Advanced Technical Training: Sentinel 6

Training

	Novell trainings
Advanced Technical Training: Sentinel 6

Training goals

During the course, you will need to learn how to complete the following tasks:

View and filter incoming events within the Control Center
Analyze and investigate events for asset, vulnerability, and relationship information
Manage the built-in incident response process
Manage and maintain the Sentinel database
Fine-tune and enhance existing Collectors for the local environment and to enrich the incoming event data
Tie together various data sources into a comprehensive information system through the data collection system using local source files and the global mapping service

Training days

4 days

Conspect

Sentinel 6 for the user and the operator

Introduction into Sentinel 6 architecture
Defining and using Active Views
Filtering of events
Analysis of events
Managing of incidents
Cooperation of Sentinel 6 with business processes (iTRAC)
Module of reporting

Administration of the Sentinel 6 and system requirements for installation

Administration of the system
Managing of the database
Correlation of events
Programming correlation of events in RuleLG language
Servicing of the Sentinel 6 system and responding to mistakes

Programming of Sentinel 6 Collectors

Introduction to collectors
Architecture of collectors
Creating collectors in Collectors Builder
Using the templates

Workshops

View and filter incoming events within the Control Center
Analyze and investigate events for asset, vulnerability, and relationship information
Manage the built-in incident response process
Install and run longer-term reports against the Sentinel data store, to provide visibility into trends, policies, and compliance controls
Plan a basic installation and understand the modules and components of the Sentinel Service-Oriented Architecture
Manage users and roles within the Sentinel system
Deploy and develop new correlation rules to detect network threat patterns across the enterprise
Manage and maintain the Sentinel database
Customize new incident response workflows to integrate with internal policies and procedures
Understand the details of the data collection system, data access and connection methods
Deploy and manage Collectors for new security devices types in the enterprise network
Fine-tune and enhance existing Collectors for the local environment and to enrich the incoming event data
Tie together various data sources into a comprehensive information system through the data collection system using local source files and the global mapping service

Requirements

This course covers a wide range of Sentinel functionality, from basic analyst training to custom collector development. There are no formal prerequisites, but to get full value from the class, the student is encouraged to know about basic concepts such as:

Basic networking: IP protocol/CIDR notation, HTTP(s)/FTP and other protocols, bandwidth, VLANs, Network Address Translation, DHCP, DNS, LDAP
Network security devices and operation: AV scanners, Intrusion Detection Systems, firewalls, vulnerability scanners, etc.
Basic security concepts: Identity/user/role management, access control, security policies, compliance and IT controls, incident response, encryption, reporting
Common network threats: viruses, DOS attacks, information leaks, trojans/worms, buffer overflows, etc.
Relational database concepts: tables, relationships and keys, joins, partitions, and so on
Basic programming concepts: Iterative logic, Boolean logic, evaluations and operators, variables and parameters, data objects, regular expressions, ASCII/Hex encoding, file/network/process input/output, debugging

Certificates

The participants will obtain certificates signed by Novell.

Locations

Krakow - 5 Tatarska Street, II floor, hours: 9:00 am - 4:00 pm
Warsaw - 17 Bielska Street, hours: 9:00 am - 4:00 pm

Trainer

Authorized Novell Trainer.

Training price

1050 EUR

Get more informations: