Webex Sophos Utm

Posted on  by admin

Cisco Unified communications, IP Telephony and WebEx Sophos security - Sophos UTM - End point security - Central Manager Wireless solution Data storage - EMC 3TB solutions - NetApp 24TB solution - Disaster recovery on two sites Help Desk - On site in Feni Industries - Remote to all branches Show more Show less. Sophos UTM has the capability of providing Quality Of Service (QoS) for the traffic that passes through it. Because QoS is a generic term, let’s start with what it means. Wikipedia defines QoS as: The overall performance of a telephony or computer network, particularly the performance seen by the users of the network. Hopefully, adding Anti-Virus to the Exception for ^https?://A-Za-z0-9.-.webex.com will be all you need. If that doesn't resolve it, then you'll need to skip the Proxy for the needed webex IPs. If that doesn't resolve it, then you'll need to skip the Proxy for the needed webex IPs.

EDirectory SSO mode requires that UTM be configured with credentials to communicate with at least one eDirectory server within the eDirectory tree. UTM will then communicate with the directory server to track the IP address of all logged in users. When a web request is made by a client, the source is checked against all current logged in users. We are expanding with Sophos UTM firewalls to branch offices. Needless to say that an import/export feature of definitions missing is vastly disappointing and unacceptable. I have to waste a lot of precious time to manual type in hundreds of definitions.

In Uncategorized

This course is designed for technical professionals who will be administering Sophos SG UTM and provides the skills necessary to manage common day-to-day tasks. The course is available either online or as an instructor-led classroom course. It consists of presentations and practical lab exercises to reinforce the taught content, and electronic copies of the supporting documents for the course will be provided to each trainee through the online portal.

Sophos UTM Administrator Course (Tuesday 6 April 2021– Wednesday 7 April 2021)

Objectives

On completion of this course, trainees will be able to:

  • Recognize the main technical capabilities and how they protect against threats
  • Complete common configuration tasks
  • Backup and restore the system
  • Complete common day-to-day tasks
  • View and manage logs and reports

Prerequisites

There are no prerequisites for this course; however it is recommended that trainees should:

  • Have networking knowledge equivalent to CompTIA N+ or better
  • Be familiar with security best practices
  • Be able to setup a Windows server
  • Have experience of configuring and managing network gateway devices
  • Have knowledge of general Windows networking and Microsoft Active Directory

If you are uncertain whether you meet the necessary prerequisites to take this course, please email us at [email protected] and we will be happy to help.

Certification

To become a Sophos Certified Administrator, trainees must take and pass an online assessment. The assessment tests their knowledge of both the presented and practical content. The pass mark for the assessment is 80%, and is limited to 4 attempts.

Location: NSS training center (broadcast via webex)

Duration: 1 1/2 days

Lab Environment

Each student will be provided with a pre-configured environment which simulates a company network with two sites, a head office and a branch office and contains Windows Servers and two SG UTMs.

Agenda

Trainer: Michael Eleftheroglou

Day 1 Tuesday 6 April 2021

9:30-10:00 Module 1: Security Threats and how the UTM Protects Against Them

10:00-11:00 Module 2: Getting Started with UTM Firewall

11:00-12:00 Labs

Configure a UTM using the Setup Wizard

  • Navigate the WebAdmin
  • Configure system settings
  • Create definitions
  • Configure interfaces and routing

12:00-12:45 Lunch

12:45-13:10 Module 3: Network Protection

13:10-14:00 Labs

Webex sophos utm login
  • Create firewall rules
  • Configure NATing
  • Demonstrate Advanced Threat Protection
  • Configure Intrusion Prevention (IPS)

14:00-14:35 Module 4:Site-to-Site Connections

14:35-15:00 Labs

  • Configure an SSL site-to-site VPN
  • Configure an IPsec site-to-site VPN

15:00-15:35 Module 5:Authentication

15:35:16:15 Labs

  • Configure local authentication and the User Portal
  • Configure external authentication using Active Directory
  • Enable one-time passwords
  • Configure Active Directory SSO for web filtering

16:15-17:00 Module 6:Web Protection and Application Control

Day 2 Wednesday 7 April 2021

9:30-11:00 Labs

  • Deploy the HTTPS CA certificate
  • Configure Filter Actions
  • Sophos Certified Administrator
  • Manage Websites
  • Configure Web Policies
  • Configure Web Profiles
  • Configure Application Control

11:00-11:35 Module 7 Email Protection

11:35-13:00 Labs

  • Enable and configure quarantine digests
  • Configure an Email Protection Policy for MTA mode
  • Encrypt emails that match a Data Control List using SPX
  • Manage quarantined items as a user

13:00-13:45 Lunch

13:45-14:15 Module 8 Wireless and Remote Access

14:15-14:40 Labs

  • Configure an SSL remote access VPN
  • Configure the HTML5 VPN Portal

14:40-15:10 Module 9 Endpoint Protection and Mobile Control

15:10-15:40 Module 10 Logging, Reporting and Troubleshooting

15:40-16:10 Labs

  • Run, customize and schedule reports
  • View and manage log files
  • Use built-in support tools
  • Further

Cisco has patched a critical bug that could give attackers unauthorised access to Firepower Management Centre (FMC), the device that controls all of its security products.

Cisco’s FMC is an administrative controller for the company’s network security products, giving administrators access to firewalls, application controllers, intrusion prevention, URL filtering, and malware protection systems. According to the company’s advisory, issued on 22 January, the vulnerability could allow a remote attacker to execute administrative commands on the device after bypassing authentication.

The problem lies in how the FMC handles authentication responses from Lightweight Directory Access Protocol (LDAP) servers. LDAP is a popular protocol that applications use to access directories (known as directory system agents). The directories hold information about users, including their access credentials.

The FMC is only vulnerable if it uses an external LDAP server to authenticate users of its web-based management interface. Cisco advises customers to check these using the product’s administrative interface. Go to the System menu, then Users, and finally External Authentication. Look for an External Authentication Object that is enabled and lists LDAP as its authentication method.

The bug, CVE-2019-16028, has a CVSS score of 9.8. Cisco has patched it in maintenance releases for versions 6.4 and 6.5, which are both available now. It will also introduce maintenance releases for versions 6.2.3 and 6.3.0 in February and May respectively. Until then, customers can use hot fixes for those products. Those using earlier versions should migrate to a fixed release, the company said.

Webex

This was the one critical bug in a collection of 28 advisories that Cisco released last week. It also announced patches for several bugs with high severity, including some in its collaboration products.

One of these, a bug in its Webex Meetings Suite and Meetings Online websites, enables attackers using an iOS or Android device to join a password-protected meeting without authenticating. The vulnerability exposes unintended meeting information in the mobile app that enables the attacker to access a known meeting ID or URL from their web browser, which then launches the mobile Webex application.

Another vulnerability in the video endpoint API of its Cisco TelePresence software fails to properly validate user-supplied input. An attacker could exploit it to read and write arbitrary files to the system, but they would need an In-Room Control or administrator account to do so.

Sophos Utm Webex Audio

Latest Naked Security podcast

LISTEN NOW

Sophos Utm Webex Exception

Click-and-drag on the soundwaves below to skip to any point in the podcast.