Detailed Course Outline
Module 1: Introduction
- Cisco Stealthwatch Tuning Course Overview
- The Purpose of Tuning
- Understanding Security Events and Alarms
- Defining Stealthwatch Policies
Module 2: Classify the Stealthwatch System
- Classify the System
- Lab: Classify Public and Private IP Addresses
- Lab: Trusted Internet Hosts
- Lab: Classify Undefined Services and Applications
Module 3: Quiet Noisy Hosts
- Quiet Noisy Hosts
- Lab: Classify Network Scanners with the SMC Web UI
- Lab: Reclassify IPs to Reduce Noise
Module 4: Posture the Stealthwatch System
- Posture the System
- Lab: Edit Role Policy
- Host Locks and Custom Security Events
- Lab: Host Locks and Custom Security Events
- Response Management
- Tiered Alarms
- Lab: Create a Dashboard
Module: Summary and Course Wrap-up
- Culminating Scenario: Tuning
- Tuning Best Practices in Stealthwatch
- Cisco Stealthwatch Tuning Course Outcomes
- Course Conclusion