This course is designed for network, IT security, and systems administration professionals tasked with architecting, implementing, and monitoring a client firewall and intrusion prevention system (IPS). You will learn how to monitor Symantec Endpoint Protection and implement disaster recovery procedures, and you'll learn how to configure application and device control, add additional protection, perform server and database management, and expand the management environment.

What You'll Learn

• Monitor and maintain the Symantec Endpoint Protection environment
• Configure firewall and intrusion prevention policies
• Customize network threat protection
• Manage the intrusion prevention system
• Add additional protection components
• Perform server and database management

Who Needs to Attend

Network managers, resellers, systems administrators, client security administrators, systems professionals, and consultants who are charged with the installation, configuration, and day-to-day management of Symantec Endpoint Protection in a variety of network environments, and who are responsible for troubleshooting and tuning the performance of this product in the enterprise environment

Prerequisites

• Working knowledge of advanced computer terminology, including TCP/IP networking terms and Internet terms
• Administrator-level knowledge of Microsoft Windows 2000/XP/2003 operating systems

Follow-On Courses

There are no follow-ons for this course.

Course Outline

1. Introduction

• Course Overview
• The Classroom Lab Environment

2. Introduction to Network Threat Protection and Application and Device Control

• Network Threat Protection Basics
• The Firewall
• Intrusion Prevention
• Application and Device Control

3. Configuring Firewall Policies

• Configuring Firewall Policy Elements
• Configuring Firewall Rules
• Configuring Smart Traffic Filtering
• Configuring Traffic and Stealth Settings

4. Managing Intrusion Prevention System (IPS) Policies

• Configuring IPS
• Managing Custom Signatures

5. Configuring Application and Device Control Policies

• Introducing Application and Device Control
• Creating Application and Device Control Policies
• Customizing Application and Device Control Policies

6. Customizing Network Threat Protection and Application and Device Control

• Managing Locations
• Managing Policy Components
• Configuring Application Learning
• Configuring System Lockdown

7. Configuring Additional Protection

• Configuring Tamper Protection
• Configuring Centralized Exceptions

8. Monitoring and Reporting

• Viewing Summary Data
• Viewing and Managing Logs
• Configuring and Viewing Notifications
• Creating and Viewing Reports

9. Performing Server and Database Management

• Managing Symantec Endpoint Protection Servers
• Managing Server Security
• Communicating with Other Servers
• Managing Administrators
• Managing the Database
• Disaster Recovery Techniques

10. Installing Additional Management Components

• Installing Additional LiveUpdate Servers
• Installing and Configuring the Central Quarantine
• Expanding the Management Environment