Home > Training Course Catalogue > IT Vendor Courses > Cisco Security CCSP Training Courses > HIPS: Securing Hosts using Cisco Security Agents

Perpetual Solutions
Tuition House
27-37 St Georges Road, London
SW19 4DS

+44 (0)20 7620 0033
+44 (0)20 7620 0055

 

Training Course Outline

IT Vendor CoursesIT Vendor Courses   Cisco Security CCSP Training CoursesCisco Security CCSP Training Courses


Course outline for HIPS: Securing Hosts using Cisco Security AgentsHIPS: Securing Hosts using Cisco Security Agents

This course includes classroom labs for live hands-on trainingThis course follows an offical curriculum for certification


View course dates


Course Duration: 2 days


Course Code: HIPS


Course Description:


HIPS is a two-day, lab-intensive Instructor-Led course which develops the knowledge and skills to deploy, configure and administer the Cisco Security Agent product to protect server and workstation hosts. It takes a task-oriented approach, using lecture and hands-on labs to teach the skills. The Cisco Security Agent functions to protect from intrusions, as compared to simply detecting attempted intrusions.
 
Objectives:<ul>
<li>Describe the need for network security; understand attack types, methods and Cisco security wheel.
<li>CSA overview – functionality, components and architecture.
<li>CSAMC install – overview, system requirements for management console.
<li>CSAMC quick start configuration –configure a group, build an agent kit, view registered hosts, configure a policy, attach a policy to a group and generate rule programs.
<li>CSAMC administration—accessing and using the management console.
<li>Configure groups and manage hosts.Build agent kits and distributing software updates.
<li>Develop a security policy.
<li>Configure policies and rules for Windows and UNIX.
<li>Use system correlation and heuristics.
<li>Understand and configure application classes.
<li>Configure variables—file sets, network address sets, network services, registry sets, COM component sets.
<li>Use CSA Profiler for data analysis and as policy creation tool.
<li>Configure and manage event logging, alerts and reports.
<li>Understand and use CSAMC utilities—start / stop service for servers and agent, webmgr utility, backup configurations, COM extract utility and export / import configurations.</ul>


Prerequisites:

Delegates are required to meet the following prerequisites:


- CCNA or equivalent knowledge
- 6 months practical experience of configuring Cisco IDS Routers
- Competency in using the Windows NT Operating system
- Familiarity with implementing network security policies and the following networking concepts:
- Perimeter Security System Components
- Perimeter Router
- Firewall
- Bastion Host/Servers and Hosts



Target Audience:


    - Engineers who support sales of Cisco security product solutions.
    - Cisco Channel Partners, who sell, implement and maintain secure networks.
    - Cisco Customers who implement and maintain secure networks.


Relevant Certifications:

CCSP Cisco Certified Security Professional


This course includes the following modules:

Security Fundamentals

  • Need for Network Security
  • Network Security Policy
  • Network Attack Taxonomy

Cisco Security Agent Overview

  • Defense in Depth
  • Cisco Security Agent Architecture
  • Anatomy of an Attack and Response
  • Key Features of Cisco Security Agent

Cisco Security Agent Quick Start Installation

  • CSAMC System Requirements
  • CSA System Requirements
  • Installing the CSAMC
  • Configuring the CSAMC
  • Installing the CSA

Cisco Security Agent Management Center Administration

  • Using Cisco Securinty Agent Management Center

Using Event Logs and Generating Reports

  • The Event Log and Event Monitor
  • Configuring Event Sets
  • Configuring Alerts
  • Generating Reports

Configuring Groups and Managing Hosts

  • Configuring Groups
  • Building and Agent Kit
  • Managing Hosts
  • Deploying Scheduled Software Updates

Building Policies

  • Developing a Security Policy
  • Rule Basics
  • Policy Components
  • Configuring and Managing Policies
  • Rules common to Windows and Unix
  • Windows-Only Rules
  • Unix-only Rules

Defining Application Classes

  • About Application Classes
  • Configuring Static Application Classes
  • Dynamic Application Classes

Working with Variables

  • Data Sets
  • File Sets
  • Network Address & Services Sets
  • Registry Sets
  • COM Component Sets

Using Cisco Security Agent Profiler

  • Basics of Profiler
  • Configuring an Analysis Job
  • Starting Analysis
  • The profiler Policy
  • Profiler Reports

 

Location

Duration

RRP

Oct

Nov

Dec

Jan

Feb

Mar

Click on course date to make a booking, check availability, or find out about available discounts.

London (Ros)

2 days

£895

 

 

1 - 2

 

 

 

<< Previous 6 Months
Next 6 Months >>

Perpetual Solutions are a global provider of onsite training solutions throughout London, UK and the rest of the world. For scheduled training our UK partner network provides an unrivalled choice of courses.


Save as PDFSave as PDF

PrintPrint this course



© Perpetual Solutions Ltd 2008.   Perpetual Solutions, Tuition House, 27-37 St Georges Road, London, SW19 4DS. +44 (0)20 7620 0033 +44 (0)20 7620 0055