Within this course, students will learn methods to properly plan, deploy, configure, secure, and manage their network infrastructures using the capabilities of the Enterasys Security Information and Event Management (SIEM) solution. These techniques are reinforced by understanding the numerous detection methodologies (Signature Pattern Matching, Anomaly Detection and Network Behavioral Anomaly Detection – NBAD), forensics, third party vulnerability assessment and intrusion detection tools integration, and reporting capabilities within the Enterasys SIEM solution. Students will gain hands on experience by performing real world tasks in a robust lab environment including upgrading, configuration, deployment and optimization of SIEM.

Kursinhalt
• Architecture – Enterasys Security Information and Event Management (SIEM)
• Device Configuration and Deployment
• Overview of flow aggregation capabilities
• Network Behavioral Anomaly Detection (NBAD)
• Overview of log aggregation capabilities
• Integration with Enterasys Intrusion Prevention System (IPS)
• Rules
• Sentries
• Reporting

Jeder Teilnehmer erhält die englischsprachigen Original-Unterlagen von Enterasys.

Maßgeschneiderten Kurs anfragen

Zielgruppe
Security Managers, Network / Security Architects, Security Integrators

Voraussetzungen
Students should possess an understanding of network fundamentals, traffic classifications, and general network management concepts, as well as network security concepts and technologies.

Weiterführende Kurse
ECS Advanced SIEM