0 Íconos | 0,00
Go

Global Knowledge | Cursos y Certificaciones


Implementing Cisco Security Monitoring, Analysis and Response Systems

Código del curso: MARS
Duración: 4
Precio: €1.240,00 (sin IVA)

Añadir a favoritos | Imprimir
Temario 

The Cisco Security Monitoring Analysis and Response System (CS-MARS) is part of the Cisco Security Management Suite which provides security monitoring for network security devices and host application made by Cisco or non-Cisco providers. In addition to event correlation and data reduction features found in SIM products, CS-MARS also provides topology awareness and automatic mitigation features. In knowing the topology of a network, CS-MARS can determine where the attack is originating and apply the appropriate remediation. CS-MARS is a key component in the Cisco Self Defending Network strategy. CS-MARS exchanges information with CS-Manager to provide a unified security management solution. For example, an administrator can view IPS signatures or the Firewall block / permit syslog messages received from sensors or firewalls. CS-MARS will communicate with CS-Manager and display the IPS signature table or firewall rule table. From there the IPS signature or firewall rule can be modified as necessary. Together CS-MARS and CS-Manager provide a unified management solution for monitoring and provisioning.


Pre-requisitos

CCNA Security is a prerequisite



Próximas fechas del curso

Solicita fechas disponibles. Por favor contáctanos






    Más información

    Channel Partner / Reseller - Customer - Employee

    Upon completing this course, you will be able to meet these objectives:

    • Use CS-MARS to monitor security and host application devices.
    • Know CS-MARS architecture and how CS-MARS process events.
    • Know how to use archive and restore features.
    • Use CS-MARS to run / create / customize reports
    • Use CS-MARS to investigate an incident and mitigate the security threats.
    • Use CS-MARS to do customer parser for unknown devices in CS-MARS.
    • Use CS-MARS to create / customize rules that detects dark net through best practices example.
    • Know how to tune signature / log level on device side and CS-MARS side.

    1. Introducing Cisco Security Monitoring, Analysis, and Response System

    2. Understanding the System Architecture

    3. Configuring a Cisco Security MARS Appliance

    4. Adding Reporting and Mitigation Devices

    5. Viewing the Summary Page

    6. Managing Rules

    7. Understanding Queries and Reports

    8. Investigating and Mitigating Incidents

    9. Working with User-Defined Log Parser Templates

    10. Integrating with Cisco Security Manager

    11. Managing and Administering the System

    12. Troubleshooting and Optimizing Cisco Security MARS

    13. Using the Cisco Security MARS Global Controller

    14. Course Review

    642-544 MARS

    • NAC – Network Admission Control
    • CANAC – Implementing Network Appliance (Cisco Clean Access)

    This course/exam is an elective for the CCSP certification.It is recommended that the learner also take SNRS v3.0, SNAF v1.0 and IPS v6.0 prior to this course/exam.



    © 2012 Global Knowledge Network Spain SLU. Inscrita en el Registro Mercantil de Madrid, Tomo: 10.520, Folio:1, Sección: 8, Hoja: M-166696, Inscripción: 1ª CIF: B81366668.
    Mapa del Sitio, Accessibility Policy, Política de Privacidad, Términos y Condiciones, Legal Information.
    RSS. (Srv: 222)