MARS - Cisco Security Monitoring, Analysis, and Response System v3.0
4 days Instructor-Led


 Cisco Training Cisco Training from Solartech

Bookmark and Share


Course Overview

Cisco Security Monitoring, Analysis, and Response System (MARS) is a family of high-performance, scalable appliances for threat management, monitoring, and mitigation that enables you to make more effective use of network and security devices by combining network intelligence, context correlation, vector analysis, anomaly detection, hotspot identification, and automated mitigation capabilities. With MARS solutions you can readily and accurately identify, manage, and eliminate network attacks and maintain network compliance.


Prerequisites

The knowledge and skills a learner must have before attending this course include:

• Fundamental knowledge of implementing network security
• CCNA Security Certification
• CCSP or Security CQS and working knowledge of routing and switching


Who will benefit from this course?

• Engineers who support the sales of Cisco security product solutions
• Cisco channel partners who sell, implement, and maintain secure networks
• Cisco customers who implement and maintain secure networks

 

Course Outline

Lesson 1: Cisco Security MARS Overview and STM Task Flow

• Deploy Cisco Security MARS as an STM system in your network
• Cisco Security MARS solution and its role in Cisco Threat Defense System Management

Lesson 2: Cisco Security MARS Configuration

• Configure the network reporting devices to work with the Cisco Security MARS
appliance
• Configure Cisco reporting devices to work with the Cisco Security MARS appliance
• Configure reporting devices from other vendors to work with the Cisco Security MARS appliance
• Configure user-defined log parser templates on the Cisco Security Mars appliance

Lesson 3: Cisco Security MARS Incident Investigation

• Use summary page menu to get an overview of your network
• Configure the Cisco Security MARS appliance to send a notification
• Examine case management features that can capture,combine, and preserve user-selected Cisco Security MARS date within a specialized report called a case
• Explore the process of incident investigation and attackmitigation in a Cisco Security MARS appliance

Lesson 4: Cisco Security MARS Rules and Management

• Perform system maintenance tasks on the Cisco Security MARS appliance
• Features and functions of the Cisco Security MARS Global Controller
• Configure a rule (or rules) that detect interesting patterns of network activity and other anomalous network behavior
• Use the management features in the Cisco Security MARS appliance to add, edit, and delete event, IP addressing,service, and user information
 

| Home | About Us | Contact Us | Find a Course |