Security Empowers Business

DA

TAS

HE

ET

MODULE SUMMARIES:

BCCPA

This document gives brief summaries of the modules in the Blue Coat Certified ProxySG Administrator (BCCPA) course.

Module 1: Introduction to the ProxySGThe ProxySG provides complete control over web traffic enabling the following functions: strong user authentication; Web filtering; deep inspection of content for data loss or threats; security checks to the WebPulse collaborative cloud defense; inspection and validation of SSL traffic; content caching and traffic optimization; bandwidth management; streaming media splitting and caching; method-level controls per protocol; plus the ability to filter, strip, or replace web content. The ProxySG is the ultimate foundation for a Secure Web Gateway (SWG) with its content controls and policy flexibility, or a branch office providing security and acceleration in one solution.

Module 2: ProxySG Security DeploymentsPlanning and designing the most efficient deployment is the most important decision you have to make, second only to the one of actually buying the ProxySG. The ProxySG is engineered to offer the maximum flexibility of deployment; you can scale from small to extremely large environments, and you can build fault tolerance and redundancy. The deployment strategy that you implement can determine the availability of ProxySG features and functionalities. More importantly, this decision determines how users are affected by the proxy deployment.

Module 3: ProxySG Initial Security ConfigurationAfter you have physically installed a new ProxySG, the next step is to configure the operating software of the appliance so that it can begin filtering and optimizing network traffic. This process involves making several key decisions about how the appliance will be deployed and what it will be expected to do. This module describes the different methods that you can use to initially configure a new ProxySG.

Module 4: ProxySG Management ConsoleThis module introduces the ProxySG graphical user interface, which is how users most commonly work with their appliances. It focuses on the basic features of the Management Console and introduces the tools that students will use extensively which students use extensively during lab exercises throughout the rest of the course.

Module 5: ProxySG Security LicensingThis module focuses on what a customer must do to license the ProxySG for an SWG deployment and what behavior they should expect from their Blue Coat products in regards to the license. You will learn what types of licenses Blue Coat offers, and how each type of license is acquired.

Module 6: Proxy ServicesUnderstanding the concept of services on the ProxySG is a fundamental part of learning how to effectively use the appliance. This module describes the concepts of services, listeners, and proxies as they relate to one another on the ProxySG; the three predefined proxy service groups and the types of services contained in each; how the intercept and bypass settings affect what happens to network traffic passing through the ProxySG; the function of common global proxy service settings (tunnel on protocol error, reflect client IP, trust destination IP, user overflow action); and the function of the default proxy service listener.

Module 7: Hypertext Transfer ProtocolThis module describes HTTP and how it is used to transport information across the Internet. It is very important that students understand HTTP to understand and appreciate all of the features and functionalities of the ProxySG.

Module 8: Introduction to the Visual Policy ManagerThe ProxySG policy processing engine provides a comprehensive policy architecture that spans all users, content types, applications, and security services. This framework allows a security administrator to control Web protocols and Web communications across the entire organization. The Visual Policy Manager (VPM) is a graphical user interface to the ProxySG policy framework that allows you to perform the most common policy-related tasks in a visual environment. This module introduces the VPM and its key concepts.

BLUE COAT CERTIFIED PROXYSG ADMINISTRATOR (BCCPA) V4.3

Module Summaries (July 2014)

Security Empowers Business

Security Empowers Business

DA

TAS

HE

ET

Blue Coat Systems Inc. www.bluecoat.com

Corporate Headquarters Sunnyvale, CA

+1.408.220.2200

EMEA Headquarters Hampshire, UK

+44.1252.554600

APAC Headquarters Singapore

+65.6826.7000

© 2014 Blue Coat Systems, Inc. All rights reserved. Blue Coat, the Blue Coat logos, ProxySG, PacketShaper, CacheFlow, IntelligenceCenter, CacheEOS, CachePulse, Crossbeam, K9, the K9 logo, DRTR, Mach5, Packetwise, Policycenter, ProxyAV, ProxyClient, SGOS, WebPulse, Solera Networks, the Solera Networks logos, DeepSee, “See Everything. Know Everything.”, “Security Empowers Business”, and BlueTouch are registered trademarks or trademarks of Blue Coat Systems, Inc. or its affiliates in the U.S. and certain other countries. This list may not be complete, and the absence of a trademark from this list does not mean it is not a trademark of Blue Coat or that Blue Coat has stopped using the trademark. All other trademarks mentioned in this document owned by third parties are the property of their respective owners. This document is for informational purposes only. Blue Coat makes no warranties, express, implied, or statutory, as to the information in this document. Blue Coat products, technical services, and any other technical data referenced in this document are subject to U.S. export control and sanctions laws, regulations and requirements, and may be subject to export or import regulations in other countries. You agree to comply strictly with these laws, regulations and requirements, and acknowledge that you have the responsibility to obtain any licenses, permits or other approvals that may be required in order to export, re-export, transfer in country or import after delivery to you. v.DS-MODULE-SUMMARIES-BCCPA-EN-v3b-0814

Module 9: Content Filtering and WebPulseContent filtering is a primary capability of the ProxySG and is a key feature of WebPulse, Blue Coat’s cloud computing service. This module describes some of the attack vectors by which malware can be transmitted to users, the concept of dynamic link analysis and how it is implemented in WebPulse, key concepts of content filtering on the ProxySG, including categories and databases. Also discussed are key components of WebPulse, the basic transaction flow of WebPulse, how Blue Coat WebFilter interacts with WebPulse, its licensing requirements, and its interface with the ProxySG.

Module 10: Managing DownloadsThis module explains how malware can be transmitted via HTTP and explains the methods, advantages, and disadvantages of file type detection. It also describes some of the considerations in deciding what content to block as possible malware sources.

Module 11: Authenticating Users on the ProxySGThis module is the first of three BCCPA modules about user authentication. This module describes the benefits of enabling authentication on the ProxySG, the flow of authentication messages among a client, the ProxySG, authentication servers, and content servers in an explicit proxy deployment. It also explains the difference between proxy authentication and server authentication, and the function of authentication realms on the ProxySG.

Module 12: IWA Authentication RealmsThis module identifies the high-level tasks in configuring the ProxySG to authenticate users against an external database. It also describes the key characteristics of an IWA realm, the two IWA deployment options, how to configure an IWA realm, the general characteristics of NTLM and Kerberos authentication, and best practices for configuring authentication on the ProxySG.

Module 13: Authentication with Transparent ProxyAuthentication in transparent proxy deployments is a challenge. This module explains the different HTTP authentication challenges used with explicit and transparent proxy connections, how and why the ProxySG uses a virtual URL to authenticate users in transparent proxy deployments, and the content and flow of traffic in transparent proxy authentication traffic involving a client, a ProxySG, and an authentication server.

Module 14: Exceptions and NotificationsThis module identifies the two types of exceptions supported on the ProxySG. It also describes the hierarchy of exception page definitions, the function of Notify User objects, and the types of pages that can be sent to users by using Notify User objects.

Module 15: Access LoggingThis module describes how the ProxySG performs access logging, the components of a ProxySG access log facility, default log facilities and log formats, and common use cases for periodic and continuous uploading of access logs.

Module 16: SSL FundamentalsThis module identifies key functions of the SSL proxy on the ProxySG and describes the role of the ProxySG in processing HTTPS traffic between a client and server, the differences in how the ProxySG handles HTTPS traffic in explicit proxy and transparent proxy connections, and how to use the VPM to create basic policy that controls SSL interception and processing.

Appendix A: LDAP Authentication RealmsThis appendix describes the LDAP structure, LDAP realm configuration, LDAP authentication over HTTP, LDAP authentication caching, creating and testing an LDAP realm, and creating an authentication policy using an LDAP realm.