Course Overview
The Gigamon Deep Observability Pipeline is an essential element in any monitoring or security strategy. This 1-day course focuses on building inline SSL/TLS decryption solutions. Training is conducted through comprehensive discussions, real world use cases, and practical hands-on labs. If you are planning on implementing SSL/TLS decryption as part of your Gigamon deployment, this is a great additional day of training to help you achieve success.
Who should attend
The primary target audiences for the course are:
- Security Ops teams that need to understand how Gigamon inline SSL/TLS decryption solutions function in relation to designing and deploying visibility solutions utilizing these features.
- Network Ops teams that are familiar with Gigamon, and will be implementing a Classic or Flexible Inline Bypass solution with SSL/TLS decryption. These include roles like architects, admins, and operators.
Prerequisites
Mandatory Requirement: Customers must have knowledge of or have taken the Gigamon Foundations I: Insight into Network Data Across Your Network (GFD1) course before they take this one-day follow-on course.
It is also strongly recommended that learners have knowledge of or have taken the Gigamon Designing and Implementing Inline Bypass Solutions course. As a follow on course to the Gigamon Foundations I and Gigamon Designing and Implementing Inline Bypass Solutions courses, learners are expected to already possess these skills, abilities, and knowledge:
- Basic Flow Mapping
- GigaVUE-FM Navigation
- Inline Bypass Concepts and Configuration
Course Objectives
- Learn how Gigamon manages traffic flows where decryption of traffic is essential
- Understand the different map group choices which support inline SSL/TLS decryption
- Design and implement an inline SSL/TLS decryption solution
- Learn best practices and common challenges
Outline: Gigamon Inline SSL/TLS Decryption: Designing and Implementing Inline SSL/TLS Solutions (SSL SOLUTIONS)
Module 1: Gigamon Solution Overview
- Gigamon Platform
- Inline Bypass module options
Module 2: SSL/TLS Technology Overview
- SSL/TLS Overview
- SSL/TLS Handshake Process
- Understanding Private Keys and Certificates
Module 3: Inline Decryption Challenges
- NAT/PAT
- Traffic Asymmetry
- High Availability Solutions- Addressing Asymmetry
- Resilient Inline Arrangement (RIA) – Using Flexible Inline Bypass
Module 4: Inline SSL Decryption Policy
- Monitoring SSL/TLS Traffic – Out of Band versus Inline
- Inbound versus Outbound Configurations
- SSL/TLS Decryption Policy Parameters
- Decrypt / No Decrypt Decisions
- Configuring the Inline SSL/TLS Decryption Policy Profile
Module 5: Inline Decryption Mapping Configurations
- Best Practice Inline SSL/TLS Mapping Configurations
- Inbound TLS/SSL Decryption
- Verifying TLS/SSL Decryption Configurations