft Reputation Services


 Implementing URL Filtering


 Monitoring URL Filtering


Configuring Email Inspection


 Understanding Email Threats


 Implementing Email Inspection


 Configuring Exchange for Email Inspection


 Monitoring Email Inspection


Configuring Application Filters


 Overview of Application Filters


 DNS Filter


 FTP Access Filter


 H.323 Filter


 Session Initiation Protocol Filter


 Streaming Media Filter


 Socks Filter


 Other Filters


Configuring HTTP/HTTPS Inspection


 Overview of HTTP/HTTPS Application Filter


 Configuring HTTP/HTTPS Filters


 Monitoring HTTP/HTTPS Filters


Enabling Malware Inspection


Configuring Malware Inspection Settings


Creating an Access Rule


Testing Malware Inspection


Enabling URL Filtering


Testing Websites


Creating your own Category Set


Using URL Filtering


Creating an Overriding Rule


Configuring SMTP Protection


Configuring Content Filtering/Spam Filtering


Configuring the DNS Filter


Configuring the DNS Filter with Scripts


Configuring the FTP Access Filter


Enabling HTTPS Inspection


Creating your own Domain Name Set


Configuring Exceptions


Exporting HTTP Filter Configuration


Importing the HTTP Filter Configuration


Configure malware inspection.


Configure URL filtering.


Configure Email inspection.


Work with Application Filters.


Configure HTP/HPPTS inspection.


This module describes how to publish client access to internal resources. Lessons presented in this module will provide an overview of publishing, publishing rules. You will also learn how to configure publishing for Web, HTTPS and miscellaneous servers.


Introduction to Publishing


What is Publishing?


Available Publishing Rules


How are Publishing Rules Evaluated?


Configuring Web Publishing


Configuring Path Mappings


Configuring Web Listeners


Configuring Link Translations


Implementing Web Publishing


How Web Server Publishing Authentication Works


Using RADIUS for TMG Authentication


Using 3rd Party Authentications


Configuring HTTPS Server Publishing


Preparing TMG for SSL


Configuring SSL Bridging


Configuring SSL Tunneling


Implementing HTTPS Web Server Publishing


Configure Server Publishing


How Server Publishing Works


Configuring a Server Publishing Rule


Troubleshooting Server Publishing


Create a new Listener


Create a new Web Publishing Rule


Testing Access to the Published Web Server


Request a new Certificate for the Web Server


Export Certificate from Web Server


Configure Web Site for SSL


Import Certificate to TMG Server


Create a Web Site Publishing Rule


Create an Alias (CNAME) on DNS Services


Test Access to the Published Web Server


Publishing DNS Services


Testing Published DNS Server


Configure Web Publishing.


Configure HTTPS Server Publishing.


Configure Server Publishing.


This module describes how to publish client access to internal Exchange and SharePoint server resources. Lessons presented in this module will describe the configuration requirements and how to configure SMTP access rules. You will also learn how to publish Exchange and SharePoint client access.


Sending and Receiving Internet Email Messages


 SMTP Configuration Requirements


 Creating an Outbound SMTP Access Rule


 Publishing SMTP Service


Publishing exchange Client Access with TMG


 Exchange Configuration Requirements


 TMG Configuration Requirements


 Creating a Web Listener


 Creating Exchange CAS Publishing Rules


 Enabling Additional Features


 Troubleshooting Exchange Publishing


Publishing SharePoint Client Access with TMG


 SharePoint Configuration Requirements


 TMG Configuration Requirements


 Creating a Web Listener


 Creating a SharePoint Publishing Rule


Create Mail Server Publishing Rule


Test Access to Published SMTP Service


Export Certificate from Exchange Server


Configure Exchange Server Authentication


Add IP Address to the External Interface on TMG Server


Import Certificate to TMG Server


Create and Exchange Outlook Web Access Publishing Rule


Create and Exchange ActiveSync Publishing Rule


Create an Exchange Outlook Anywhere Publishing Rule


Test Publishing Rules Settings


Test Access to Outlook Web App


Request a new Certificate for SharePoint Server


Export Certificate from SharePoint Server


Configure SharePoint Alternative Access Mapping


Configure SharePoint IIS for SSL


Create an Alias (CNAME) on DNS Services


Add an IP Address to an External Interface on TMG Server


Import Certificate to TMG Server


Create a SharePoint Site Publishing Rule


Test Access to SharePoint Server


Configure TMG for Sending and Receiving Internet Email Messages.


Publish Exchange Client Access with TMG.


Publish SharePoint Client Access with TMG.


This module describes how to configure different remote access scenarios using TMG 2010. Lessons presented in this module will provide an overview of Virtual Private Networks and how to enable /configure VPN for Secure Remote Access, Site-to-Site VPNs and Quarantines.


Overview of Virtual Private Networks


What is a Virtual Private Network (VPN)?


Available Options for VPN


What is a VPN Quarantine?


Configuring VPN for Secure Remote Access


Enabling a VPN


Configuring Authentication


Configure VPN Clients


Troubleshooting a VPN


Configuring a Quarantine


Radius-Based vs. TMG Quarantine Control


Implementing Radius-Based Quarantine Control


Implementing TMG Based Quarantine Control


Troubleshooting Quarantine Control


Configuring a Site-to-Site VPN


Selecting Tunneling Protocols


Enabling Site-to-Site VPN


Configuring the VPN Gateway Servers


Troubleshooting Site-to-Site VPN


Configuring VPN Client Access on TMG Server – PPTP


Create a VPN Client Connection to use PPTP


Request a new Certificate for TMG Server


Configuring VPN Client Access on TMG Server – SSTP


Edit VPN Client Connection to use SSTP


Configuring RADIUS Authentication


Configuring Authentication Method


Configuring Quarantine Control


Configuring Network Policy Server to use TMG as a RADIUS Client


Testing Connection


Describe how VPNs work.


Configure VPN for Secure Remote Access.


Configure a Quarantine.


Configure a Site-to-Site VPN.


This module describes the logging, reporting and monitoring tools available in TMG 2010. Lessons presented in this module will provide an overview of the monitoring options available, how to configure alerts, session monitoring filters and log storage options.


Overview of Monitoring


 Why Monitor TMG


 Available Monitoring Options


Configuring Alerts


 What is an Alert?


 Viewing Alerts


 Managing Alerts


 Configuring Alerts


 Configuring Alerts Actions and Tasks


 Creating Custom Alerts and Definitions


Configuring Session Monitoring


 What is Session Monitoring?


 Managing Sessions


 Configuring Session Filtering


Configuring Logging


 What is Logging?


 Configuring Log Storage Options


 Working with SQL Reporting


 Advanced Log Reporting


Managing Alerts


Adding an Action to a Predefined Alert


Create a Custom Alert Definition


Managing Session


Configure a Session Filter


Configure Log Queue


Create and Generate Reports


Monitor Connections in Real Time


Understand why you need to monitor TMG.


Configure Alerts.


Configure Session Monitoring.


Configure Logging and Reports.


This module describes how to backup, restore and troubleshoot TMG 2010. Lessons presented in this module will provide instructions how to backup and restore the TMG server and specific configurations. You will also learn how troubleshoot TMG in various scenarios using built-in tools and the TMG SDK.


Backing Up and Restoring TMG


Backing Up TMG


Restoring TMG


Exporting/Importing Configurations


Cloning TMG


Working with TMG Tools and the SDK


Auto-Discovery Configuration Tool


Certification Tool


Cache Tool


Network Monitor


DNS Tools


Miscellaneous Tools and the SDK


Troubleshooting TMG


Routine Server Management


Managing Attacks


Server Maintenance


Troubleshooting Tips from the Console


Troubleshooting tips from the Command Line


Backing Up an Array ConfigurationRestoring an Array ConfigurationExporting Firewall Policy SettingsImporting Firewall Policy Settings


Install Best Practices Analyzer


Perform Analysis with Best Practices Analyzer


Install and Work with Network Monitor


Enable Change Tracking


Simulate Network Traffic


Back Up and Restore TMG.


Work with TMG tools land SDK.


Troubleshoot TMG.


This module describes the advanced features of TMG 2010. Lessons presented in this module will provide an overview of security considerations with TMG; it will also explain how to migrate from ISA Server 2006 to TMG 2010, how to use scripts to manage TMG and how to implement Network Load Balancing (NLB). You will also learn how to implement TMG 2010 in a virtual environment using Hyper-V.


Security Considerations for TMG


 Installing Security Updates


 Guidelines for Enabling only Required Services


 Securing the Network Interfaces


 Additional Best Practices


Migrating from ISA Server to TMG


 Migration vs. New Install


 Exporting the Configuration


 Importing the Configuration


 Using the Single Server Conversion tool for TMG


 Verifying the Results


Using Scripts to Manage TMG


 Managing TMG with Scripts


 Managing TMG with PowerShell


 Running TMG Scripts Remotely


Implementing Network Load Balancing for TMG


 Implementing NLB and a Server Farm


 Using an External Load Balancer


 Planning for Internet Service Provider Redundancy


Implementing TMG in a Virtual Environment


 Hardware/Software Requirements


 Deploying TMG with Hyper-V


 Creating Highly Available Virtual Machines


 Troubleshooting TMG in a Virtual Environment


 Understand the security considerations for TMG.


 Migrate from ISA to TMG.


 Use scripts to manage TMG.


 Implement Network Load Balancing in TMG.


 Implement TMG in a virtual environment


This module describes the advanced networking of TMG 2010. Lessons presented in this module will explain how to implement Network Load Balancing (NLB) for TMG 2010, how extend networking security with UAG. You will also learn how to install and configure Network Access Protection (NAP) in a TMG 2010 environment.


Implementing Network Load Balancing (NLB) for TMG


 Implementing NLB and a Server Farm


 Using an External Load Balancer


 Planning for Internet Service Provider Redundancy


Extending Security Solution with Forefront UAG


 Comparing UAG vs . TMG


 Understanding Reverse Proxy and Application Publishing


 Overview of VPN Technologies


 Combining UAG with Direct Access


 Designing...


Gli utenti che erano interessati a questo corso si sono informati anche su...
Leggi tutto