IBM Security Network Protection Administration and Configuration

IBM Security Network Prevention is a next-generation intrusion prevention system. This course provides the processes, procedures, and practice necessary to configure the Network Protection (XGS) appliance to protect your network. Students learn through hands-on labs how to configure the appliance, configure management and protection policies, and block a variety of common attacks.

Profil uczestnika

This course is designed for network and security professionals who evaluate, implement, manage, or monitor the IBM Security Network Protection appliance.

Agenda

Unit 1: Introduction to IBM Security Network Protection
Unit 2: Setting up the appliance
Unit 3: Managing the appliance
Unit 4: Configuring the Network Access Policy
Unit 5: Configuring the Intrusion Prevention Policy
Unit 6: Using alerts and events
Unit 7: Tuning Network Access Policy rules and Intrusion Prevention behavior
Unit 8: Capturing network traffic
Unit 9: Controlling user access
Unit 10: Inspecting SSL-encrypted traffic
Unit 11: Implementing SNORT rules
Unit 12: Configuring advanced threat protection
Unit 13: Integrating with QRadar SIEM
Unit 14: Monitoring event data

Wymagane przygotowanie uczestników

  • Basic knowledge of information security concepts
  • Familiarity with networking concepts, such as switching, routing, and firewalls, and tools, such as network sniffers and FTP clients
  • Solid knowledge of the TCP/IP protocol and IPv4 networking
  • Use the IBM Security SiteProtector™ console to manage agents.

Zagadnienia

  • Describe the characteristics and architecture of the IBM Security Network Protection appliance
  • Connect the appliance to your network
  •  Configure initial settings on the appliance and register it with SiteProtector
  • Use network objects and network access rules to configure the Network Access Policy
  • Use IPS objects to configure the Intrusion Prevention Policy
  •  Describe different alert types and configure SNMP alerts generated by response objects and system alerts
  • Use objects and policies to tune your security policy
  • Capture network packets
  • Configure local, remote, and passive user authentication
  • nspect outbound and inbound SSL traffic
  • Use the SNORT syntax to incorporate rules in the appliance Use advanced threat protection and quarantine rules to block events
  • Integrate the appliance with IBM Security QRadar SIEM
  •  Monitor events on the appliance

INFORMACJA CENOWA:
od - zł netto za jedną osobę

CZAS TRWANIA (dni): 3

KOD SZKOLENIA: IS671G

MASZ PYTANIA?

Jeśli potrzebujesz więcej informacji o tym szkoleniu, zadzwoń do nas +48 22 487 84 90 lub wyślij wiadomość.

Leave this field blank

REJESTRACJA

Leave this field blank



INNE SZKOLENIA

Udostępnij swoim znajomym