ArcSight

8,555 views

Published on

  • Be the first to comment

ArcSight

  1. 1. ArcSight Education ArcSight™ ESM Training Tracks ArcSight Education Industry-leading ArcSight Education provides For more information about Arcsight Education, visit www.arcsight.com professional training classes to enhance and certify or email traininginfo@arcsight.com. the proficiency of customers and business partners. Training for ArcSight ESM is offered in both instructor- led courses and self-paced e-learning formats. ArcSight Analyst Track ArcSight Analyst Track The ArcSight Education Analyst Track ArcSight ESM Self-Study is focused on tasks and responsibilities Environment for Operators of operators and analysts within enterprise security organizations. ArcSight Certified Security Analyst (ACSA) Topics span ArcSight ESM Console navigation and resource utilization, Building Use Cases ArcSight ESM customization and with ArcSight ESM content creation, as well as usage of ArcSight tools and best practices. ArcSight Advanced Content Creation
  2. 2. ArcSight Education: ArcSight ESM Training Tracks ArcSight ESM Training - • Event Replay • Content customization, Self-Study for Operators • Zones, Filters and Common development, and testing Condition Editor • Staging and implementing use ArcSight Self-Study Environment • Dashboards and Datamonitors case solutions in the target security for Operators • Report Generation and Report environment ArcSight Self-Study Environment for Authoring • Utilizing ArcSight ESM Packaging Operators provides comprehensive • Cases Management facilities to assemble and distribute training for users of ArcSight ESM • Charts Usage and Authoring use case content with exercises specifically intended for • ArcSight Web Usage SOC operators. • Rules Theory, Authoring and This is an advanced workshop with Operation prerequisites. Topics and features include: • Active Lists Definition • Comprehensive virtual ArcSight • Assets Definition and Management ESM SOC environment • Vulnerability Definition ArcSight Advanced • Complete event database with rich • Session Correlation Content Creation sample data Coming soon • Interactive, hands-on training on the common ESM functionality and ArcSight ESM Training - procedures Building Use Cases ArcSight Administrator • Modular format enables users to select the topics and lessons Building Use Cases in ArcSight Track ESM The ArcSight Administrator Track is applicable to their jobs The Building Use Cases in ArcSight intended for individuals responsible • Virtual environment allows return ESM training course will provide you for installing, maintaining, upgrading to lessons at any time to refresh with an in-depth emersion into the and integrating ArcSight products learning process and creation of Use Cases within a corporate IT infrastructure. within ArcSight ESM. This process Focus is on topics outside of the ArcSight ESM Training - offers a consistent methodology ArcSight ESM Console such as ACSA for custom content definition and partition management, report query authoring in a business environment. optimization, GUI customization and ArcSight Certified Security Duration: 3 days Oracle Database Administration. Analyst ACSA attendees will become Topics and features include: ArcSight Administrator Track intimately familiar with all aspects • Assessment and definition of Use of ArcSight Console usage as well Case requirements ArcSight ESM Self-Study Environment for Operators as demonstrate a basic level of • Identification of qualifying business proficiency in ArcSight authoring objectives ArcSight Certified Integrator/ environments and interfaces. • Incorporating industry or Administrator (ACIA) Duration: 5 days organizational compliance requirements ArcSight Advanced Topics and features include: • Leveraging ArcSight ESM native Administrator • Console Basics, Preference resource content and best practices Settings, Navigator Panel and FlexConnector Developers Resource Tree, Viewer Panel and Workshop Inspector Panel
  3. 3. ArcSight Education: ArcSight ESM Training Tracks ArcSight ESM Training - Self- Oracle 10g database infrastructure. A ArcSight Connector Training - Study for Operators key area of focus will detail integration FlexConnector See the course description found in the strategies for ArcSight Logger, Threat Analyst Track Remediation Manager and the ArcSight FlexConnector Connector Appliance within ArcSight Configuration Training ESM environments. ArcSight FlexConnector Configuration ArcSight ESM Training - ACIA Duration: 4 days Training will provide participants with ArcSight Certified Integrator/ an overview of ArcSight Connectors Administrator Topics and features include: and dependencies within the ArcSight ACIA attendees will be introduced to • Integration scenarios with ArcSight ESM Schema. Attendees will ArcSight Console administration and Logger, Connector Appliance, and learn to implement FlexConnector installation of the ArcSight Manager, Threat Remediation Manager configuration files and utilize various the centralized ArcSight database as • ArcSight ESM multi-manager parsing methods, leveraging examples well as ArcSight SmartConnectors. architectures for high-performance, from standard connectors. Duration: 4 days high-availability and fail over Duration: 3 days • Authentication credentials for Topics and features include: Topics and features include: ArcSight ESM environments • Administration of Users, Access • SmartConnector architecture and • Assessing and fine tuning ArcSight Controls and Notifications FlexConnector types ESM Manager, Oracle Database • Administration of Connectors • Connector installation, schema Capacities and Event Throughput • Overview of Multi-Manager groupings, and configuration file Using Oracle database tools to Architectures conventions determine and optimize Oracle’s • Configuration of SNMP capabilities • Parsing methods fixed delimited, explain plan for ArcSight queries • Installers for Manager, Database regular expressions, database and • Assess and apply ArcSight best and SmartConnectors SNMP practices for database backup and • Basic DBA Skills • Event field and severity mapping recovery • Basic FlexConnector overview • FlexConnector Wizard • Customizing ArcSight Case • Basic third-party system interfaces • Advanced configuration options such Management and the ArcSight Web overview as multi-line REGEX, parser linking Interface • Advanced ArcSight Network and and conditional mapping ArcSight Advanced Asset modeling Administrator Training Attendees are expected to have This is an advanced workshop with a working knowledge of regular ArcSight Advanced prerequisites. expressions to attend this course. Administrator for ESM The ArcSight Advanced Administrator for ESM will be trained in the maintenance and optimization of ArcSight ESM and troubleshooting the
  4. 4. ArcSight Education: ArcSight Express and Logger Training ArcSight Express and Logger Training ArcSight Express Instructor- • Storage Appliance Configuration and • Regular Expression and Field-based Led Training User Management Search Queries • Storage Appliance Field-based and • Using Filters and Saved Searches ArcSight Express Appliance RegEx Search Queries • Logger Reporting Functions hosts prepackaged ArcSight • Filters, Saved Searches, Report • Specifying Report Data ESM components and production Customization and Authoring • Customizing Report Displays environment content for instant-on • Connector Operations and • Using and Customizing Dashboards enterprise event and log management. Management • Logger Alerts and Notifications Participants in ArcSight Express • Configuration Attribute Import, Training establish skills to effectively Export, Backup and Restore navigate supporting interfaces, identify ArcSight Logger Instructor- • Connector Configuration and utilize prepackaged content, Led Training Management assess tuning requirements and ArcSight Logger is an appliance- customize ArcSight Express base based product for storing, managing, Also available via ArcSight Virtual configuration to enterprise network Classroom searching and reporting on environments. Target audience enterprise network device log data. includes IT Operations, System ArcSight Logger Training provides Administrators, System Security, attendees a solid orientation of Audit and Business Compliance interface, configuration, event Practitioners. routing and query, interim storage Duration: 4 Days and archive management. Hands-on Topics and features include: training exercises include common About ArcSight: functionality and procedures needed ArcSight (NASDAQ: ARST) is a leading • ArcSight Express Architectural global provider of compliance and security to quickly bring the ArcSight Logger management solutions that protect enterprises Features and Options appliance into production within and government agencies. ArcSight helps • ArcSight Event Schema/Network customers comply with corporate and enterprise event log management regulatory policy, safeguard their assets and Modeling processes, and control risk. The ArcSight environments. Intended audience • Event Acquisition and Processing platform collects and correlates user activity includes team members of security and event data across the enterprise so that Lifecycle businesses can rapidly identify, prioritize, operations, network operations, as • ArcSight Express User Interfaces and respond to compliance violations, policy well as auditing and compliance breaches, cybersecurity attacks, and insider • Pre-configured Content Overview threats. For more information, visit www. disciplines. • Manager Active Channels, Field arcsight.com. Duration: 3 Days Sets, Filters, Dashboards, Reports, Workflow Cases, Notifications and Topics and features include: Alerts • ArcSight Logger Concepts and • Installing and Navigating the Facilities ArcSight Admin Console ArcSight, Inc. • Logger Initialization and Setup 5 Results Way, Cupertino, CA 95014, USA Network Modeling Wizard • Deployment Planning www.arcsight.com info@arcsight.com • User and Group Administration Corporate Headquarters: 1-888-415-ARST • Navigating Logger Functionality • Rules and Lists Use and EMEA Headquarters: +44 870 351 6510 • Logger Configuration Settings Asia Pac Headquarters: 852 2166 8302 Modification • Configuring Event Input and Output © 2009 ArcSight, Inc. All rights reserved. ArcSight and • Notification Administration the ArcSight logo are trademarks of ArcSight, Inc. All • Managing User and Group Access other product and company names may be trademarks or • Storage Appliance User Interface registered trademarks of their respective owners. ARST-SB002-041609-01

×