KT-MARS MARS Cisco Security Monitoring, Analysis and Response System Training - Minneapolis, Minnesota IT MN Technical Financial New York, NY
Knowledge Transfer Microsoft Certified Silver Training Partner CPLS
Knowledge Transfer is a Microsoft Certified Silver Learning Partner
Oracle University

 

Microsoft Certified Training Partner CTEC
Search for a Course Topic:
Public Courses
Corporate Services & Training
 

 

 



 Course Search
Keyword
Course #
State

 Training Delivery
 
Training Delivery
Custom Curriculum
Course List
Certifications
 
 Main Menu
 
Home
View Courses
Site Index
 
 


MARS Cisco Security Monitoring, Analysis and Response System


Description: 

The Cisco Security Monitoring Analysis and Response System (CS-MARS) is part of the Cisco Security Management Suite which provides security monitoring for network security devices and host application made by Cisco or non-Cisco providers. In addition to event correlation and data reduction features found in SIM products, CS-MARS also provides topology awareness and automatic mitigation features. In knowing the topology of a network, CS-MARS can determine where the attack is originating and apply the appropriate remediation. CS-MARS is a key component in the Cisco Self Defending Network strategy. CS-MARS exchanges information with CS-Manager to provide a unified security management solution. For example, an administrator can view IPS signatures or the Firewall block / permit syslog messages received from sensors or firewalls. CS-MARS will communicate with CS-Manager and display the IPS signature table or firewall rule table. From there the IPS signature or firewall rule can be modified as necessary. Together CS-MARS and CS-Manager provide a unified management solution for monitoring and provisioning.

Objectives

Upon completing this course, the learner will be able to meet these overall objectives:

  • Use CS-MARS to monitor security and host application devices.
  • Know CS-MARS architecture and how CS-MARS process events.
  • Know how to use archive and restore features.
  • Use CS-MARS to run / create / customize reports
  • Use CS-MARS to investigate an incident and mitigate the security threats.
  • Use CS-MARS to do customer parser for unknown devices in CS-MARS.
  • Use CS-MARS to create / customize rules that detects dark net through best practices example.
  • Know how to tune signature / log level on device side and CS-MARS side.

Who Should Attend

  • Engineers who support sales of Cisco security product solutions
  • Cisco channel partners who sell, implement, and maintain secure networks
  • Cisco customers who implement and maintain secure networks

 
Click here to view the Course Outline
     
Prerequisite: 
  • Cisco CCSP certified or equivalent knowledge
  • Passage of the Securing Cisco IOS Networks (SECUR) exam (642-501), the Securing Networks with Cisco Routers and Switches (SNRS) exam (642-502), or both
  • At least six months of practical experience configuring Cisco routers and security products
  • Familiarity with implementing network security policies and these networking components and concepts:
  • Perimeter security system components: Perimeter router, firewall, intrusion prevention system (IPS), virtual private network (VPN), and demilitarized zone (DMZ) host
  • Servers: Cisco Security Manager; syslog; authentication, authorization, and accounting (AAA); Cisco Secure Access Control Server (Cisco Secure ACS); and FTP
  • Protocols: syslog, Simple Network Management Protocol (SNMP), Secure Shell (SSH), FTP, and Telnet
 
   
     
Duration: 
4 Days  
     
     

View Printer Friendly Page

 


To Inquire About Future Classes

Request a class date

if one is not scheduled.



Comments on the Course

  • We accept Cisco training credits!
  • Learning Credits: 30
  • Hitachi HiPass: 4