Cisco Stealthwatch Tuning

Cisco Stealthwatch Tuning

Cisco Stealthwatch Tuning is an instructor-led, lab-based, hands-on course offered by the Cisco Stealthwatch Learning Services team. A strong understanding of the Stealthwatch tuning process is crucial for gaining visibility across your enterprise and detecting actionable threats. This two-day course covers all essential aspects of the tuning process, including tuning best practices, which will optimize the Stealthwatch System.

Objetivos

After completing this course you should be able to:

Create summary views of all alarms in the system.
Explain how summary views can help prioritize the tuning strategy.
Develop tuning recommendations based on security events and alarm summary.
Identify workflows for tuning specific security events.
Test tuning strategies and recommendations.

Ciberseguridad

Disponible en formato e-learning

Disponible en formato presencial

Disponible en formato a distancia

Descargar la información del curso

Subvención disponible
A través de Fundae, cumpliendo requisitos.

Duración
10 horas

  • Dificultad 50% 50%
  • Nivel alcanzado 80% 80%

Dirigido a

Individuals who are responsible for tuning the Stealthwatch System, creating and maintaining policies, monitoring traffic, obtaining and responding to actionable alarms.

Conocimientos requeridos

Attendees should meet the following prerequisites:

Attended Cisco Stealthwatch for Security Operations (SSO)
Attended Cisco Stealthwatch for Network Operations (SNO)
Pre-requisitos:
SNO – Cisco Stealthwatch Network
SSO – Cisco Stealthwatch Security

Temario

Module 1: Introduction

Cisco Stealthwatch Tuning Course Overview
The Purpose of Tuning
Understanding Security Events and Alarms
Defining Stealthwatch Policies
Module 2: Classify the Stealthwatch System

Classify the System
Lab: Classify Public and Private IP Addresses
Lab: Trusted Internet Hosts
Lab: Classify Undefined Services and Applications
Module 3: Quiet Noisy Hosts

Quiet Noisy Hosts
Lab: Classify Network Scanners with the SMC Web UI
Lab: Reclassify IPs to Reduce Noise
Module 4: Posture the Stealthwatch System

Posture the System
Lab: Edit Role Policy
Host Locks and Custom Security Events
Lab: Host Locks and Custom Security Events
Response Management
Tiered Alarms
Lab: Create a Dashboard
Module: Summary and Course Wrap-up

Culminating Scenario: Tuning
Tuning Best Practices in Stealthwatch
Cisco Stealthwatch Tuning Course Outcomes
Course Conclusion

Solicita información del curso

Esta web utiliza cookies propias y de terceros para su correcto funcionamiento y para fines analíticos. Contiene enlaces a sitios web de terceros con políticas de privacidad ajenas que podrás aceptar o no cuando accedas a ellos. Al hacer clic en el botón Aceptar, acepta el uso de estas tecnologías y el procesamiento de tus datos para estos propósitos. Ver Política de cookies
Privacidad