CISCO - Securing Email with Cisco Email Security Appliance (SESA) v2.1

This course prepares students to install, configure, operate, maintain and perform basic troubleshooting of the Cisco Email Security Appliance (ESA) and to maintain email security in small to medium-sized and enterprise deployments
Cisco Learning Partner
Private session

This training is available in a private or personalized format. It can be provided in one of our training centres or at your offices. Call one of our consultants of submit a request online.

Call now at 1 877 624.2344

  • Duration: 3 days
  • Regular price: On request

Course outline

Reference : © CISCO SESA v2.1

Duration : 3 days

SESA v2.1 is a comprehensive three-day hands-on training course that prepares students to install, configure, operate, maintain and perform basic troubleshooting of the Cisco Email Security Appliance (ESA) and to maintain email security in small to medium-sized and enterprise deployments. During the course, students will learn how to install, configure, operate, maintain, administer, and troubleshoot the Cisco Email Security Appliance. Students will also be provided with in-depth instruction on the ESA’s features, learn advanced Internet email security concepts, and gain an understanding of how to customize ESA configurations for their organizational needs.
The course provides students with practical activities that will prepare them to configure, administer, and conduct troubleshooting tasks on a secure email network in SMB and enterprise installations.
Learning credits 32
LanguagesThese scheduled public sessions are offered in English or in French (FR). The educational material is in English.


  • Security Architects & System Designers
  • Network Administrators & Operations Engineers
  • Network or Security Managers responsible for Email Security
  • Cisco ESA Customers
  • Employees


Attendees should possess the following background knowledge and skills:
  • Basic computer literacy, including the use of general office software such as Microsoft Office
  • Basic Microsoft Windows navigation and keyboard proficiency skills
  • Basic Internet usage skills, including use of a browser and search tools
  • Basic email usage skills
  • Moderate knowledge of TCP/IP fundamentals
  • Experience with Internet-based messaging, including SMTP, Internet message formats, and MIME message formatsAttendees should possess the following background knowledge and skills:


After completing this course, students will have knowledge of the following:
  • Creating and applying Data Loss Prevention (DLP) policies to outgoing email
  • Configuring Email Security Appliances to detect and handle unwanted spam and viruses
  • Using Message Tracking and Reporting to document email traffic trends
  • Managing spam quarantines
  • Using Cisco reputation based services, such as SensorBase and Virus Outbreak Filters, to increase the security of an email network
  • Integrating an ESA with a directory server via Lightweight Directory Access Protocol (LDAP)
  • Debugging LDAP integration issues
  • Using message filters to redirect and modify messages
  • Performing safe deployment and debugging of message filters
  • Configuring TLS and Guaranteed Secure Delivery
  • Configuring Email Authentication with DKIM and SPF


Module 1 - Introduction & System Overview
  • List IronPort Email Security Appliances
  • Describe the ESA Hardware Options
  • Describe the Email Pipeline Filters
  • List the ESA Feature Key Options
  • Describe the Operation of a Listener
Module 2 - Tracking and Reporting Messages
  • Perform a system installation of an M Series
  • Integrate the M
  • Series into the existing C Series lab.
  • Use local and Centralized Message Tracking
  • Use Local and Centralized Reporting
Module 3 - Controlling Sender & Recipient Domains
  • Configure public and private listeners
  • Configure SMTP Routes
  • Use Senderbase Reputation Scores (SBRS) to manage email
  • Use Mail Debugging Tools
Module 4 - Controlling Spam with SenderBase & Antispam
  • Adjust SBRS
  • Configure Antispam Settings
  • Configure the IronPort Spam Quarantine
  • Use the Security Management Appliance for Off Box Quarantining
Module 5 - Using Antivirus & Virus Outbreak Filters
  • Enable one or both Antivirus Engines
  • Use one or both AV Engines in Mail Policies
  • Use Virus Outbreak Filters to preemptively drop traffic and provide zero hour protection
  • Identify best practices for managing IronPort Antivirus
Module 6 - Using Mail Policies to Direct Business Email
  • Use Email Security Manager
  • Create a User-based Mail Policy
  • Use Message Tracking to monitor message splintering
Module 7 - Using System Quarantines and Delivery Methods
  • Describe, create and manage quarantines
  • Perform searches quarantine contents
  • Assign Bounce Profiles
  • Create Virtual Gateways
Module 8 - Using Content Filters for Specific Business Needs
  • Describe content scanning
  • Detect password protected / nonprotected attachments
  • Create weighted content matching
  • Use Smart Identifiers
  • Implement Matched Content Visibility
  • Execute best practices when staging new filters
Module 9 - Encrypting Outbound Email
  • Provision with the Cisco Registered Envelope Service
  • Associate a content filtering rule with an "Encrypt" action
  • Register a CRES Envelope Recipient
Module 10 - Troubleshooting
  • Identify Issues
  • Diagnose and Isolate Problems
  • Troubleshooting tools and best practices
  • Log file contents and log administration
Module 11 - System Administration
  • Safely upgrade software on your IronPort
  • Manage users and control alerting behavior
  • Manage configurations and prepare for disaster recovery Access Customer Support
Module 12 - Configuring LDAP Queries
This module focuses directly on common LDAP configurations and issues. A brief overview of LDAP is provided to give those new to LDAP some familiarity, but the bulk of the module assumes a basic understanding of LDAP terms and concepts. Active Directory is emphasized in a number of case studies to highlight the various installation choices. These include addressing the use of the ESA against multiple directories in a heterogeneous enterprise.
Module 13 - Message Filters (Advanced Policy)
This module focuses on advanced filter options with specific emphasis on creating, troubleshooting, simplification/streamlining and regular expressions. Helpful tips and tricks for both Message and Content filters are covered. Extensive hands on exercises are designed to give the students practice working with the CLI, as well as practical experience troubleshooting and examining logs.
Module 14: Email Authentication
Part I:
  • Module 1 - Introduction and System Overview
    Lab 1-1: Installing Your Email Security Appliance
  • Module 2 - Tracking and Reporting Messages
    Lab 2-1: Configuring the M-Series for Tracking and Reporting
  • Module 3 Controlling Sender and Recipient Domains
    Lab 3-1: Testing Your Listener Settings
  • Module 4 Controlling Spam with Cisco SenderBase and Antispam
    Lab 4-1: Defending Against Spam with SenderBase and Antispam
    Lab 4-2: Configuring Off-Box Quarantining to the M-Series
  • Module 5 Using Anti-Virus and Outbreak Filters
    Lab 5-1: Defending Against Viruses
    Lab 5-2: Defending Against Virus Outbreaks and Targeted Attacks
    Lab 6-1: Customizing Mail Policies for Your End Users
    Lab 7-1: Configuring Bounce Profiles
    Lab 7-2: Configuring Virtual Gateways
    Lab 8-1: Enforcing Your Business Policies in Email Delivery
    Lab 9-1: Configuring DLP
    Lab 10-1: Configuring Envelope Encryption
    Lab 11-1: Troubleshooting
    Lab 12-1: Delegated Administrator
    Lab 12-2: Configuring Clusters
Part II:
Lab 1-1: Configuring LDAP Accept
Lab 1-2: Configuring SMTP Call-Ahead
Lab 1-3: Accommodating Multiple Domains Using LDAP Accept Bypass and Domain
Lab 1-4: Controlling Mail Policies with LDAP Group Queries
Lab 2-1: Redirecting Your Mail with Message Filters
Lab 2-2: Removing Header Information from Outbound Email with Message Filters
Lab 2-3: Removing File Attachments with Message Filters
Lab 3-1: Encrypting with TLS
Lab 4-1: Domain Keys Identified Mail
Lab 4-2: SIDF and SPF Verification

Surround yourself with the best

Steve Waterhouse
A Certified Wireless Security Professional (CWNP), network technologies specialist (Cisco and CompTIA) and speaker on IT security.
Simon Bourassa
Simon Bourassa
Trainer and IT Consultant
Simon is passionate about software development and product development, but most of all about the people behind the code who work side by side developing innovative solutions.
Pierre-Edouard Brondel
Pierre-Edouard Brondel
Trainer and Desktop Application Consultant
Renowned as an educational expert in the IT and office technology field who has accumulated more than 25 years of experience, Pierre-Édouard is first and foremost passionate about human capital.
Valère Drainville
Valère Drainville
Trainer adn Expert Leader on Office 365 collaboration and efficiency
As the Expert Leader on Office 365 collaboration and efficiency, Valère Drainville specializes in helping you successfully implement and adopt Microsoft tools.