Advanced SiteProtector

2 Day Course
Hands On
Official IBM Curriculum
Code ISS-ASP

Book Now - 1 Delivery Method Available:

Scheduled Online Onsite

Overview

Internet Security Systems' SiteProtector application provides scalable, centralized security management and data analysis capabilities for Proventía appliances, Proventía Desktop as well as RealSecure Network and Server solutions. SiteProtector simplifies large-scale deployments through cost-efficient, unified command, control and monitoring, thereby reducing security management demands on staff, network traffic or other operational resources. Event prioritization and correlation enable real-time attack and misuse tracking.

The SiteProtector interface helps administrators work more efficiently through flexible views built around asset grouping and event aggregation. Powerful filters screen for event exceptions and false alerts. In addition, SiteProtector automates Proventía and RealSecure deployments, and enables multiple site management via secure remote administration.

The Advanced SiteProtector course provides "under the hood" training in the advanced workings of the SiteProtector application's architecture and functions. This one day course features demonstrations of tips and tricks that enable students to use this best-of-breed intrusion protection product more effectively. Topics include SiteProtector component communication, SiteProtector Central Responses, SiteProtector SecurityFusion Module, and SiteProtector Failover solution.

Who Should Attend

This course is intended for security professionals engaged in managing SiteProtector using the most advanced features the application offers.

This course is in preparation for the SiteProtector exam.

Training Partners

We work with the following best of breed training partners using our bulk buying power to bring you a wider range of dates, locations and prices.

Modules

Course Content (18 topics)

  • SiteProtector communication channels
  • SiteProtector Event Viewer
  • Working with policy files
  • Overview of the Central Responses component
  • Create and manage Central Responses
  • Capturing evidence packets using response objects
  • Understanding Impact Analysis vs. Attack Pattern
  • Installation, configuration and management of the SecurityFusion Module
  • Overview of SiteProtector's SecureSync Process
  • Configuration of SiteProtector's Site Management Transfer agents
  • Importing and Exporting Data
  • Failing Over and Failing Back
  • Modifying default communication ports (Lab)
  • Filtering and viewing events using the RealSecure SiteProtector Event Viewer (Lab)
  • Manually editing policy files (Lab)
  • Configuring the SiteProtector Central Response (Lab)
  • Installing and configuring the SiteProtector SecurityFusion Module (Lab)
  • Configuring the SiteProtector Site Management Transfer agents (Lab)

Prerequisites

A working knowledge of TCP/IP and Windows platforms is required. Either one of the following two situations applies: - The training is NOT attended together with the “Introduction to SiteProtector” training: the attendees must have a valid Introduction to SiteProtector certification. - The training is attended together with the “Introduction to SiteProtector” training: no further prerequisite.

Additional Learning

The courses below may help you meet the knowledge level required to take this course. If you are unsure please ask a training advisor .

  • Introduction to SiteProtector

    This 2-day training course provides an Introduction to SiteProtector, providing concepts, methods and practices required to use the management tool.

    2 Day Course Hands On Training Official Curriculum Course Code ISS-SP
    Scheduled Online Onsite

or call:408-759-5074

Course PDF

Print

Share this Course

+1
Share

Recommend this Course

Sections