Description
Who should attend
The primary target audiences for the course are:
- Security Ops teams that need to understand how Gigamon inline SSL/TLS decryption solutions function in relation to designing and deploying visibility solutions utilizing these features.
- Network Ops teams that are familiar with Gigamon, and will be implementing a Classic or Flexible Inline Bypass solution with SSL/TLS decryption. These include roles like architects, admins, and operators.
Prerequisites
Mandatory Requirement: Customers must have knowledge of or have taken the Gigamon Foundations I: Insight into Network Data Across Your Network (GFD1)
course before they take this one-day follow-on course. It is also strongly recommended that learners have knowledge of or have taken the Gigamon Designing and Implementing Inline Bypass Solutions course. As a follow-on course to the Gigamon Foundations I and Gigamon Designing and Implementing Inline Bypass Solutions courses, learners are expected to already possess these skills, abilities, and knowledge:
- Basic Flow Mapping
- GigaVUE-FM Navigation
- Inline Bypass Concepts and Configuration
Course Objectives
- Learn how Gigamon manages traffic flows where decryption of traffic is essential
- Understand the different map group choices which support inline SSL/TLS decryption
- Design and implement an inline SSL/TLS decryption solution
- Learn best practices and common challenges
Outline: Gigamon Designing and Implementing Inline SSL/TLS Solutions (SSL SOLUTIONS)
Module 1: Gigamon Solution Overview
- Gigamon Platform
- Inline Bypass module options
Module 2: SSL/TLS Technology Overview
- SSL/TLS Overview
- SSL/TLS Handshake Process
- Understanding Private Keys and Certificates
Module 3: Inline Challenges
- Traffic Asymmetry
- Resolving Asymmetry problems
- Resilient Inline Arrangement (RIA)
Module 4: Inline Decryption Challenges
- Passive versus Inline SSL/TLS Decryption
- Inbound versus Outbound Configurations
- SSL/TLS Decryption Policy Parameters
- Decrypt / No Decrypt Decision
Module 5: Inline Decryption Policy Profile Example
- Configuring the Inline SSL/TLS Decryption Policy Profile
Module 6: Inline Decryption Mapping Example
- Inline SSL/TLS Map Groups
- Inline SSL/TLS Mapping Example
- Using Inline Monitor Mode