0 Produkter | 0,00
Go

Global Knowledge | Kursus & Certificeringer


Implementing Cisco SecurityMonitoring : Analysis and Response System

Kursuskode: MARS
Varighed: 4
Pris: DKR25.450,00 Exc Vat

Tilføj til Favoritter | Udskriv
Beskrivelse 

This course is designed to give delegates a better understanding of the Cisco Security Mitigation and Response System (CS MARS) family of high performance, scalable appliances for threat management, monitoring and mitigation, thus enabling customers to make more effective use of network and security devices by combining network intelligence, context correlation, vector analysis, anomaly detection, hotspot identification and automated mitigation capabilities. CS MARS solutions empower customers to readily and accurately identify, manage and eliminate network attacks and maintain network compliance.


Forudsætninger

The knowledge and skills that a learner must have before attending this course are as follows:

  • Fundamental Knowledge of Implementing Network Security
  • Delegates must hold a valid CCSP or Security CQS
  • Working knowledge of Routing and Switching / CCNA


Næste kursusdatoer

november
15 nov - 18 nov, 2010Hvidovre, Global KnowledgeTilføj til kurv





    oktober
    04 okt - 07 okt, 2010Norden (Sweden)Request Space
    november
    15 nov - 18 nov, 2010Nordisk (Norway)Request Space
    15 nov - 18 nov, 2010Norden (Sweden)Request Space
    29 nov - 02 dec, 2010Wokingham (United Kingdom)Request Space
    marts
    07 mar - 10 mar, 2011Wokingham (United Kingdom)Request Space
    07 mar - 10 mar, 2011Norden (Sweden)Request Space

    Flere informationer

    This course is aimed at Engineers who support sales of Cisco security product solutions, as well as; Cisco channel partners and customers who sell, implement, and maintain secure networks.

    At the end of the course delegates will be able to;-

    • Describe the Cisco Security MARS solution, features, and functions in relation to the issues of security incidents and security information in an enterprise network
    • Explain the task flows that you should follow when you deploy Cisco Security MARS as an STM system in your network
    • Cover the basic physical installation process of Cisco Security MARS software and hardware appliances and navigate the web-based administrator console
    • Add Cisco security and network devices into the Cisco Security MARS appliance
    • Add security and network devices from other vendors into the Cisco Security MARS appliance
    • Discuss NetFlow and the DTM features of the Cisco Security MARS appliance
    • Provide an overview of log parser templates
    • Use the management features in the Cisco Security MARS appliance to assign event, addressing, service, and user informationConfigure hardware maintenance tasks such as viewing the audit trail, data archiving, hot swapping hard drives, and upgrading software on Cisco Security MARS appliance
    • Describe the Cisco Security MARS user interface and Summary page to get an overview of the network
    • Describe the case management features that can capture, combine, and preserve user-selected Cisco Security MARS data within a specialized report called a case
    • Configure security devices to generate interesting events that constitute an attack scenario and have Cisco Security MARS collect the interesting events for incident investigation
    • Discuss attack mitigation and false-positive confirmation in the context of the Cisco Security MARS appliance
    • Configure the Cisco Security MARS appliance to perform incident investigation and attack mitigation
    • Explain how to create, view and save a long-duration query and reports on the Cisco Security MARS appliance
    • Configure the Cisco Security MARS appliance to send an alert
    • Describe and configure a rule (or rules) that detect interesting patterns of network activity and other anomalous network behaviorProvide an overview of Cisco Security MARS Global Controller

    Cisco Security MARS Overview and STM Task Flow

    • Introducing Cisco Security MARS
    • Understanding STM Task Flow


    Cisco Security MARS Configuration

    • Configuring Reporting and Mitigation Devices
    • Adding Cisco Security and Network Devices into the Cisco Security MARS Appliance
    • Adding Security and Network Devices from Other Vendors into the Cisco Security MARS Appliance
    • Working with User Defined Log Parser Templates


    Cisco Security MARS Incident Investigation

    • Network Summary
    • Case Management
    • Incident Investigation
    • Sending Notifications


    Cisco Security MARS Rules and Management

    • Cisco Security MARS Rules
    • Cisco Security MARS Management
    • System Maintenance
    • Cisco Security MARS Global Controller

    Recommended as preparation for exam(s):

    • None Specified at this moment in time

    Delegates may find the following courses of interest

    • NAC – Network Admission Control
    • CANAC – Implementing Network Appliance (Cisco Clean Access)

    I denne sektion

    Relaterede links

    Behov for hjælp?


    Copyright © 2010 Global Knowledge Danmark. Registreret i Danmark CVR nr. 29399700.
    Sitemap, Tilgængelighed, Privacy Policy, Salgsbetingelser, Legal Information.
    RSS. (Srv: 220)