Security Empowers Business

DA

TAS

HE

ET

MODULE SUMMARIES:

BCCPP

This document gives brief summaries of the modules in the Blue Coat Certified ProxySG Professional (BCCPP) course.

Module 1: SGOS ArchitectureSGOS is the operating system that the ProxySG uses. The architecture of SGOS is complex and evolves continually to support new and better features. This module discusses, at a high level, the details of how SGOS handles transactions, analyzes and processes policy, and caches content.

Module 2: Caching ArchitectureThis module introduces the concept of caching, where copies of pages and files requested from the web are saved to reduce the time it takes to re-request them. This can reduce latency, provide bandwidth management, and prevent high loads on servers. The module also explains how caching is implemented in the ProxySG.

Module 3: Introduction to CPLYou can create policy rules on the ProxySG using either the Visual Policy Manager, which is accessible through the Management Console, or by composing Content Policy Language. CPL is a proprietary programming language specific to the ProxySG. It allows you to express the policy rules that are enforced by the ProxySG. CPL is a powerful but complex language that requires considerable experience to master.

Module 4: Basic CPLThis module introduces the basic concepts of CPL programming. You will explore how the language is structured, as well as some of the key language constructs that you are most likely to use. CPL contains hundreds of components, not all of which are presented in this course.

Module 5: Policy TracingTracing allows you to examine how the ProxySG policy is applied to a particular request. To configure tracing in a policy file, you can use several policy language properties to enable tracing, set the verbosity level, and specify the path for output. Using appropriate conditions

to guard the tracing rules, you can be specific about the requests for which you gather tracing information. This module presents the two main types of ProxySG policy traces, and describes the advantages and disadvantages of each type of policy trace.

Module 6: Kerberos AuthenticationConfiguring an IWA authentication realm on the ProxySG to support Kerberos credentials is a simple process. However, additional configuration is required on your domain controller. This module describes advantages of using Kerberos credentials for user authentication and explains the message flow in authentication transactions involving IWA Direct and BCAAA authentication realms that accept Kerberos credentials.

Module 7: Authentication TroubleshootingThe ProxySG provides several diagnostic tools that can help you determine whether an authentication issue is being caused entirely or in part by the ProxySG. This module reviews the available tools and concludes with an exercise in which you will be given a real-world authentication scenario and directed to diagnose and resolve it.

Module 8: ProxySG Performance MonitoringEven after you have installed one or more ProxySG appliances, it is important to continue monitoring ProxySG performance because network conditions change over time. The ProxySG provides many tools that can be used to monitor its performance. In addition, the ProxySG can communicate via Simple Network Management Protocol (SNMP) to an external network management system that monitors your entire network. This module presents an overview of ProxySG performance monitoring and introduces you to the Management Information Bases (MIBs) that are provided for the ProxySG in an SNMP environment.

BLUE COAT CERTIFIED PROXYSG PROFESSIONAL (BCCPP) V4.3

Module Summaries (July 2014)

Security Empowers Business

Security Empowers Business

DA

TAS

HE

ET

Blue Coat Systems Inc. www.bluecoat.com

Corporate Headquarters Sunnyvale, CA

+1.408.220.2200

EMEA Headquarters Hampshire, UK

+44.1252.554600

APAC Headquarters Singapore

+65.6826.7000

© 2014 Blue Coat Systems, Inc. All rights reserved. Blue Coat, the Blue Coat logos, ProxySG, PacketShaper, CacheFlow, IntelligenceCenter, CacheEOS, CachePulse, Crossbeam, K9, the K9 logo, DRTR, Mach5, Packetwise, Policycenter, ProxyAV, ProxyClient, SGOS, WebPulse, Solera Networks, the Solera Networks logos, DeepSee, “See Everything. Know Everything.”, “Security Empowers Business”, and BlueTouch are registered trademarks or trademarks of Blue Coat Systems, Inc. or its affiliates in the U.S. and certain other countries. This list may not be complete, and the absence of a trademark from this list does not mean it is not a trademark of Blue Coat or that Blue Coat has stopped using the trademark. All other trademarks mentioned in this document owned by third parties are the property of their respective owners. This document is for informational purposes only. Blue Coat makes no warranties, express, implied, or statutory, as to the information in this document. Blue Coat products, technical services, and any other technical data referenced in this document are subject to U.S. export control and sanctions laws, regulations and requirements, and may be subject to export or import regulations in other countries. You agree to comply strictly with these laws, regulations and requirements, and acknowledge that you have the responsibility to obtain any licenses, permits or other approvals that may be required in order to export, re-export, transfer in country or import after delivery to you. v.DS-MODULE-SUMMARIES-BCCPP-EN-v3a-0814

Module 9: Basic ProxySG TroubleshootingThe ProxySG is an integral component of your organization’s online security. Although the ProxySG is engineered for very high reliability and ease of use, issues can arise that are caused by the ProxySG, its integration with external devices, administrator or user error, or other causes. This module identifies components of the ProxySG that could cause hardware failures, and describes the function of ProxySG health checks and the health monitor, the tools and techniques used to diagnose ProxySG performance issues, and the function and contents of the ProxySG event log.

Module 10: ProxySG IntegrationThe ProxySG is a key component of Blue Coat’s security solutions. However, the ProxySG also works in cooperation with many other Blue Coat products to provide complete web security to organizations of all sizes. This module focuses on how to configure the ProxySG to work with other Blue Coat products including the ProxyAV, Blue Coat Director, Blue Coat Reporter, the Blue Coat Cloud Service, the SSL Visibility Appliance, and the Security Analytics Platform. This module does not train you on the use or administration of these other products; BlueTouch Training Services offers additional training material that can be selected and combined to match your organization’s needs.

Appendix A: IPv6 in ProxySG Security DeploymentsProxySG support for IPv6 requires minimal IPv6-specific configuration. In the Management Console and command line interface, IP addresses can be entered in either IPv4 or IPv6 format and, where applicable, include a field for entering the prefix length (for IPv6 addresses) or subnet mask (for IPv4 addresses). This module presents an overview of the IPv6 capabilities of the ProxySG.