During this 2-days workshop, students will get all the necessary skills to working with the Cisco StealthWatch system, examining the main components of the architecture, licensing principles, and functions of the NetFlow protocol.
The training also provides laboratory works, during which students will become familiar with the GUI of the StealthWatch system and the basic settings of the NetFlow protocol.
This training will be most useful to network engineers, network administrators and specialists who are interested in the StealthWatch platform.
Expected students’ skills and knowledge
This training does not require deep understanding of network security methods and
technologies, but students will need a basic knowledge of network protocols (TCP, UDP, IP, ICMP).
Chapter 1. Cisco StealthWatch Introduction.
- Network Telemetry.
- NetFlow Fundamentals.
- NetFlow Security Event Logging (NSEL).
- StealthWatch System.
- Monitor the Network.
Chapter 2. Cisco StealthWatch Architecture and Components.
- StealthWatch Architecture.
- Required Components & Licenses.
- Optional Components & Licenses.
- Identity Integration.
Chapter 3. StealthWatch Design Guidance.
- Detecting Threats with Cisco StealthWatch.
- Alarm Model.
- Security Events.
- Alarm Categories.
- Live Threat Hunting.
- Respond to Incidents.