Module 1: Overview. Module 2: AlienVault USM Solution Deployment. Module 3: AlienVault USM Basic Configuration

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Module 1: Overview. Module 2: AlienVault USM Solution Deployment. Module 3: AlienVault USM Basic Configuration"

Transcription

1 Module 1: Overview This module provides an overview of the AlienVault Unified Security Management (USM) solution. Upon completing this module, you will meet these objectives: Describe the goal of network security. Provide an overview of AlienVault USM. Describe AlienVault Threat Intelligence. Describe AlienVault USM architecture. This module includes these topics: Network Security AlienVault USM Overview AlienVault Threat Intelligence AlienVault USM Architecture Module 2: AlienVault USM Solution Deployment This module describes AlienVault Unified Security Management (USM) deployment options and explains how to prepare for the deployment. Upon completing this module, you will meet these objectives: Describe AlienVault deployment types. Provide AlienVault deployment examples. Describe AlienVault component profiles. Describe how to prepare for AlienVault deployment. Describe AlienVault deployment best practices. Deployment Types Deployment Examples AlienVault Component Profiles Deployment Preparation Deployment Best Practices Lab 2-1: AlienVault USM Solution Deployment Module 3: AlienVault USM Basic Configuration This module describes AlienVault Unified Security Management (USM) installation, basic configuration and verification, and graphical user interface. Upon completing this module, you will meet these objectives: Deploy and install AlienVault USM. Describe AlienVault USM graphical user interface. Initially configure AlienVault USM. Verify basic AlienVault USM operations. 1 AlienVault USM for Security Engineers, V1.0 Copyright 2014 AlienVault. All rights reserved.

2 Initial Configuration AlienVault USM User Interface Basic Configuration Lab 3-1: AlienVault USM Basic Configuration Verify Basic Operations Lab 3-2: Verify AlienVault USM Basic Operations Module 4: Asset Management This module describes AlienVault Unified Security Management (USM) asset management. Upon completing this module, you will meet these objectives: Describe AlienVault USM assets. Describe asset management. Configure asset groups. Configure networks and network groups. Configure asset discovery. Assets Assets Management Asset Groups Networks and Network Groups Asset Discovery Lab 4-1: Manage AlienVault USM Assets Module 5: Security Intelligence This module describes AlienVault Unified Security Management (USM) security intelligence, which utilizes data source plugins to normalize events from various data sources. It also includes correlation to detect security threats by tracking behavior patterns, as well as Open Threat exchange (OTX) to provide reputation data on offending IP addresses. Upon completing this module, you will meet these objectives: Describe data aggregation and normalization. Describe data sources and data source plugins. Describe events and risk calculation. Describe logical correlation and cross-correlation. Provide an overview of OTX. This module includes these topics: Data Aggregation and Detection Data Sources Events and Risk Calculation 2 AlienVault USM for Security Engineers, V1.0 Copyright 2014 AlienVault. All rights reserved.

3 Correlation OTX Review Module 6: Policies and Actions This module describes AlienVault Unified Security Management (USM) policies which are used to influence event processing, and to filter unnecessary events and false positives. The module also describes actions that can be configured as policy consequences. Upon completing this module, you will meet these objectives: Describe AlienVault USM policies. Describe AlienVault USM actions. Configure policies and actions. Policies Actions Configure Policies Lab 6-1: Configure Policies and Actions Module 7: Security Analysis This module describes security analysis of alarms and events produced by AlienVault Unified Security Management (USM). The module starts with a description of a security analysis process, then reviews Dashboards and Alarms, and then gives a detailed breakdown of the steps and tools available during the process of security analysis. Upon completing this module, you will meet these objectives: Describe AlienVault USM security analysis process. Evaluate AlienVault USM dashboards. Evaluate AlienVault USM alarms. Evaluate AlienVault USM OTX data and external resources. Use the AlienVault USM ticketing system. Evaluate AlienVault USM events. Evaluate AlienVault USM assets and vulnerabilities. Evaluate AlienVault USM raw logs. Use the integrated Tshark packet capture tool. Evaluate AlienVault USM dashboards. Security Analysis Process Examine Dashboards Examine Alarms Examine OTX Data and External Resources Tickets AlienVault USM for Security Engineers, V1.0 Copyright 2014 AlienVault. All rights reserved 3

4 Examine Events Examine Assets and Vulnerabilities Examine Raw Logs Capture Packets Module 8: Reporting Lab 7-1: Perform Security Analysis This module describes AlienVault Unified Security Management (USM) reporting. The module first describes reporting system. The module describes how to generate, view, and schedule reports, and how to customize reports or how to generate custom ones. Upon completing this module, you will meet these objectives: Describe AlienVault USM reporting system. Run, schedule, and view a report. Create custom reports, modules, and layouts. Reports Running Reports Creating Custom Reports Lab 8-1: Run, Schedule, and Customize a Report Module 9: Threat Detection This module describes AlienVault Unified Security Management (USM) threat detection functionalities. The module first describes the Intrusion Detection System (IDS). Then the module describes three types of AlienVault USM IDS functionalities: network IDS, host IDS, and wireless IDS. The module also describes the AlienVault USM vulnerability assessment functionality. Upon completing this module, you will meet these objectives: Describe IDS system. Configure AlienVault USM network IDS. Configure AlienVault USM host IDS. Configure AlienVault USM wireless IDS. Configure and perform AlienVault USM vulnerability assessment. Configure AlienVault USM network IDS. IDS System Network IDS Host IDS Wireless IDS Vulnerability Assessment Lab 9-1: Deploy AlienVault USM Threat Detection Features 4 AlienVault USM for Security Engineers, V1.0 Copyright 2014 AlienVault. All rights reserved.

5 Module 10: Behavioral Monitoring This module describes AlienVault Unified Security Management (USM) behavioral monitoring functionalities. The module first (briefly) describes log collection. Then the module describes AlienVault USM NetFlow collection. The module also explains the AlienVault USM availability monitoring functionality. Upon completing this module, you will meet these objectives: Describe and configure AlienVault USM log collection. Describe and configure AlienVault USM NetFlow collection. Describe and configure AlienVault USM availability monitoring. Log Collection NetFlow Availability Monitoring Lab 10-1: Deploy AlienVault USM Availability Monitoring Module 11: Customizing Security Intelligence This module describes how to customize security intelligence in AlienVault Unified Security Management (USM) system. The module first describes how to customize or create custom data source plugins. Then the module describes how to customize or create new correlation directives. Upon completing this module, you will meet these objectives: Customize data source plugins. Customize correlation directives. Customizing Data Source Plugins Customizing Correlation Directives Lab 11-1: Customize Security Intelligence Module 12: System Maintenance This module describes AlienVault Unified Security Management (USM) system maintenance. The module first describes for how long AlienVault USM stores alarms, events, and logs, and how you can modify retention settings. Then the module describes how to perform events and full system backup and restore. The module also describes how to update the AlienVault USM system and threat intelligence feeds, and how to perform factory default restore. Upon completing this module, you will meet these objectives: Describe AlienVault USM alarms, events, and logs retention. Describe how to perform backup and restore of events data. Describe how to upgrade AlienVault USM system and threat intelligence feed. Describe how to perform AlienVault USM full system backup and restore. Describe how to perform AlienVault USM factory default restore. AlienVault USM for Security Engineers, V1.0 Copyright 2014 AlienVault. All rights reserved 5

6 Events, Alarms, and Logs Retention Events Backup and Restore Upgrading System and Threat Intelligence Feed Full System Backup and Restore System Factory Default Restore Lab 12-1: Maintain AlienVault USM System Module 13: Administrative User Management This module describes AlienVault Unified Security Management (USM) administrative user management. The module first describes what administrative users are required for. Then the module describes how to change settings of an administartive user, how to manage administrative user accounts, and how to manage global authentication settings. The module also describes administrative user activity accounting, and how to perform admin user account password recovery. Upon completing this module, you will meet these objectives: Describe administrative user management. Manage my user profile. Manage administrative users. Describe administrative user accounting. Manage global authentications settings. Recover admin user account password. Administrative User Management Manage My User Profile Manage Administrative Users Manage Global Authentication Settings Administrative User Accounting Recover Admin Password Lab 13-1: Manage Administrative Users Module 14: Complex Deployment This module describes AlienVault Unified Security Management (USM) complex deployment. The module first provides some examples when distributed deployment is required. Then the module describes how to scale the AlienVault system. The module also describes AlienVault Center, and correlation contexts and entities. Upon completing this module, you will meet these objectives: Describe AlienVault USM deployments. Scale AlienVault USM deployment. Describe AlienVault Center. Describe correlation contexts and entities. 6 AlienVault USM for Security Engineers, V1.0 Copyright 2014 AlienVault. All rights reserved.

7 AlienVault USM Deployments Scaling AlienVault USM System AlienVault Center Correlation Contexts and Entities AlienVault USM for Security Engineers, V1.0 Copyright 2014 AlienVault. All rights reserved 7

Module 2: AlienVault USM Basic Configuration and Verifying Operations

Module 2: AlienVault USM Basic Configuration and Verifying Operations Course Introduction Module 1: Overview The Course Introduction provides learners with the course objectives and prerequisite learner skills and knowledge. The Course Introduction presents the course flow

More information

AlienVault Unified Security Management (USM) 4.x-5.x. Deployment Planning Guide

AlienVault Unified Security Management (USM) 4.x-5.x. Deployment Planning Guide AlienVault Unified Security Management (USM) 4.x-5.x Deployment Planning Guide USM 4.x-5.x Deployment Planning Guide, rev. 1 Copyright AlienVault, Inc. All rights reserved. The AlienVault Logo, AlienVault,

More information

The SIEM Evaluator s Guide

The SIEM Evaluator s Guide Using SIEM for Compliance, Threat Management, & Incident Response Security information and event management (SIEM) tools are designed to collect, store, analyze, and report on log data for threat detection,

More information

How to send emails triggered by events

How to send emails triggered by events Complete. Simple. Affordable Copyright 2014 AlienVault. All rights reserved. AlienVault, AlienVault Unified Security Management, AlienVault USM, AlienVault Open Threat Exchange, AlienVault OTX, Open Threat

More information

Unified Security Management

Unified Security Management Unified Security Reduce the Cost of Compliance Introduction In an effort to achieve a consistent and reliable security program, many organizations have adopted the standard as a key compliance strategy

More information

AlienVault Unified Security Management Solution Complete. Simple. Affordable Life Cycle of a log

AlienVault Unified Security Management Solution Complete. Simple. Affordable Life Cycle of a log Complete. Simple. Affordable Copyright 2014 AlienVault. All rights reserved. AlienVault, AlienVault Unified Security Management, AlienVault USM, AlienVault Open Threat Exchange, AlienVault OTX, Open Threat

More information

AlienVault. Unified Security Management (USM) 5.1 Running the Getting Started Wizard

AlienVault. Unified Security Management (USM) 5.1 Running the Getting Started Wizard AlienVault Unified Security Management (USM) 5.1 Running the Getting Started Wizard USM v5.1 Running the Getting Started Wizard, rev. 2 Copyright 2015 AlienVault, Inc. All rights reserved. The AlienVault

More information

Discover Security That s Highly Intelligent.

Discover Security That s Highly Intelligent. Discover Security That s Highly Intelligent. AlienVault delivers everything you need to detect, defend against, & respond to today s threats in minutes. About AlienVault Founded in 2007 and headquartered

More information

Device Integration: CyberGuard SG565

Device Integration: CyberGuard SG565 Complete. Simple. Affordable Copyright 2014 AlienVault. All rights reserved. AlienVault, AlienVault Unified Security Management, AlienVault USM, AlienVault Open Threat Exchange, AlienVault OTX, Open Threat

More information

AlienVault. Unified Security Management (USM) 5.x Policy Management Fundamentals

AlienVault. Unified Security Management (USM) 5.x Policy Management Fundamentals AlienVault Unified Security Management (USM) 5.x Policy Management Fundamentals USM 5.x Policy Management Fundamentals Copyright 2015 AlienVault, Inc. All rights reserved. The AlienVault Logo, AlienVault,

More information

SYSTEM BACKUP AND RESTORE (AlienVault USM 4.8+)

SYSTEM BACKUP AND RESTORE (AlienVault USM 4.8+) Complete. Simple. Affordable Copyright 2014 AlienVault. All rights reserved. AlienVault, AlienVault Unified Security Management, AlienVault USM, AlienVault Open Threat Exchange, AlienVault OTX, Open Threat

More information

Deploying HIDS Client to Windows Hosts

Deploying HIDS Client to Windows Hosts Complete. Simple. Affordable Copyright 2014 AlienVault. All rights reserved. AlienVault, AlienVault Unified Security Management, AlienVault USM, AlienVault Open Threat Exchange, AlienVault OTX, Open Threat

More information

WHAT IS LOG CORRELATION? Understanding the most powerful feature of SIEM WWW.ALIENVAULT.COM

WHAT IS LOG CORRELATION? Understanding the most powerful feature of SIEM WWW.ALIENVAULT.COM WHAT IS LOG CORRELATION? Understanding the most powerful feature of SIEM WWW.ALIENVAULT.COM IT S ALWAYS IN THE LOGS. 84% of Organizations that had their security breached in 2011, had evidence of the breach

More information

Device Integration: Checkpoint Firewall-1

Device Integration: Checkpoint Firewall-1 Complete. Simple. Affordable Copyright 2014 AlienVault. All rights reserved. AlienVault, AlienVault Unified Security Management, AlienVault USM, AlienVault Open Threat Exchange, AlienVault OTX, Open Threat

More information

Unified Security Management and Open Threat Exchange

Unified Security Management and Open Threat Exchange 13/09/2014 Unified Security Management and Open Threat Exchange RICHARD KIRK SENIOR VICE PRESIDENT 11 SEPTEMBER 2014 Agenda! A quick intro to AlienVault Unified Security Management (USM)! Overview of the

More information

AlienVault. Unified Security Management 5.x Configuration Backup and Restore

AlienVault. Unified Security Management 5.x Configuration Backup and Restore AlienVault Unified Security Management 5.x Configuration Backup and Restore USM 5.x Configuration Backup and Restore Copyright 2015 AlienVault, Inc. All rights reserved. The AlienVault Logo, AlienVault,

More information

User Management Guide

User Management Guide AlienVault Unified Security Management (USM) 4.x-5.x User Management Guide USM v4.x-5.x User Management Guide, rev 1 Copyright 2015 AlienVault, Inc. All rights reserved. The AlienVault Logo, AlienVault,

More information

Intrusion Detection in AlienVault

Intrusion Detection in AlienVault Complete. Simple. Affordable Copyright 2014 AlienVault. All rights reserved. AlienVault, AlienVault Unified Security Management, AlienVault USM, AlienVault Open Threat Exchange, AlienVault OTX, Open Threat

More information

How to configure High Availability (HA) in AlienVault USM (for versions 4.14 and prior)

How to configure High Availability (HA) in AlienVault USM (for versions 4.14 and prior) Complete. Simple. Affordable How to configure High Availability (HA) in AlienVault USM Copyright 2015 AlienVault. All rights reserved. AlienVault, AlienVault Unified Security Management, AlienVault USM,

More information

Device Integration: Cisco Wireless LAN Controller (WLC)

Device Integration: Cisco Wireless LAN Controller (WLC) Complete. Simple. Affordable Device Integration: Cisco Wireless LAN Controller (WLC) Copyright 2014 AlienVault. All rights reserved. AlienVault, AlienVault Unified Security Management, AlienVault USM,

More information

Monitoring VMware ESX Virtual Switches

Monitoring VMware ESX Virtual Switches Complete. Simple. Affordable Copyright 2014 AlienVault. All rights reserved. AlienVault, AlienVault Unified Security Management, AlienVault USM, AlienVault Open Threat Exchange, AlienVault OTX, Open Threat

More information

AlienVault. Unified Security Management 5.x Configuring a VPN Environment

AlienVault. Unified Security Management 5.x Configuring a VPN Environment AlienVault Unified Security Management 5.x Configuring a VPN Environment USM 5.x Configuring a VPN Environment, rev. 3 Copyright 2015 AlienVault, Inc. All rights reserved. The AlienVault Logo, AlienVault,

More information

Unified Security Management (USM) 5.2 Vulnerability Assessment Guide

Unified Security Management (USM) 5.2 Vulnerability Assessment Guide AlienVault Unified Security Management (USM) 5.2 Vulnerability Assessment Guide USM 5.2 Vulnerability Assessment Guide, rev 1 Copyright 2015 AlienVault, Inc. All rights reserved. The AlienVault Logo, AlienVault,

More information

THE BEST WAY TO CATCH A THIEF. Patrick Bedwell, Vice President, Product Marketing

THE BEST WAY TO CATCH A THIEF. Patrick Bedwell, Vice President, Product Marketing THE BEST WAY TO CATCH A THIEF Patrick Bedwell, Vice President, Product Marketing AlienVault Vision Accelerating and simplifying threat detection and incident response for IT teams with limited resources,

More information

Assets, Groups & Networks

Assets, Groups & Networks Complete. Simple. Affordable Copyright 2014 AlienVault. All rights reserved. AlienVault, AlienVault Unified Security Management, AlienVault USM, AlienVault Open Threat Exchange, AlienVault OTX, Open Threat

More information

AlienVault Unified Security Management for Government v4.12 & RT Logic CyberC4:Alert v4.12 User Management Guide

AlienVault Unified Security Management for Government v4.12 & RT Logic CyberC4:Alert v4.12 User Management Guide & RT Logic CyberC4:Alert v4.12 Copyright 2016 AlienVault. All rights reserved. DOCUMENT HISTORY AND VERSION CONTROL Edition Date of Issue Description of Change(s) 01 08/01/15 Initial Version AlienVault,

More information

McAfee Security Information Event Management (SIEM) Administration Course 101

McAfee Security Information Event Management (SIEM) Administration Course 101 McAfee Security Information Event Management (SIEM) Administration Course 101 Intel Security Education Services Administration Course The McAfee SIEM Administration course from McAfee Education Services

More information

Device Integration: Citrix NetScaler

Device Integration: Citrix NetScaler Complete. Simple. Affordable Copyright 2014 AlienVault. All rights reserved. AlienVault, AlienVault Unified Security Management, AlienVault USM, AlienVault Open Threat Exchange, AlienVault OTX, Open Threat

More information

Network Metrics Content Pack for VMware vrealize Log Insight

Network Metrics Content Pack for VMware vrealize Log Insight Network Metrics Content Pack for VMware vrealize Log Insight User Manual Version 2.1 June, 2015 Copyright 2012-2015 NetFlow Logic Corporation. All rights reserved. Patents Pending. Contents Introduction...

More information

Designing a Microsoft SharePoint 2010 Infrastructure

Designing a Microsoft SharePoint 2010 Infrastructure Course Code: M10231 Vendor: Microsoft Course Overview Duration: 5 RRP: 1,980 Designing a Microsoft SharePoint 2010 Infrastructure Overview This five day ILT course teaches IT professionals to design and

More information

Implementing Cisco Intrusion Prevention System 7.0 (IPS)

Implementing Cisco Intrusion Prevention System 7.0 (IPS) Implementing Cisco Intrusion Prevention System 7.0 (IPS) Course Overview: The Implementing Cisco Intrusion Prevention System (IPS) v7.0 course is a five-day course aims at providing network security engineers

More information

Suricata IDS. What is it and how to enable it

Suricata IDS. What is it and how to enable it Complete. Simple. Affordable Copyright 2014 AlienVault. All rights reserved. AlienVault, AlienVault Unified Security Management, AlienVault USM, AlienVault Open Threat Exchange, AlienVault OTX, Open Threat

More information

Table of Contents. Introduction. Audience. At Course Completion

Table of Contents. Introduction. Audience. At Course Completion Table of Contents Introduction Audience At Course Completion Prerequisites Microsoft Certified Professional Exams Student Materials Course Outline Introduction This three-day instructor-led course provides

More information

IBM Security QRadar SIEM Version 7.1.0 MR1. Administration Guide

IBM Security QRadar SIEM Version 7.1.0 MR1. Administration Guide IBM Security QRadar SIEM Version 7..0 MR Administration Guide Note: Before using this information and the product that it supports, read the information in Notices and Trademarks on page 07. Copyright

More information

SIEM FOR BEGINNERS EVERYTHING YOU WANTED TO KNOW ABOUT LOG MANAGEMENT BUT WERE AFRAID TO ASK. www.alienvault.com

SIEM FOR BEGINNERS EVERYTHING YOU WANTED TO KNOW ABOUT LOG MANAGEMENT BUT WERE AFRAID TO ASK. www.alienvault.com SIEM FOR BEGINNERS EVERYTHING YOU WANTED TO KNOW ABOUT LOG MANAGEMENT BUT WERE AFRAID TO ASK www.alienvault.com A Rose By Any Other Name SLM/LMS, SIM, SEM, SEC, SIEM Although the industry has settled on

More information

Juniper Secure Analytics Release Notes

Juniper Secure Analytics Release Notes Juniper Secure Analytics Release Notes 2014.5 February 2016 Juniper Networks is pleased to introduce JSA 2014.5. Juniper Secure Analytics (JSA) 2014.5 Release Notes provides new features, known issues

More information

Module: Sharepoint Administrator

Module: Sharepoint Administrator Module: Sharepoint Administrator Mode: Classroom Duration: 40 hours This course teaches IT Professionals to design and deploy Microsoft SharePoint 2010. Course Outline: Module 1: Designing a Logical Architecture

More information

AlienVault Unified Security Management (USM) 4.15-5.x. Configuring High Availability (HA)

AlienVault Unified Security Management (USM) 4.15-5.x. Configuring High Availability (HA) AlienVault Unified Security Management (USM) 4.15-5.x Configuring High Availability (HA) USM v4.15-5.x Configuring High Availability (HA), rev 1 Copyright 2015 AlienVault, Inc. All rights reserved. The

More information

FIREWALL CHECKLIST. Pre Audit Checklist. 2. Obtain the Internet Policy, Standards, and Procedures relevant to the firewall review.

FIREWALL CHECKLIST. Pre Audit Checklist. 2. Obtain the Internet Policy, Standards, and Procedures relevant to the firewall review. 1. Obtain previous workpapers/audit reports. FIREWALL CHECKLIST Pre Audit Checklist 2. Obtain the Internet Policy, Standards, and Procedures relevant to the firewall review. 3. Obtain current network diagrams

More information

AlienVault. Unified Security Management 4.4-5.x Offline Update and Software Restoration Procedures

AlienVault. Unified Security Management 4.4-5.x Offline Update and Software Restoration Procedures AlienVault Unified Security Management 4.4-5.x Offline Update and Software Restoration Procedures USM 4.4-5.x Offline Update and Software Restoration Procedures Copyright 2015 AlienVault, Inc. All rights

More information

Administering the Web Server (IIS) Role of Windows Server

Administering the Web Server (IIS) Role of Windows Server Course 10972A: Administering the Web Server (IIS) Role of Windows Server Course Details Course Outline Module 1: Overview and Installing Internet Information Services In this module students will learn

More information

State of SIEM Challenges, Myths & technology Landscape 4/21/2013 1

State of SIEM Challenges, Myths & technology Landscape 4/21/2013 1 State of SIEM Challenges, Myths & technology Landscape 4/21/2013 1 Introduction What s in a name? SIEM? SEM? SIM? Technology Drivers Challenges & Technology Overview Deciding what s right for you Worst

More information

How to build and run a Security Operations Center

How to build and run a Security Operations Center How to build and run a Security Operations Center v1.1 Nicolas FISCHBACH Senior Manager, Network Engineering Security, COLT Telecom nico@securite.org - http://www.securite.org/nico/ About Nicolas Fischbach

More information

ArcSight Logger Administration and Operations H0DW8S

ArcSight Logger Administration and Operations H0DW8S HP Education Services course data sheet ArcSight Logger Administration and Operations H0DW8S Course Overview ArcSight Logger Administration and Operations provides you with comprehensive training to quickly

More information

McAfee Network Security Platform Administration Course

McAfee Network Security Platform Administration Course McAfee Network Security Platform Administration Course Intel Security Education Services Administration Course The McAfee Network Security Platform Administration course from McAfee Education Services

More information

MS-55115: Planning, Deploying and Managing Microsoft Project Server 2013

MS-55115: Planning, Deploying and Managing Microsoft Project Server 2013 MS-55115: Planning, Deploying and Managing Microsoft Project Server 2013 Description The goal of this three-day instructor-led course is to provide students with the knowledge and skills necessary to effectively

More information

AlienVault Unified Security Management (USM) 4.x-5.x. Deploying HIDS Agents to Linux Hosts

AlienVault Unified Security Management (USM) 4.x-5.x. Deploying HIDS Agents to Linux Hosts AlienVault Unified Security Management (USM) 4.x-5.x Deploying HIDS Agents to Linux Hosts USM 4.x-5.x Deploying HIDS Agents to Linux Hosts, rev. 2 Copyright 2015 AlienVault, Inc. All rights reserved. AlienVault,

More information

Configuring a VPN Environment in USM v4.x

Configuring a VPN Environment in USM v4.x Complete. Simple. Affordable Copyright 2015 AlienVault. All rights reserved. AlienVault, AlienVault Unified Security Management, AlienVault USM, AlienVault Open Threat Exchange, AlienVault OTX, Open Threat

More information

Cautela Labs Cloud Agile. Secured. Threat Management Security Solutions at Work

Cautela Labs Cloud Agile. Secured. Threat Management Security Solutions at Work Cautela Labs Cloud Agile. Secured. Threat Management Security Solutions at Work Security concerns and dangers come both from internal means as well as external. In order to enhance your security posture

More information

SIEM: The Integralis Difference

SIEM: The Integralis Difference SIEM: The Integralis Difference January, 2013 Avoid the SIEM Pitfalls Get it right the first time Common SIEM challenges Maintaining staffing levels 24/7 Blended skills set, continuous building of rules

More information

55034-Project Server 2013 Inside Out

55034-Project Server 2013 Inside Out Course Outline 55034-Project Server 2013 Inside Out Duration: 5 days (30 hours) Target Audience: This course is intended for anyone that will need to manage and use Project Server 2013. This includes the

More information

Course 55115: Planning, Deploying and Managing Microsoft Project Server 2013

Course 55115: Planning, Deploying and Managing Microsoft Project Server 2013 CÔNG TY CỔ PHẦN TRƯỜNG CNTT TÂN ĐỨC TAN DUC INFORMATION TECHNOLOGY SCHOOL JSC LEARN MORE WITH LESS! Course 55115: Planning, Deploying and Managing Microsoft Project Server 2013 Length: 3 Days Audience:

More information

About this Course This 5 day ILT course teaches IT Professionals to design and deploy Microsoft SharePoint 2010.

About this Course This 5 day ILT course teaches IT Professionals to design and deploy Microsoft SharePoint 2010. Course 10231B: Designing a Microsoft SharePoint 2010 Infrastructure OVERVIEW About this Course This 5 day ILT course teaches IT Professionals to design and deploy Microsoft SharePoint 2010. Audience Profile

More information

IBM Security QRadar Vulnerability Manager Version 7.2.1. User Guide

IBM Security QRadar Vulnerability Manager Version 7.2.1. User Guide IBM Security QRadar Vulnerability Manager Version 7.2.1 User Guide Note Before using this information and the product that it supports, read the information in Notices on page 61. Copyright IBM Corporation

More information

Obtaining Enterprise Cybersituational

Obtaining Enterprise Cybersituational SESSION ID: SPO-R06A Obtaining Enterprise Cybersituational Awareness Eric J. Eifert Sr. Vice President Managed Security Services DarkMatter Agenda My Background Key components of the Cyber Situational

More information

Lab 8.4.2 Configuring Access Policies and DMZ Settings

Lab 8.4.2 Configuring Access Policies and DMZ Settings Lab 8.4.2 Configuring Access Policies and DMZ Settings Objectives Log in to a multi-function device and view security settings. Set up Internet access policies based on IP address and application. Set

More information

MS 10972A Administering the Web Server (IIS) Role of Windows Server

MS 10972A Administering the Web Server (IIS) Role of Windows Server MS 10972A Administering the Web Server (IIS) Role of Windows Server Description: Days: 5 Prerequisites: This course provides students with the fundamental knowledge and skills to configure and manage Internet

More information

Cisco Unified MobilityManager Version 1.2

Cisco Unified MobilityManager Version 1.2 Cisco Unified MobilityManager Version 1.2 Cisco Unified MobilityManager Version 1.1, Release 1.2 The Cisco Unified Communications system of voice and IP communications products and applications enables

More information

Managing Enterprise Devices and Apps using System Center Configuration Manager

Managing Enterprise Devices and Apps using System Center Configuration Manager Course 20696B: Managing Enterprise Devices and Apps using System Center Configuration Manager Course Details Course Outline Module 1: Managing Desktops and Devices in the Enterprise This module explains

More information

10972-Administering the Web Server (IIS) Role of Windows Server

10972-Administering the Web Server (IIS) Role of Windows Server Course Outline 10972-Administering the Web Server (IIS) Role of Windows Server Duration: 5 days (30 hours) Target Audience: This course is intended for IT Professionals already experienced in general Windows

More information

GE Measurement & Control. Cyber Security for NERC CIP Compliance

GE Measurement & Control. Cyber Security for NERC CIP Compliance GE Measurement & Control Cyber Security for NERC CIP Compliance GE Proprietary Information: This document contains proprietary information of the General Electric Company and may not be used for purposes

More information

Using Automated, Detailed Configuration and Change Reporting to Achieve and Maintain PCI Compliance Part 4

Using Automated, Detailed Configuration and Change Reporting to Achieve and Maintain PCI Compliance Part 4 WHITEPAPER Using Automated, Detailed Configuration and Change Reporting to Achieve and Maintain PCI Compliance Part 4 An in-depth look at Payment Card Industry Data Security Standard Requirements 10, 11,

More information

Completed. Document Name. NERC CIP Requirements CIP-002 Critical Cyber Asset Identification R1 Critical Asset Identifaction Method

Completed. Document Name. NERC CIP Requirements CIP-002 Critical Cyber Asset Identification R1 Critical Asset Identifaction Method NERC CIP Requirements CIP-002 Critical Cyber Asset Identification R1 Critical Asset Identifaction Method R2 Critical Asset Identification R3 Critical Cyber Asset Identification Procedures and Evaluation

More information

What s New in Security Analytics 10.4. Be the Hunter.. Not the Hunted

What s New in Security Analytics 10.4. Be the Hunter.. Not the Hunted What s New in Security Analytics 10.4 Be the Hunter.. Not the Hunted Attackers Are Outpacing Detection Attacker Capabilities Time To Discovery Source: VERIZON 2014 DATA BREACH INVESTIGATIONS REPORT 2 TRANSFORM

More information

Administering the Web Server (IIS) Role of Windows Server

Administering the Web Server (IIS) Role of Windows Server Course 10972B: Administering the Web Server (IIS) Role of Windows Server Page 1 of 7 Administering the Web Server (IIS) Role of Windows Server Course 10972B: 4 days; Instructor-Led Introduction This course

More information

IBM Security QRadar Vulnerability Manager Version 7.2.6. User Guide IBM

IBM Security QRadar Vulnerability Manager Version 7.2.6. User Guide IBM IBM Security QRadar Vulnerability Manager Version 7.2.6 User Guide IBM Note Before using this information and the product that it supports, read the information in Notices on page 91. Product information

More information

Tenable for CyberArk

Tenable for CyberArk HOW-TO GUIDE Tenable for CyberArk Introduction This document describes how to deploy Tenable SecurityCenter and Nessus for integration with CyberArk Enterprise Password Vault. Please email any comments

More information

How to enable File Integrity Monitoring (FIM)

How to enable File Integrity Monitoring (FIM) Complete. Simple. Affordable How to enable File Integrity Monitoring (FIM) AlienVault, AlienVault Unified Security Management, AlienVault USM, AlienVault Open Threat Exchange, AlienVault OTX, Open Threat

More information

Structured Threats 21 External Threats 22 Internal Threats 22 Network Attacks 22 Reconnaissance Attacks 22 Access Attacks 23 Data Retrieval 23 System

Structured Threats 21 External Threats 22 Internal Threats 22 Network Attacks 22 Reconnaissance Attacks 22 Access Attacks 23 Data Retrieval 23 System xii Contents Structured Threats 21 External Threats 22 Internal Threats 22 Network Attacks 22 Reconnaissance Attacks 22 Access Attacks 23 Data Retrieval 23 System Access 24 Privilege Escalation 24 DoS

More information

SCADA Compliance Tools For NERC-CIP. The Right Tools for Bringing Your Organization in Line with the Latest Standards

SCADA Compliance Tools For NERC-CIP. The Right Tools for Bringing Your Organization in Line with the Latest Standards SCADA Compliance Tools For NERC-CIP The Right Tools for Bringing Your Organization in Line with the Latest Standards OVERVIEW Electrical utilities are responsible for defining critical cyber assets which

More information

LEARNING SOLUTIONS website milner.com/learning email training@milner.com phone 800 875 5042

LEARNING SOLUTIONS website milner.com/learning email training@milner.com phone 800 875 5042 Course 6451B: Planning, Deploying and Managing Microsoft System Center Configuration Manager 2007 Length: 3 Days Published: June 29, 2012 Language(s): English Audience(s): IT Professionals Level: 300 Technology:

More information

Gatekeeper PKI Framework. February 2009. Registration Authority Operations Manual Review Criteria

Gatekeeper PKI Framework. February 2009. Registration Authority Operations Manual Review Criteria Gatekeeper PKI Framework ISBN 1 921182 24 5 Department of Finance and Deregulation Australian Government Information Management Office Commonwealth of Australia 2009 This work is copyright. Apart from

More information

This instructor-led course will show you the new architectural changes made to SharePoint 2010 and how to upgrade your 2007 environment to 2010.

This instructor-led course will show you the new architectural changes made to SharePoint 2010 and how to upgrade your 2007 environment to 2010. 50353B: SharePoint 2010 for IT Professionals Course Number: 50353B Course Length: 3 Day Course This instructor-led course will show you the new architectural changes made to SharePoint 2010 and how to

More information

Technology Solutions for NERC CIP Compliance June 25, 2015

Technology Solutions for NERC CIP Compliance June 25, 2015 Technology Solutions for NERC CIP Compliance June 25, 2015 2 Encari s Focus is providing NERC CIP Compliance Products and Services for Generation and Transmission Utilities, Municipalities and Cooperatives

More information

QRadar SIEM and FireEye MPS Integration

QRadar SIEM and FireEye MPS Integration QRadar SIEM and FireEye MPS Integration March 2014 1 IBM QRadar Security Intelligence Platform Providing actionable intelligence INTELLIGENT Correlation, analysis and massive data reduction AUTOMATED Driving

More information

70 299 Implementing and Administering Security in a Microsoft Windows Server 2003 Network

70 299 Implementing and Administering Security in a Microsoft Windows Server 2003 Network 70 299 Implementing and Administering Security in a Microsoft Windows Server 2003 Network Course Number: 70 299 Length: 1 Day(s) Course Overview This course is part of the MCSA training.. Prerequisites

More information

FortiGate Multi-Threat Security Systems I Administration, Content Inspection and SSL VPN Course #201

FortiGate Multi-Threat Security Systems I Administration, Content Inspection and SSL VPN Course #201 FortiGate Multi-Threat Security Systems I Administration, Content Inspection and SSL VPN Course #201 Course Overview Through this 2-day instructor-led classroom or online virtual training, participants

More information

Computer Security: Principles and Practice

Computer Security: Principles and Practice Computer Security: Principles and Practice Chapter 17 IT Security Controls, Plans and Procedures First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Implementing IT Security

More information

Project Server 2013 Inside Out Course 55034; 5 Days, Instructor-led

Project Server 2013 Inside Out Course 55034; 5 Days, Instructor-led Project Server 2013 Inside Out Course 55034; 5 Days, Instructor-led Course Description This course will teach you how to work with Microsoft Project Server 2013. You will also create and manage projects

More information

Microsoft Project Server 2010 Technical Boot Camp

Microsoft Project Server 2010 Technical Boot Camp Microsoft Project Server 2010 Technical Boot Camp Course M50558 5 Day(s) 30:00 Hours Introduction Course retirement date: November 30, 2012 For a complete list of courseware retirements, see: www.microsoft.com/learning/en/us/training/retired

More information

GE Measurement & Control. Cyber Security for Industrial Controls

GE Measurement & Control. Cyber Security for Industrial Controls GE Measurement & Control Cyber Security for Industrial Controls Contents Overview...3 Cyber Asset Protection (CAP) Software Update Subscription....4 SecurityST Solution Options...5 Centralized Account

More information

ITG Software Engineering

ITG Software Engineering IBM WebSphere Administration 8.5 Course ID: Page 1 Last Updated 12/15/2014 WebSphere Administration 8.5 Course Overview: This 5 Day course will cover the administration and configuration of WebSphere 8.5.

More information

Citrix NetScaler 10 Essentials and Networking

Citrix NetScaler 10 Essentials and Networking Citrix NetScaler 10 Essentials and Networking CNS205 Rev 04.13 5 days Description The objective of the Citrix NetScaler 10 Essentials and Networking course is to provide the foundational concepts and advanced

More information

Deploying Cisco Basic Wireless LANs WDBWL v1.1; 3 days, Instructor-led

Deploying Cisco Basic Wireless LANs WDBWL v1.1; 3 days, Instructor-led Deploying Cisco Basic Wireless LANs WDBWL v1.1; 3 days, Instructor-led Course Description This 3-day instructor-led, hands-on course provides learners with skills and resources required to successfully

More information

Cisco Advanced Services for Network Security

Cisco Advanced Services for Network Security Data Sheet Cisco Advanced Services for Network Security IP Communications networking the convergence of data, voice, and video onto a single network offers opportunities for reducing communication costs

More information

TABLE OF CONTENT. Page 2 of 9 INTERNET FIREWALL POLICY

TABLE OF CONTENT. Page 2 of 9 INTERNET FIREWALL POLICY IT FIREWALL POLICY TABLE OF CONTENT 1. INTRODUCTION... 3 2. TERMS AND DEFINITION... 3 3. PURPOSE... 5 4. SCOPE... 5 5. POLICY STATEMENT... 5 6. REQUIREMENTS... 5 7. OPERATIONS... 6 8. CONFIGURATION...

More information

Official Cert Guide. CCNP Security IPS 642-627. Odunayo Adesina, CCIE No. 26695 Keith Barker, CCIE No. 6783. Cisco Press.

Official Cert Guide. CCNP Security IPS 642-627. Odunayo Adesina, CCIE No. 26695 Keith Barker, CCIE No. 6783. Cisco Press. CCNP Security IPS 642-627 Official Cert Guide David Burns Odunayo Adesina, CCIE No. 26695 Keith Barker, CCIE No. 6783 Cisco Press 800 East 96th Street Indianapolis, IN 46240 Contents Introduction xxviii

More information

SP-2002-10231 - Designing a Microsoft SharePoint 2010 Infrastructure

SP-2002-10231 - Designing a Microsoft SharePoint 2010 Infrastructure SP-2002-10231 - Designing a Microsoft SharePoint 2010 Infrastructure Duration: 5 days Course Price: $2,975 Software Assurance Eligible Course Description Course Overview This 5 day ILT training course

More information

IBM Security. 2013 IBM Corporation. 2013 IBM Corporation

IBM Security. 2013 IBM Corporation. 2013 IBM Corporation IBM Security Security Intelligence What is Security Intelligence? Security Intelligence --noun 1.the real-time collection, normalization and analytics of the data generated by users, applications and infrastructure

More information

Citrix NetScaler 10.5 Essentials for ACE Migration CNS208; 5 Days, Instructor-led

Citrix NetScaler 10.5 Essentials for ACE Migration CNS208; 5 Days, Instructor-led Citrix NetScaler 10.5 Essentials for ACE Migration CNS208; 5 Days, Instructor-led Course Description The objective of the Citrix NetScaler 10.5 Essentials for ACE Migration course is to provide the foundational

More information

Company & Solution Profile

Company & Solution Profile Company & Solution Profile About Us NMSWorks Software Limited is an information technology company specializing in developing Carrier grade Integrated Network Management Solutions for the emerging convergent

More information

information security and its Describe what drives the need for information security.

information security and its Describe what drives the need for information security. Computer Information Systems (Forensics Classes) Objectives for Course Challenges CIS 200 Intro to Info Security: Includes managerial and Describe information security and its critical role in business.

More information

SonicWALL Security Dashboard

SonicWALL Security Dashboard Document Scope This document describes how to use the feature on a SonicWALL security appliance running SonicOS 3.8 firmware or later. This document contains the following sections: Overview section on

More information

IPS Anti-Virus Configuration Example

IPS Anti-Virus Configuration Example IPS Anti-Virus Configuration Example Keywords: IPS, AV Abstract: This document presents a configuration example for the AV feature of the IPS devices. Acronyms: Acronym Full spelling IPS AV Intrusion Prevention

More information

IPS Attack Protection Configuration Example

IPS Attack Protection Configuration Example IPS Attack Protection Configuration Example Keywords: IPS Abstract: This document presents a configuration example for the attack protection feature of the IPS devices. Acronyms: Acronym Full spelling

More information

Avaya WLAN Orchestration System

Avaya WLAN Orchestration System Avaya WLAN Orchestration System Overview The Avaya WLAN Orchestration System (WOS) is a wireless network management platform that provides full monitoring and management of the Avaya WLAN 9100 Series network

More information

55115 - Planning, Deploying and Managing Microsoft Project Server 2013

55115 - Planning, Deploying and Managing Microsoft Project Server 2013 55115 - Planning, Deploying and Managing Microsoft Project Server 2013 Duration: 3 Days Course Price: $1,785 Software Assurance Eligible Course Description Course Overview The goal of this three-day instructor-led

More information

Kevin Hayes, CISSP, CISM MULTIPLY SECURITY EFFECTIVENESS WITH SIEM

Kevin Hayes, CISSP, CISM MULTIPLY SECURITY EFFECTIVENESS WITH SIEM Kevin Hayes, CISSP, CISM MULTIPLY SECURITY EFFECTIVENESS WITH SIEM TODAY S AGENDA Describe the need for SIEM Explore different options available for SIEM Demonstrate a few Use Cases Cover some caveats

More information

ASDI Full Audit Guideline Federal Aviation Administration

ASDI Full Audit Guideline Federal Aviation Administration ASDI Full Audit Guideline Federal Aviation Administration Purpose of this Document This document is intended to provide guidance on the contents of the Aircraft Situation Display to Industry (ASDI) full

More information

Advanced IT Pro Course for Office SharePoint Server 2007 and SharePoint Services 3.0

Advanced IT Pro Course for Office SharePoint Server 2007 and SharePoint Services 3.0 Advanced IT Pro Course for Office SharePoint Server 2007 and SharePoint Services 3.0 50047: Advanced IT Pro Course for Microsoft Office SharePoint Server 2007 and Windows SharePoint Services 3.0 (5 Days)

More information