InstruktorMarija Desnica
Vrsta kursaU školi
DatumTermin u najavi
VremeTermin u najavi
MestoNovi Sad, Trg Mladenaca 5
Slobodnih mesta2/0
Prijavi se

This course is designed for technical professionals who will be demonstrating Sophos XG Firewall and provides an overview of the product, including an introduction to the major capabilities and core configuration concepts.

The course is expected to take 2 days (16 hours) to complete, of which approximately half will be spent on the practical exercises.


  • On completion of this course, trainees will be able to:
  • Understand the technical capabilities of Sophos XG Firewall and their benefits
  • Complete common configuration tasks
  • Demonstrate the most commonly used features
  • Complete a simple evaluation or deployment
  • Perform preliminary sizing


Prior to taking this course you should:

  • Have completed and passed the Fundamentals Certified Engineer course We also recommend that you have the following knowledge and experience:
  • Knowledge of networking to a CompTIA N+ level
  • Experience configuring network security devices

If you are uncertain whether you meet the necessary prerequisites to take this course, please email us at and we will be happy to help.

To complete the course, trainees must take and pass an online assessment. The assessment tests their knowledge of both the presented and practical content. The pass mark for the assessment is 80%, and is limited to 4 attempts. Trainees should note that to become a Sophos Certified Engineer, they must complete and pass two product courses.
Sophos Certified Administrator

Lab Environment
Each student will be provided with a pre-configured environment which simulates a company network with two sites, a head office and a branch office and contains Windows Servers, a Windows Desktop and two XG Firewalls.


Module 1: XG Firewall Overview (25 mins)

  • Describe the features of Sophos XG Firewall
  • Explain the deployment options and device types
  • Describe the central management and logging add-ons available  List the support options

Module 2: Getting Started with XG Firewall (45 mins)

  • Explain the deployment modes for Sophos XG Firewall
  • Activate a Sophos XG Firewall
  • Perform a simple deployment using the wizard
  • Navigate the WebAdmin in the Sophos XG Firewall
  • Understand objects and how to create them
  • Understand zones and how to create them
  • Configure routing
  • Labs (50 mins)
  • Register for a Sophos Central evaluation
  • Register and Activate a Sophos XG Firewall
  • Navigate the WebAdmin
  • Configure zones and interfaces
  • Configure static routes
  • Create definitions
  • Configure DNS request routes
  • Import CA certificates
  • Create a configuration backup

Module 3: Network Protection (35 mins)

  • Understand the different types of firewall rules
  • Configure a network rule to block or allow traffic
  • Secure the traffic being passed by a rule with IPS and Heartbeat
  • Configure Advanced Threat Protection
  • Be able to publish a server using a basic Business Application Rule
  • Labs (60 mins)
  • Configure logging
  • Create network firewall rules
  • Install the SSL CA certificate
  • Install Sophos Central
  • Publish servers using Business Application Rules
  • Configure IPS policies
  • Enable Advanced Threat Protection
  • Enable DoS and spoof protection
  • Configure Security Heartbeat

Module 4: Site-to-Site Connections (35 mins)

  • Explain the VPN options available for site-to-site connections
  • Configure an SSL and IPsec site-to-site VPN
  • Understand RED deployment and configuration
  • Understand how to implement failover
  • Labs (30 mins)
  • Configure an SSL site-to-site VPN
  • Configure an IPsec site-to-site VPN

Module 5: Authentication (35 mins)

  • Explain the different types of user and authentication on the XG Firewall
  • Manage users and groups using local and external authentication
  • Install and configure STAS and SATC for single sign-on
  • Create identity-based policies
  • Enable and use one-time passwords (OTP)
  • Labs (30 mins)
  • Configure Active Directory Authentication
  • Configure Sophos Transparent Authentication Suite
  • Configure User-based policies including Security Heartbeat
  • Configure One Time Passwords

Module 6: Web Protection and Application Control (35 mins)

  • Understand the need for web protection
  • Configure a web policy and options
  • Apply a web policy to a rule
  • Understand application protection
  • Create an application filter
  • Apply an application filter to a rule
  • Labs (40 mins)
  • Create custom web categories and user activities to use in a web policy
  • Create a custom web policy that applies different actions to groups of users
  • Create a surfing quota for guest users
  • Configure an application filter policy

Module 7: Email Protection (30 mins)

  • Understand the capabilities of Email Protection and the differences between the deployment modes
  • Configure email policies in both MTA mode and legacy mode
  • Create custom Data Protection policies
  • Configure SPX Encryption
  • Configure user quarantine management
  • Labs (40 mins)
  • Enable and configure quarantine digests
  • Configure an Email Protection Policy for MTA mode
  • Encrypt emails that match a Data Control List using SPX
  • Manage quarantined items as a user

Module 8: Wireless and Remote Access (40 mins)

  • Describe the main capabilities of Wireless Protection
  • Create wireless networks
  • Add and configure wireless access points
  • Configure mesh networking
  • Configure RADIUS authentication for wireless networks
  • Understand and enable Fast BSS transition
  • Describe the options for remote access
  • Configure remote access using SSL and IPsec
  • Labs (25 mins)
  • Create a hotspot
  • Configure an SSL remote access VPN

Module 9: Logging and Reporting (20 mins)

  • Describe the capabilities of on-box reporting
  • Create bookmarks and reports
  • Configure scheduled reports
  • Work with the XG Firewall logs
  • Labs (10 mins)
  • Run, customize and schedule reports

Module 10: Sizing, Evaluation and Troubleshooting (25 mins)

  • Perform sizing for a Sophos XG Firewall appliance
  • Explain best practice for an on-site evaluation
  • Identify diagnostic and troubleshooting tools
  • Labs (30 mins)
  • Use SF Loader tools
  • View the connection table
  • Use the drop-packet-capture command
  • Use the WebAdmin Log View and Packet Capture
  • View service status and enable debug logging