Secara definisi, arti dari security adalah "the state of being free from danger or threat" atau "suatu kondisi yang bebas dari bahaya atau ancaman”.


Jika dikaitkan dengan bisnis, security bisa diartikan suatu kondisi yg menjadikan perusahaan bisa terus menjalankan roda bisnis tanpa halangan, bahaya dan ancaman.


Jika dikaitkan dengan IT biasanya akan merujuk ke dua bagian, yaitu data & network security, atau keamanan data dan jaringan


Setiap organisasi tentunya mengharuskan sistem mereka comply pada kebutuhan-kebutuhan security, seperti:


MODUL 1: REPUTATION

requirement 1:minimize or elimate spam/virus

requirement 2:protecing company reputation

requirement 3: understand and analyzing log files


MODUL 2: DATA & IDENTITY PROTECTION

requreiment 4: minimize or eliminate identity theft (ssl, https)

requirement 5: minimize or eliminate data theft (multiserver, encryption, smime)

requirement 6: protecting company data (backup, retention, archiving, remote wipe)

requirement 7: monitoring & auditing (archving, discovery)

requirement 8: controlling admin & users access (admin delegation)


MODUL 3: AVAILABILITY & REDUNDANCY

requirement 9: minimize or eliminate downtime (multi-mta, multi-proxy, multi-ldap, multi-mbox, high availability, vsphere-ha, vmware-vsphere, redhat cluster)

requirement 10: patch/update/upgrade management (safe procedure upgrade)

requirement 11: performance (hsm, tuning, move mailbox)


Modul-modul training di atas akan membahas secara detail, aspek-aspek security compliance requirements dari sebuah organisasi, modul-modul ini dibuat sebagai pelengkap official training dari zimbra dan workshop dari jabetto


Dengan mengikuti training zimbra security, diharapkan akan menambah pemahaman setiap peserta untuk bisa terus meningkatkan compliance mereka terhadap issue-issue di security


SILABUS TRAINING MODUL 1: REPUTATION

1. UNDERSTANDING ZC ARCHITECTURE

  • ARCHITECTURE APPROACH
  • OPERATING SYSTEM
  • MODEL-MODEL PENGEMBANGAN
  • MAILBOX ARCHITECTURE
  • SYSTEM ARCHITECTURE
  • TRAFFIC FLOW
  • LAB: REVIEWING ZC POSTFIX


 2. UNDERSTANDING ZC MTA

  • DEPLOYMENT
  • POSTFIX
  • MTA FUNCTIONALITY
  • ANTISPAM
  • ANTIVIRUS
  • RECEIVING SENDING EMAIL
  • LAB: POSTFIX TWEAK


3.  UNDERSTANDING DNS & RBL

  • UNDERSTAND HOSTNAME RESOLUTION
  • FORWARD LOOKUPS
  • REVERSE LOOKUPS
  • RBL
  • LAB: IMPLEMENT LOCAL DNS & RBL


4. UNDERSTANDING ZC FILE CONFIGS

  • zmlocalconfig.xml
  • Common file config
  • LAB: COMMON TASKS ALTERING FILE CONFIG


5. UNDERSTANDING ZC CLI TOOLS

  • zmprov overview
  • other CLI: zmmailbox, zmaccts, zmlocalconfig, zmmsgtrace, zmmboxmove, zmblobchk, zmsoap, etc
  • service CLI: zm*ctl
  • LAB: COMMON TASKS USING  ZC TOOLS


6. UNDERSTANDING ZC ANTISPAM COMPONENTS

  • ZC AMAVISD-NEW
  • ZC SPAMASSASSIN
  • ZC CLAMAV
  • EXTERNAL COMPONENTS: RAZOR2, PYZOR, DCC, POSTGREY


7. IMPROVING ZC ANTISPAM

  • SPAMASSASSIN: INTERNAL BLACKLIST/WHITELIST, BASIC/META RULES, CLASS A IP BLOCKS, RAZOR, PYZOR, SPF
  • AMAVISD: CLOUDMARK AUTHORITY MILTER
  • GREYLISTING
  • DISCARDS EMAILS
  • EXTERNAL WHITELIST
  • LAB: IMPROVING ZC ANTISPAM


8. UNDERSTANDING ZC POLICYD

  • OVERVIEW: cbpolicyd/clubringer as a multi-platform policy server
  • LAB: Quota inbound dan outbound email


9. USER RESTRICTION

  • OVERVIEW: Restriction policy using zimbra tools
  • LAB: Rejecting over quota mail, Restricted User Must Login, Reject unlisted user, Reject Unknown Sender Domain, Restrict users to certain domain


10. UNDERSTANDING SPF/DKIM

  • SPF
  • DKIM
  • LAB: IMPLEMENT SPF/DKIM


11. LOG ANALYZING

  • UNDERSTANDING LOG FILES (MAIN LOGS & SPEFICIF LOGS)
  • LOG LEVEL
  • ACTIVITIES: WHERE & WHEN
  • MESSAGE HEADER
  • LAB: REVIEW LOGS FROM REAL SYSTEM