Cisco - Implementing Cisco Security Monitoring, Analysis and Response System

Course

In London and Wokingham

£ 1,645 + VAT

Description

  • Type

    Course

This 4 day hands on Instructor led course is designed to give delegates a better understanding of the Cisco Security Mitigation and Response System (CS MARS) family of high performance, scalable appliances.

Facilities

Location

Start date

London
See map
EC2N

Start date

On request
Wokingham (Berkshire)
RG41

Start date

On request

Questions & Answers

Add your question

Our advisors and other users will be able to reply to you

Who would you like to address this question to?

Fill in your details to get a reply

We will only publish your name and question

Reviews

Course programme

Description
This 4 day hands on Instructor led course is designed to give delegates a better understanding of the Cisco Security Mitigation and Response System (CS MARS) family of high performance, scalable appliances.

Who is this course suitable for?
· This course is aimed at Engineers who support sales of Cisco security product solutions, as well as
· Cisco channel partners and customers who sell, implement, and maintain secure networks.

What does this course cover?

At the end of the course delegates will be able to;-
· Describe the Cisco Security MARS solution, features, and functions in relation to the issues of security incidents and security information in an enterprise network
· Explain the task flows that you should follow when you deploy Cisco Security MARS as an STM system in your network
· Cover the basic physical installation process of Cisco Security MARS software and hardware appliances and navigate the web-based administrator console
· Add Cisco security and network devices into the Cisco Security MARS appliance
· Add security and network devices from other vendors into the Cisco Security MARS appliance
· Discuss NetFlow and the DTM features of the Cisco Security MARS appliance
· Provide an overview of log parser templates
· Use the management features in the Cisco Security MARS appliance to assign event, addressing, service, and user informationConfigure hardware maintenance tasks such as viewing the audit trail, data archiving, hot swapping hard drives, and upgrading software on Cisco Security MARS appliance
· Describe the Cisco Security MARS user interface and Summary page to get an overview of the network
· Describe the case management features that can capture, combine, and preserve user-selected Cisco Security MARS data within a specialized report called a case
· Configure security devices to generate interesting events that constitute an attack scenario and have Cisco Security MARS collect the interesting events for incident investigation
· Discuss attack mitigation and false-positive confirmation in the context of the Cisco Security MARS appliance
· Configure the Cisco Security MARS appliance to perform incident investigation and attack mitigation
· Explain how to create, view and save a long-duration query and reports on the Cisco Security MARS appliance
· Configure the Cisco Security MARS appliance to send an alert
· Describe and configure a rule (or rules) that detect interesting patterns of network activity and other anomalous network behaviorProvide an overview of Cisco Security MARS Global Controller
During the course, you will learn:
Cisco Security MARS Overview and STM Task Flow
· Introducing Cisco Security MARS
· Understanding STM Task Flow

Cisco Security MARS Configuration
· Configuring Reporting and Mitigation Devices
· Adding Cisco Security and Network Devices into the Cisco Security MARS Appliance
· Adding Security and Network Devices from Other Vendors into the Cisco Security MARS Appliance
· Working with User Defined Log Parser Templates

Cisco Security MARS Incident Investigation
· Network Summary
· Case Management
· Incident Investigation
· Sending Notifications

Cisco Security MARS Rules and Management
· Cisco Security MARS Rules
· Cisco Security MARS Management
· System Maintenance
· Cisco Security MARS Global Controller
Are there entry requirements?
· CCNA Security is a prerequisite
· This course/exam is an elective for the CCSP certification.
· It is recommended that the learner also take SNRS v3.0, SNAF v1.0 and IPS v6.0 prior to this course/exam.

What's included?
Our package includes full course materials.
Although the course is non-residential, we offer help finding appropriate hotels, close to the training venue. To take advantage of this offer, drop us an email after you book your course.

Additional info

Please note: the cost of the exam is not part of the course cost. The exam can be booked with us at an additional charge and taken at an exam venue in the UK at a later date.

Cisco - Implementing Cisco Security Monitoring, Analysis and Response System

£ 1,645 + VAT