Cisco StealthWatch Solution Overview Workshop Training (CSWSO)

Cisco StealthWatch Solution Overview Workshop Training (CSWSO)

Course Delivery

This Course is available in the following format:

Request this course in a different delivery format

GSA Schedule 70 Saving for Government Customers

Course Overview:

Cisco StealthWatch Solution Overview Workshop Training (CSWSO) – Hands-on

Cisco StealthWatch Solution Overview Workshop Training (CSWSO) is designed to provide knowledge to Cisco partners and customers who are responsible for detecting advanced and persistent security threats in order to combat cyber attacks. This workshop provides partner and customer engineers with an overview of Cisco StealthWatch Solution, required and optional components and shows how to analyze security events and alarms, hunt threats and respond to incidents.

Audience / Target Group:

The target audience for this Cisco StealthWatch Solution Overview Workshop Training (CSWSO) course:

Cisco customers and partners planning to implement and use Cisco StealthWatch for network data collection and analysis to deliver comprehensive visibility and protection for any type of the network.

Class Prerequisites:

The knowledge and skills that a learner must have before attending this Cisco StealthWatch Solution Overview Workshop Training (CSWSO) course are as follows:

It is recommended that the learner have the following skills before attending this course:

● Cisco Certified Network Associate Routing and Switching (CCNA R&S) certification
● Cisco Certified Network Professional Security (CCNP Security) certification
● Operating system administration familiarity (for example, Linux and Windows)

What You Will Learn:

Upon completing this Cisco StealthWatch Solution Overview Workshop Training (CSWSO) course, learners will be able to meet these objectives:

After attending this workshop, students will be be able to:

● Understand the role of NetFlow in network telemetry
● Position different components of Cisco StealthWatch solution
● Understand the threat detection and incident response processes

Cisco StealthWatch Solution Overview Workshop Training (CSWSO) – Course Syllabus:

Day 1

Module 1: Network Telemetry

The Need for Network Telemetry
NetFlow Fundamentals
NetFlow Security Event Logging (NSEL)
Cisco StealthWatch Solution Overview

Module 2: Architecture and Components of Cisco StealthWatch

StealthWatch Architecture
Required Components and Licenses
Flow Collector
StealthWatch Management Console (SMC)
Flow License
Optional Components and Licenses
Flow Sensor
UDP Director
Threat Intelligence License
Proxy License
Identity Integration
Cloud License
Endpoint Concentrator
Learning Network License
Security Packet Analyzer

Module 3: Design Guidance

Sizing the Solution
StealthWatch High Availability Design
Enterprise Tree and Host Groups

Module 4: Detecting Threats

Anomaly Detection Model
Security Events
Alarm Categories
Threat Hunting
Incident Response

Day 2

StealthWatch Solution Labs

Lab 1: The WebUI
Lab 2: The Swing Client
Lab 3: Inspecting Host Group setup
Lab 4: Performing Flow Queries
Lab 5: Using Documents
Lab 6: Confirming the parameters of a rule/policy
Lab 7: Investigating an Alarm
Lab 8: Copyright Infringement Event
Lab 9: Verify Cisco TrustSec Implementation
Lab 10: Malware Investigation
Lab 11: Investigating Proxy Connections
Lab 12: Insider Threat Detection
Lab 13: Building an audit trail

Whether you are looking for general information or have a specific question, we want to help!

Request More Information

Print Friendly, PDF & Email