Course

SSL Inspection 4

For training/certification requests or questions, contact: [email protected]

Course Description

This course provides users with the necessary skills to implement a system for inspection of SSL traffic.

Objectives

From two ACOS devices pre-configured in a Layer 3 base environment, students learn how to configure SSLi and the concepts behind how SSLi works:

  • SSLi Concepts
  • SSLi Configuration
  • SSLi Bypass Features
  • SSLi Troubleshooting

Class Structure

  • Classroom Discussion     50%
  • Lab Exercises     50%

Prerequisites

  • OSI reference model
  • Network topology and administration
  • An industry standard switching and routing CLI

Audience

  • Network Operations (NetOps)
  • Development Operations (DevOps)
  • Network Security (NetSec)
  • Architects (Arch)

Outline

TOPICLABTIME (Hours)

SSLi Overview

SSLi Concepts
SSLi Traffic Flow
SSLi Requirements
Deployment Topologies

X0.5

Configuring the Internal SSLi Device

Access-List configuration
VLAN configuration
Server configuration
Service Group configuration
client-ssl template configuration
Wildcard VIP configuration

0.5

Configuring the External SSLi Device

Access-List configuration
VLAN configuration
Server configuration
Service Group configuration
server-ssl template configuration
Wildcard VIP configuration

X1.5

SSLi Bypass Features

Static Bypass
Web Category Bypass
SNI Support

0.5

SSLi with Explicit Proxy

Explicit Proxy Overview
SSLi with Explicit Proxy
Explicit Proxy Configuration

0.5

Other Features

Static Port Intercept
Dynamic Port Intercept
ICAP
AppCentric Template

X1.5

SSLi Troubleshooting

Examining Traffic Flow
AXDebug
Show Techsupport

X1.0

For questions and to register for a course​

Contact A10 Training