Suche

ESM310 – ArcSight ESM 7.x.x Advanced Administrator – CSE (ILT/VILT)

Die Trainings finden in deutscher Sprache mit englischen Unterlagen statt. Weitere Termine können Sie gerne bei uns anfragen!

Seminarliste

Training Termin Zeit Sprache / Standort Preis (zzgl. MwSt.)

ESM310 – ArcSight ESM 7.x.x
Advanced Administrator

kein Termin verfügbar – stellen Sie eine Anfrage

9:00 – 17:00 Uhr

Deutsch
München

4.500,- €

ESM310 – ArcSight ESM 7.x.x
Advanced Administrator

kein Termin verfügbar – stellen Sie eine Anfrage

9:00 – 17:00 Uhr

Deutsch
München

4.500,- €

Description

This course provides you with techniques to proactively analyze and troubleshoot the ESM CORR-Engine database and Micro Focus ArcSight ESM Manager to provide efficient services to your organization. This course teaches you to design and deploy hierarchical, fault tolerant manager implementations as well integration strategies between Micro Focus ArcSight ESM and other Micro Focus ArcSight appliances such as Logger, Connector Appliance, and the ArcSight Management Center products.

Audience

This course is intended for any system administrators, who need to:

  • Install, administer, maintain and troubleshoot Micro Focus ArcSight ESM components

  • Design and implement integrations between Micro Focus ArcSight ESM and other Micro Focus ArcSight appliances

  • Proactively investigate the health of the Micro Focus ArcSight ESM CORRE environment

Prerequisites

To be successful in this course, you will have an understanding of:

  • Common security devices, such as IDS & firewalls
  • Common network device functions, such as routers, switches, hubs, etc.
  • TCP/IP functions, such as CIDR blocks, subnets, addressing, communications, etc.
  • Basic Windows operating system tasks & functions
  • Possible attack activities, such as scans, man in the middle, sniffing, DoS, etc., and possible abnormal activities, such as worms, Trojans, viruses, etc.
  • SIEM terminology, such as threat, vulnerability, risk, asset, exposure, safeguards, etc.
  • 6 months experience administering Micro Focus ArcSight ESM
  • Completed Micro Focus ArcSight ESM Administrator

Certifications and Related Examinations

  • ASE Level

Course Objectives

Upon completion of this course, students will be able to:

  • Design, deploy and configure an Micro Focus ArcSight ESM multimanager layout for high-availability and fail-over
  • Assess and implement integration strategies for Micro Focus ArcSight ESM and Micro Focus ArcSight appliances
  • Provide credentials for Micro Focus ArcSight ESM including RADIUS and LDAP/AD
  • Use available Micro Focus ArcSight and Oracle tools to investigate the health of your installation
  • Implement Micro Focus ArcSight best practices for backup and recovery for an Oracle 10g database

Detailed course outline – Topics Covered

Module 1 – ESM CORRE 6.5 Architecture

  • CORR-Engine Details

Module 2 – Installing ESM CORRE 6.5

Module 3 – Installing and Navigating the ESM Console

Module 4 – ESM Suite Installation

  • Integrating with ArcSight Appliances including, Connector, Logger, TRM, and ArcMC

Module 5 – Installing Connectors

  • Advanced SmartConnector Installations including, Silent and Turbo modes

Module 6 – Managing ArcSight Smart Connectors

Module 7 – Using the Management Console Browser Interface

  • Functions of the Management Console

Module 8 – Real-time Event Flow Using the ESM Console

Module 9 – Managing the Network Model

  • Resources

Module 10 – Installing FlexConnectors

Module 11 – ArcSight Forwarding Connectors

Module 12 – Configuring Notifications

Module 13 – Managing SSL Certificates

Module 14 – Maintaining Lists and Trends

  • Active Lists
  • Session Lists
  • Trend Tables

Module 15 – ArcSight Web and the Command Center

  • Navigating both Interfaces

Module 16 – Event Management

Module 17 – ArcSight ESM Admin Authentication

Module 18 – Maintaining CORRE System Health

  • ArcSight ESM Checks
  • Properties and Log Files Overview

Module 19 – Using ArcSight Packages

Module 20 – Patching CORR-Engine

Module 21 – ArcSight ESM CORRE Back Up and Restore

Module 22 – Managing CORRE Daily Partitions

Module 23 – Working with Micro Focus ArcSight Support

Interessiert an diesem Training?

Nehmen Sie Kontakt auf!

Incident Response Hotline

Ein Cybersecurity Incident, bei dem Sie sofortige Hilfe benötigen?

Kontaktieren Sie unsere 24/7/365 Incident Response Hotline.