Securing Hosts Using Cisco Security Agent Equitrain
Price: TBA
  • Duration: 2 Days

Course details

HIPS is a lab-intensive Instructor-Led course which develops the knowledge and skills to deploy, configure and administer the Cisco Security Agent product to protect server and workstation hosts. It takes a task-oriented approach, using lecture and hands-on labs to teach the skills. The Cisco Security Agent functions to protect from intrusions, as compared to simply detecting attempted intrusions.

Target Audience

  • Engineers who support sales of Cisco security product solutions.
  • Cisco Channel Partners, who sell, implement and maintain secure networks.
  • Cisco Customers who implement and maintain secure networks.

Objectives

  • Describe the need for network security; understand attack types, methods and Cisco security wheel.
  • CSA overview – functionality, components and architecture.
  • CSAMC install – overview, system requirements for management console.
  • CSAMC quick start configuration –configure a group, build an agent kit, view registered hosts, configure a policy, attach a policy to a group and generate rule programs
  • CSAMC administration—accessing and using the management console.
  • Configure groups and manage hosts.Build agent kits and distributing software updates.
  • Develop a security policy.
  • Configure policies and rules for Windows and UNIX.
  • Use system correlation and heuristics.
  • Understand and configure application classes.
  • Configure variables—file sets, network address sets, network services, registry sets, COM component sets.
  • Use CSA Profiler for data analysis and as policy creation tool.
  • Configure and manage event logging, alerts and reports.Understand and use CSAMC utilities—start / stop service for servers and agent, webmgr utility, backup configurations, COM extract utility and export / import configurations.

Course Outline

Security Fundamentals

  • Need for Network Security
  • Network Security Policy
  • Network Attack Taxonomy

Cisco Security Agent Overview

  • Defense in Depth
  • Cisco Security Agent Architecture
  • Anatomy of an Attack and Response
  • Key Features of Cisco Security Agent

Cisco Security Agent Quick Start Installation

  • CSAMC System Requirements
  • CSA System Requirements
  • Installing the CSAMC
  • Configuring the CSAMC
  • Installing the CSA

Cisco Security Agent Management Center Administration

  • Using Cisco Securinty Agent Management Center

Using Event Logs and Generating Reports

  • The Event Log and Event Monitor
  • Configuring Event Sets
  • Configuring Alerts
  • Generating Reports

Configuring Groups and Managing Hosts

  • Configuring Groups
  • Building and Agent Kit
  • Managing Hosts
  • Deploying Scheduled Software Updates

Building Policies

  • Developing a Security Policy
  • Rule Basics
  • Policy Components
  • Configuring and Managing Policies
  • Rules common to Windows and Unix
  • Windows-Only Rules
  • Unix-only Rules

Defining Application Classes

  • About Application Classes
  • Configuring Static Application Classes
  • Dynamic Application Classes

Working with Variables

  • Data Sets
  • File Sets
  • Network Address & Services Sets
  • Registry Sets
  • COM Component Sets

Using Cisco Security Agent Profiler

  • Basics of Profiler
  • Configuring an Analysis Job
  • Starting Analysis
  • The profiler Policy
  • Profiler Reports
Updated on 08 November, 2015

About Equitrain

EquiTrain –a pision of Equinox International- equips organizations with IT skills that are the lifeblood of modern corporate life, as Theyll as the professional expertise required for ensuring productivity and to remain competitive now and tomorrow.

At EquiTrain, They tailor end-to-end training solutions that incorporate both IT and business consultancy to the specific needs of each inpidual customer. They can equip yTheir IT professionals with all they need to quickly maximize yTheir new technology investments as Theyll as pushing forward absolute beginners on their road to IT proficiency.

They offer a broad range of IT and Management training cTheirses and certifications from top technology vendors with a choice of on-site or offsite, public or closed and local or abroad training. Their portfolio of cTheirses is supplemented by Their strategic training alliance with world's leading providers of learning solutions.

See all Equitrain courses
Are you from Equitrain ? Claim your course!
Courses you can instantly connect with... Do an online course on Cisco starting now. See all courses

Is this the right course for you?

Rate this page

Didn't find what you were looking for ?

or