Seminarziel: Sentinel 6 from Novell delivers an integrated view of security and compliance events across the entire enterprise - integrating realtime information from devices, applications, identity and access management systems and physical controls into a single console. This course explores all functional aspects of the Sentinel system in a workshop environment. The course also introduces the open architecture of the correlation, collection, incident response, and reporting systems, enabling you to begin integrating Sentinel into your existing systems. Zielgruppe: This course covers many aspects of the Sentinel product and its functionality. This course is appropriate for analysts who will be using the Sentinel console, administrators who will be managing the day-to-day upkeep, and developers who will be customizing Sentinel correlation rules, reports, or collectors. Certain sections of the material may not be relevant to specific job functions, but the course will give you a complete understanding of Sentinel features, ongoing administration, and introduce customization, network security, and troubleshooting concepts as well. Seminarinhalte: - View and filter incoming events within the Control Center
- Analyze and investigate events for asset, vulnerability, and relationship
information - Manage the built-in incident response process
- Install and run longer-term reports against the Sentinel data store, to provide
visibility into trends, policies, and compliance controls - Plan a basic installation and understand the modules and components of the
Sentinel Service-Oriented Architecture - Manage users and roles within the Sentinel system
- Deploy and develop new correlation rules to detect network threat patterns
across the enterprise - Manage and maintain the Sentinel database
- Customize new incident response workflows to integrate with internal policies
and procedures - Understand the details of the data collection system, data access and
connection methods - Deploy and manage Collectors for new security devices types in the enterprise
network - Fine-tune and enhance existing Collectors for the local environment and to
enrich the incoming event data - Tie together various data sources into a comprehensive information system
through the data collection system using local source files and the global
mapping service
Voraussetzungen: This course covers a wide range of Sentinel functionality, from basic analyst training to
custom collector development. There are no formal prerequisites, but to get full value
from the class, you are encouraged to be familiar with basic concepts such as:
- Basic networking, bandwidth, network security devices, basic security concepts
- Common network threats
- Relational database concepts,basic programming concepts
|
