AquinasTraining.co.uk - training courses. Home  -  FAQ  -  Corporate Plans

ISS: SiteProtector: Introduction to SiteProtector

ISS SP      Course duration (days): 2
Talk to a Training Advisor
Tel. 0800 652 0202
Availability
Schedule available upon request within 24 hours.
Need help? Contact us now.

About this class

The SiteProtector application provides scalable, centralised security management and data analysis capabilities for Proventia appliances and RealSecure network, server and desktop protection solutions. SiteProtector simplifies large-scale deployments through cost-efficient, unified command, control and monitoring, thereby reducing security management demands on staff, network traffic or other operational resources.

The SiteProtector interface helps administrators work more efficiently through flexible views built around asset grouping and event aggregation. Powerful filters screen for event exceptions and false alerts. In addition, SiteProtector automates Proventia and RealSecure deployments, and enables multiple site management via secure remote administration.

This Introduction to SiteProtector training course provides concepts, methods and practices necessary to successfully use the SiteProtector management tool. The course focuses on hands-on exercises supported by demonstrations, presentations and lecture. Starting with an introduction to the SiteProtector architecture and the different components, students will learn about the role of each component and how they act in concert to monitor and protect a real-world network. Students will learn how to install and configure SiteProtector as well as how to manage sensors and monitor network assets in the SiteProtector environment.

Who will the lesson benefit?

Network professionals overseeing, managing or operating intrusion detection systems (IDS), or who desire an understanding of IDS implementation.

What prerequisites are required

Working knowledge of TCP/IP and Windows 2000.

Contents of this class

Key Instructional Focus and Objectives:

  • Describing SiteProtector's system architecture and how it integrates data from various network appliances and agents, host-based sensors and agents, and network- and host-based scanners
  • Explaining SiteProtector installation options and the different approaches for deploying SiteProtector components on a network
  • Migrating from RealSecure Workgroup Manager to SiteProtector
  • Performing a Custom SiteProtector installation on multiple computers
  • Using the SiteProtector Console to monitor security events, and to manage Proventia appliances and network, server, and desktop agents
  • Using the SiteProtector Web Portal to view the status of SiteProtector assets and monitor security events.
  • Organising SiteProtector and network assets to facilitate effective management and analysis
  • Importing Active Directory groups and host information into SiteProtector
  • Using event analysis best practices
  • Using the SiteProtector Reporting Module to generate Site reports
  • Using the Policy Editor to configure sensor policies and responses
  • Working with policies for Proventia appliances and RealSecure Network and Server Sensors
  • Configuring SiteProtector components, Proventia appliances, RealSecure Network and Server Sensors, Internet Scanner, and Desktop Protection
  • Using SiteProtector to run an Internet Scanner vulnerability scan
  • Using the SiteProtector Enterprise Dashboard to facilitate trend analysis and generate Enterprise reports
  • Applying X-Press Updates to SiteProtector components, sensors, and scanners
  • Configuring SiteProtector Database maintenance settings
  • Key Hands-on Lab Focus and Objectives:
  • Installing and configuring SiteProtector components:
  • Deployment Manager, Application Server, Site Database, Event Collector, RealSecure Network Sensor, RealSecure Server Sensor, and Internet Scanner
  • Using the SiteProtector Console to monitor event data, and manage sensors and scanners
  • Applying X-Press Updates to SiteProtector components, sensors, and scanners
  • Creating Analysis views and data filters
  • Creating a Baseline view
  • Displaying event detail
  • Creating incidents and exceptions
  • Exporting Analysis view data
  • Generating Site and Enterprise reports
  • Using the Policy Editor to configure policies and responses
  • Configuring Network Sensor security events and filters
  • Configuring Server Sensor security events and dynamic blocking
  • Configuring predefined and user defined sensor responses
  • Configuring event propagation settings
  • Applying policies to sensors and groups
  • Running a remote vulnerability scan
(C) AquinasTraining.co.uk - Contact Us