Catalogo corsi 2019

RSA Security Analytics 10.3 Administration (RSA SA ADM)

Prerequisite Knowledge/Skills

  • Familiarity with networking fundamentals and general information security concepts. Familiarity with Linux.

Audience

  • RSA Security Analytics Administrators

Overview

  • The course provides an overview of RSA Security Analytics, hands-on configuration of components, managing users, and creating filters and rules. Additionally, the course covers integration with enVision and monitoring capabilities.
  • Course Objectives:
    • Describe the Security Analytics architecture
    • Describe the Security Analytics Warehouse
    • Describe the licensing process
    • Describe the Security Analytics User Interface
    • Customize the interface
    • Configure and license devices
    • Create device groups
    • Add users and groups
    • Set permissions for users and groups
    • Configure external authentication to Active Directory
    • Set up integration with RSA enVision or event sources
    • Configure data capture including log collection
    • Configure Live Manager
    • Deploy feeds to the Decoder
    • Configure the Reporting Engine
    • Create filters and rules on the Decoder
    • Use the REST API for basic tasks
    • Configure SNMP
    • Monitor the environment
    • Identify and resolve issues
    • Describe the RSA enVision to Security Analytics migration process

Course Outline

  • RSA Security Analytics Overview
    • What is RSA Security Analytics
    • RSA Security Analytics architecture
    • Licensing
    • RSA Security Analytics Data flow
    • Data sources
    • Deployment scenarios
    • The Virtual Environment
    • RSA Security Analytics user interface
    • Customizing the interface
  • Configuring RSA Security Analytics
    • Configuring devices
    • Configuring Live
    • Custom feeds
    • Configuration files
    • Configuring the Reporting Engine
    • Configuring Context Menu Actions
    • Configuring the Warehouse
    • Configuring the Warehouse Connector
    • Configuring the Archiver
    • Configuring Event Stream Analysis (ESA)
    • Configuring Malware Analysis
  • Setting Up Data Collection
    • Setting up capture for packets and log data
    • Configuring log collection
    • Setting up collection for: File Reader, Windows, ODBC, Check Point, WMware, SDEE, SNMP, Syslog
    • Testing data capture
  • Managing Users
    • User administration overview
    • Managing device users
    • Managing RSA Security Analytics users
    • Configuring external authentication (Active Directory)
  • Creating Rules, Reports and Alerts
    • Rules overview: Rules Data Flow,BPF, Network Rules, Application Rules, Correlation Rules
    • Navigating data
    • Creating Reports
    • Creating Charts
    • Creating Alerts
    • Role Based Access Control
  • Monitoring the environment
    • Viewing statistics
    • Monitoring devices
    • Monitoring query performance
    • Monitoring Concentrator aggregation
    • Tuning the Index
    • Resetting the databases
    • Viewing logs
    • REST API
    • Troubleshooting log collection
    • Crash Reporter
  • Migrating from RSA enVision to RSA Security Analytics
    • Migration overview
    • The Z-Connector
    • Configuring the IPDB Extractor Service
    • Migrating enVision data

Notes

  • The training will be held in english language
  • Il prezzo del corso รจ da concordare, per tutte le informazioni sui prezzi ed offerte, prego inviare mail a training.ecs.it@arrow.com

Price

STANDARD

€0.00 (Iva esclusa)
€0.00 (IVA inclusa)

Duration

3 Days