Course Description
The course takes a task-oriented approach to teaching the skills needed to deploy, configure, and administer CSA to protect server and workstation hosts.
After completing this course, students will be able to: - Describe the need for network security. - Understand attack types, methods and Cisco security wheel. - CSA overview, functionality, components and architecture. - CSAMC install, overview, system requirements for management console. - CSAMC quick start configuration, configure a group, build an agent kit, view registered hosts, configure a policy, attach a policy to a group and generate rule programs. - CSAMC administration, accessing and using the management console. - Configure groups and manage hosts. - Build agent kits and distributing software updates. - Develop a security policy. - Configure policies and rules for Windows and UNIX. - Use system correlation and heuristics. - Understand and configure application classes. - Configure variables, file sets, network address sets, network services, registry sets, COM component sets. - Use CSA Profiler for data analysis and as policy creation tool. - Configure and manage event logging, alerts and reports. - Understand and use CSAMC utilities, start / stop service for servers and agent, webmgr utility, backup configurations, COM extract utility and export / import configurations.
Who should attend: System Engineers - Account Managers - Channel Partner/Reseller - Customers Students who require the knowledge and skills needed to implement end-to-end security solutions using the SAFE Small, Midsize, and Remote-User blueprint. The target audience for this course is as follows: - Engineers who support sales of Cisco security product solutions. - Cisco Channel Partners, who sell, implement and maintain secure networks. - Cisco Customers who implement and maintain secure networks.
Agenda
Configuring CSA
- Introducing CSA
- Installing and Configuring CSA MC
- Installing CSA
Configuring Groups and Policies
- Configuring Groups
- Building an Agent Kit
- Managing Hosts and Deploying Software Updates
- Configuring Policies
Working with Variables and Application Classes
- Creating Variables
- Creating Application Classes
Configuring Rules
- Rule Basics
- Configuring Rules Common to Windows and UNIX
- Configuring Windows-Only Rules
- Configuring UNIX-Only Rules
- Configuring System Correlation Rules
Administering Events and Generating Reports
- Managing Events
- Generating Reports
Using CSA Analysis
- Configuring Application Deployment Investigation
- Generating Application Deployment Reports
- Configuring Application Behavior Investigation
- Generating Behavior Analysis Reports
Comments
Virtual Cisco® Securing Hosts Using Cisco® Security Agent (HIPS) Online Live training option
Imagine an industry-leading classroom training experience from wherever you have access to the Internet.
The Virtual Online Live events listed here gives you an effective and proven online virtual learning experience with the freedom to attend virtually from anywhere.
There is also an option of experiencing Online Live from one of the many national partner centers where a computer and headset will be provided for you.
This rich and engaging virtual classroom environment lets you conveniently interact with instructors and other students.
You will hear and see your instructor as they teach the course and answer your questions via voice or text.
Choose the online live virtual training option and you can access the recorded version even after the class has finished.
The onDemand labs give you access to the same client and server technologies covered in class so you can test, apply and hone your skills by accessing the labs before and even after the class.
Technical Requirements: a computer or laptop with a modern browser and high speed internet access along with one or two monitors.