|
 Registration form    |
|
|
Patriot Technologies, Inc. |
|
|
9:00 a.m. - 5:00 p.m. |
|
Product Versions
- SiteProtector 2.0 SP 6
- Network Sensor 7.0
- Server Sensor 7.0 SR 4.2
- Internet Scanner 7.0 SP 2
- SecurityFusion Module 2.0 SP 1.3
Course Description
Internet Security Systems' SiteProtector application provides scalable, centralized security management and data analysis capabilities for Proventia appliances and RealSecure network, server and desktop protection solutions. SiteProtector simplifies large-scale deployments through cost-efficient, unified command, control and monitoring, thereby reducing security management demands on staff, network traffic or other operational resources. Event prioritization and correlation enable real-time attack and misuse tracking.
The SiteProtector interface helps administrators work more efficiently through flexible views built around asset grouping and event aggregation. Powerful filters screen for event exceptions and false alerts. In addition, SiteProtector automates Proventia and RealSecure deployments, and enables multiple site management via secure remote administration.
The Advanced SiteProtector course provides "under the hood" training in the advanced workings of the SiteProtector application's architecture and functions. This two-day course features tips and tricks that enable students to use this best-of-breed intrusion protection product more effectively. Topics include SiteProtector component communication, sensor and appliance data paths, Central Responses functionality, the SiteProtector SecurityFusion Module, and the transfer of site management between two sites.
Key Instructional Focus and Objectives
- SiteProtector communication channels
- Underlying processes used to configure Proventia appliances and RealSecure sensors
- Sensor Controller Diagnostic utility
- Memory Configurator utility
- RealSecure SiteProtector Event Viewer
- SiteProtector data paths
- Protocol Analysis Module
- Advanced features used to create user defined event signatures
- Regular expressions used to enhance SiteProtector signatures
- Tcl scripts used with Server Sensor
- Trons implementation and supported Trons syntax
- Recognizing and managing false positives
- Capturing evidence packets using SiteProtector assets
- Using Ethereal to examine evidence files
- Using the SiteProtector SecurityFusion Module
- Configuring SiteProtector to transfer site management and event data (failover and failback) between two sites
Key Hands-On Lab Focus and Objectives
- Modify default communication ports
- Filter and view events using the RealSecure SiteProtector Event Viewer
- Manually edit policy files
- Create events to audit files and Registry keys
- Incorporate regular expressions and Tcl scripts in event signatures
- Configure Trons rules
- Use advanced parameters to monitor a system
- Tune SiteProtector advanced parameters
- Examine SiteProtector packet capture files
- Create response rules and manage Central Responses settings
- Install and configure the SiteProtector SecurityFusion Module
Who Should Attend
This course is intended for professionals engaged in assessing security and securing information assets. Participants should have a working knowledge of RealSecure products and/or Proventia appliances, or they should have attended the Introduction to SiteProtector class.
Prerequisites
Participants should have a working knowledge of ISS intrusion protection products, or they should have attended the Introduction to SiteProtector class.
