INSTRUCTOR-LED COURSE

Cisco Stealthwatch Tuning (ST)

Course Information

Duration: 2 days

Version: ST

Price: $3,000.00

Certification:

Exam:

Learning Credits: 30

ALL DATES GUARANTEED

Check out our full list of training locations and learning formats. Please note that the location you choose may be an Established HD-ILT location with a virtual live instructor.

COURSE DELIVERY OPTIONS

  • Live Classroom

Train face-to-face with the live instructor.

  • Established HD-ILT Location

Interact with a live, remote instructor from a specialized, HD-equipped classroom near you.​

  • Virtual Remote

Attend the live class from the comfort of your home or office.

Register

OVERVIEW

This course focuses on the tuning process in the Cisco Stealthwatch Enterprise system, to gain visibility across your enterprise and detect actionable threats. This course covers all essential aspects of the tuning process, including tuning best practices, which will optimize the Stealthwatch System. 

Prerequisites:

It is strongly recommended to complete the Stealthwatch Foundations training prior to taking this training. 

 

Target Audience:

This course is intended for individuals who are responsible for tuning the Stealthwatch System, creating and maintaining policies, monitoring traffic, and obtaining and responding to actionable alarms.

 

Course Objectives:

After taking this course, you should be able to:

  • Describe how Stealthwatch provides network visibility through monitoring and detection.
  • Define tuning and how it helps the Stealthwatch System create actionable alarms.
  • Use the stages of the tuning process to identify workflows and best practices to operationalize Stealthwatch.

 

Course Outline:

Day One

  • Course Introduction
  • Cisco Stealthwatch Tuning Course Overview
  • The Purpose of Tuning
  • Understanding Security Events and Alarms
  • Defining Stealthwatch Policies
  • Lunch
  • Classify the System
    • Lab: Classify Public and Private IP Addresses
    • Lab: Trusted Internet Hosts
    • Lab: Classify Undefined Services and Applications
  • Quiet Noisy Hosts
    • Lab: Classify Network Scanners with the SMC Web UI
    • Lab: Reclassify IPs to Reduce Noise

Day Two

  • Day One Review
  • Posture the System 
    • Lab: Edit Role Policy
  • Host Locks and Custom Security Events
    • Lab: Host Locks and Custom Security Events
  • Lunch
  • Response Management
  • Tiered Alarms
    • Lab: Create a Dashboard
  • Culminating Scenario: Tuning
  • Tuning Best Practices in Stealthwatch
  • Cisco Stealthwatch Tuning Course Outcomes
  • Course Conclusion