NW
NW NW
Networldz
Networldz
Instant Messengers. Networldz99@yahoo.com Networldz99@hotmail.com Networldz99@gmail.com
NW NW
NW
NW
  HYDERABAD
+91-9000544423
+9140 - 40045060
NW
  BANGALORE
Email : info@networldz.com
nw
CCNA TRAINING INDIA,CCNA TRAINING BANGLORE,CCNA TRAINING HYDERABAD,CCNA TRAINING CHENNAI,CCNA TRAINING BOMBAY,CCNA TRAINING  DELHI,CCNP TRAINING INDIA,CCSP TRAINING INDIA,CCVP TRAINING INDIA,CCVP TRAINING BANGLORE,CCVP TRAINING HYDERABAD,CCVP TRAINING  CHENNAI,CCVP TRAINING  BOMBAY,CCVP TRAINING DELHI,IPCC TRAINING INDIA,IPCC ENTERPRISE TRAINING INDIA,IPCC TRAINING BANGLORE,IPCC TRAINING HYDERABAD.IPCC TRAINING DUBAI,CCVP TRAINING RIYAD,CCVP TRAINING OMAN,CCSP TRAINING OMAN,CCIP TRAINING HYDERABAD,CVPI TRAINING OMAN,CVPI TRAINING BANGLORE,CCNA VOICE TRAINING INDIA,CCNA VOICE TRAINING HYDERABAD,VOICE TRAINING INDIA,VOICE TRAINING BANGLORE,VOICE TRAINING DUBAI,VOICE TRAINING RIYAD,CISCO CERTIFICATION TRAINING,INDIA,VOCIE TRAINING OMANSECURITY TRAINING BANGLORE,SECURITY TRAINING HYDERABAD,SECURITY TRAINING INDIA,CCVP TRAINING  LONDON,CCIE VOCIE TRAINING INDIA,BEST CCIE VOICE TRAINING INDIA,GOOD CCIE VOICE TRAINING INDIA,CCIE SECURITY TRAINING INDIA,CCIE VOICE TRAINING BANGLORE,CCIE VOICE TRAINING HYDERABAD,CISCO ICM TRAINING INDIA,ICM TRAINING BANGLORE,ICM TRAINING HYDERABAD.UNITY TRAINING INDIA,UNITY TRAINING BANGLORE.
 
NW NW NW
NW
NW
NW
 
 
News@ CISCO
 
 
More news
 
 
Examination Info.
 
readmore
 
Recommended Training
 
CCSP - Implementing Cisco Security Monitoring, Analysis and Response System (MARS)
 
MARS - Cisco Security Monitoring, Analysis and Response System

The Cisco Security Monitoring Analysis and Response System (CS-MARS) is part of the Cisco Security Management Suite which provides security monitoring for network security devices and host application made by Cisco or non-Cisco providers. In addition to event correlation and data reduction features found in SIM products, CS-MARS also provides topology awareness and automatic mitigation features. In knowing the topology of a network, CS-MARS can determine where the attack is originating and apply the appropriate remediation. CS-MARS is a key component in the Cisco Self Defending Network strategy. CS-MARS exchanges information with CS-Manager to provide a unified security management solution. For example, an administrator can view IPS signatures or the Firewall block / permit syslog messages received from sensors or firewalls. CS-MARS will communicate with CS-Manager and display the IPS signature table or firewall rule table. From there the IPS signature or firewall rule can be modified as necessary. Together CS-MARS and CS-Manager provide a unified management solution for monitoring and provisioning.

Pre-Requisites

CCNA Security is a prerequisite
This course/exam is an elective for the CCSP certification.It is recommended that the learner also take SNRS v3.0, SNAF v1.0 and IPS v6.0 prior to this course/exam.

Target Audience

This course is aimed at Engineers who support sales of Cisco security product solutions, as well as; Cisco channel partners and customers who sell, implement, and maintain secure networks.


 
Course Outline
 
Course content

Lesson 1:
Introducing Cisco Security Monitoring, Analysis, and Response System
o Effective Security Monitoring and Management
o Cisco Self-Defending Network and the Role of Cisco Security MARS
o Cisco Security MARS
o Cisco Security MARS Terminology
o Cisco Security MARS Technologies
o Cisco Security MARS User Interface
o Cisco Security MARS Product Portfolio

Lesson 2:
Understanding the System Architecture
o Cisco Security MARS Software Components
o Cisco Security MARS Process Flow Details
Lesson 3:Configuring a Cisco Security MARS Appliance
o Initial Cisco Configuration Overview
o Scenario: Configuration Tasks
o Deployment Planning Guidelines

Lesson 4:
Adding Reporting and Mitigation Devices
o Overview of Reporting and Mitigation Devices
o Scenario: Adding a Cisco Reporting Device and Enabling NetFlow
o Data-Enabling Features of Cisco Security MARS
o Integrating Cisco Security MARS with Third-Party Applications

Lesson 5:
Viewing the Summary Page
o Summary Page Overview
o Dashboard
o Network Status
o My Reports
o Scenario: Getting Information from the Summary Page

Lesson 6:
Managing Rules
o Rules Overview
o Working with System and User Inspection Rules
o Working with Drop Rules
o Rule Groups Overview

Lesson 7:
Understanding Queries and Reports
o Query Page
o Scenario: Configuring a Query
o Reports Page
o Scenario: Configuring a System Report

Lesson 8:
Investigating and Mitigating Incidents
o Incidents Overview
o Incidents
o Scenario: Role of Cisco Security MARS in Your Network
o False Positives
o Case Management
o Scenario: Configuring a Case to Track an Incident
o Configuring Notifications
o Case Study: Preventing the W32 Blaster Worm

Lesson 9:
Working with User-Defined Log Parser Templates
o Overview of User-Defined Log Parser Templates
o Scenario: Configuring a Customer Parser

Lesson 10:
Integrating with Cisco Security Manager
o Overview of Cisco Security Manager Policy Table Lookup
o Scenario: Invoking Cisco Security Manager Policy Table Lookup from Cisco Security MARS

Lesson 11:
Managing and Administering the System
o Management Overview
o Overview of System Maintenance Tasks
o IPS Signature Dynamic Update Settings
o Upgrading the Cisco Security MARS Appliance Software
o Migrating Data from Cisco Security MARS 4.3.x to 5.3.x

Lesson 12:
Troubleshooting and Optimizing Cisco Security MARS
o Hardware Installation Issues
o Device Configuration Issues
o Global Controller-to-Local Controller Communications
o Sizing Cisco Security MARS Deployment
o Tuning Cisco Security MARS
o Securing Cisco Security MARS

Lesson 13:
Using the Cisco Security MARS Global Controller
o Cisco Security MARS Global Controller Overview
o Configuring the Cisco Security MARS Global Controller
o Summary Tab
o Incidents Tab
o Queries and Reports
o Rules Tab
o Management Tab
o System Maintenance Tab

Lesson 14:
Course Review: Cisco Security MARS at Work
o Cisco Security MARS At Work

 
Back Top
NW
NW
NW
NW NW NW
 
NW
NW