Introduction to Stealthwatch Implementation

Session Detail:    Virtual 2 Day

This course is designed to take a user through the initial introduction of flow in a network and introduces how Stealthwatch uses flows. It then introduces users to the Stealthwatch product and its functionality enabling you to proactively and reactively maintain network health. This course addressed the SMC client interface and SMC Web App Interface.

About this Course

This course is designed to take a user through the initial introduction of flow in a network and introduces how Stealthwatch uses flows. It then introduces users to the Stealthwatch product and its functionality enabling you to proactively and reactively maintain network health. This course addressed the SMC client interface and SMC Web App Interface.

Audience Profile

  • Customers whose role is to use the Stealthwatch System to monitor network performance.
  • Channel partners responsible for completing the initial configuration of the Stealthwatch System into a customer network.
  • Employees responsible for completing the initial configuration of the Stealthwatch System into a customer network.

At Course Completion

After completing this course you will be able to implement Stealtwatch in you network and collect forensic data. This course aims to do the following:

  • Introduce learners to Flow concepts
  • Introduce learners to Stealthwatch
  • Teach learners how to proactively and reactively use Stealthwatch to maintain the health of their network.

Prerequisites

This course is designed for network engineers who are interested in implementing Stormwatch in their network environment. To fully take advantage of this course and the topics covered therein, one must possess certain skills prior to attending. These skills include but are not limited to the following:

  • CCNA or equivalent knowledge
  • Familiarity with network security concepts
  • Basic Windows navigation skills

Session Outline

Class Outline

Module 1: Flow Basics

  • Netflow Overview
  • Flow Information
  • Flow Collector
  • Flow Stitching for bi-directional flow
  • Deduplication

Module 2: Introduction to Stealthwatch

  • What is Stealthwatch?
  • Types of input
  • Stealthwatch Management Console
  • Flow Collector
  • UDP Director
  • Flow Sensor
  • Cisco ISE
  • Threat Intelligence License
  • Visibility Through Netfow
  • Conversational Flow Record
  • Discovery
  • IOC
  • Response

Module 3: Introduction to Flow Collector

  • Overview of Flow Collector
  • Key Features of Flow Collector – Baselining of all IP traffic
  • Anomaly detection in traffic/host behavior
  • Layer 7 anomaly detection
  • Appliance or virtual deployment options
  • NAT stitching
  • P2P file sharing detection
  • Host and service profiling
  • Index-based prioritization technology OS fingerprinting
  • Support for application-aware flows such as NBAR2
  • Support for custom applications
  • Closest interface determination and tracking
  • Deduplication of flows
  • Virtual environment monitoring
  • Host Group tracking and reporting
  • Router interface tracking and reporting
  • Bandwidth accounting and reporting
  • Packet-level performance metrics
  • QoS (DSCP) monitoring
  • Interface utilization alarming
  • Unauthorized host access detection
  • Unauthorized Web server detection
  • Misconfigured firewall detection
  • Combined internal and external monitoring
  • Full flow logging
  • Worm detection
  • Botnet detection
  • DoS/DDoS detection (SYN, ICMP, or UDP flood)
  • Fragmentation attack detection
  • Network scanning and reconnaissance detection
  • Large file transfer detection
  • Rogue server detection
  • Long term flow retention

Module 4: Introduction to UDP Director

  • UDP Director Overview
  • Key Features of UDP Director
  • Simplifies collection of network and security data
  • Reduces points of failure on your network
  • Provides a single destination for all UDP formats on the network including Netflow, SNMP, syslog, etc
  • Reduces network congestion for optimum network performance

Module 5: Introduction to Proxywatch

  • Proxy watch overview
  • Key Features
  • Enhanced network visibility
  • Additional context around conversations
  • Follow the flow

Module 6: Introduction to StealthWatch Labs Intelligence Center (SLIC) Threat Feed

  • SLIC High Level Overview

Module 7: Stealthwatch Installation

  • VM editions
  • Recommended Resources
  • Required Ports
  • Example Deployment
  • Deploying the OVA
  • Logging into the SMC
  • Initial Setup
  • Adding Flow Collectors

Module 8: Stealthwatch Management Console

  • Overview of SMC
  • Key Features
  • User identity tracking
  • Appliance and virtual deployment options
  • Root-cause analysis and troubleshooting
  • Relational flow maps
  • NAT stitching
  • Custom dashboards
  • Custom reporting
  • Blocking, remediation or rate limiting
  • Top N reports for applications, services, ports, protocols, hosts, peers and conversations
  • Traffic composition breakdown
  • Customizable user interface based on Point-of-View technology
  • Advanced flow visualization
  • Internal and external monitoring
  • Capacity planning and historical traffic trending
  • WAN optimization reporting
  • DSCP bandwidth utilization
  • Worm propagation visualization
  • Internal security for high-speed networks
  • Customizing Views

Module 9: Case Study

  • Case Study 1
  • Case Study 2

Need to train your team?

All of our sessions can be customized to meet your team’s specific need. Build the perfect program by picking and choosing topics from any of the courses in our catalog. A personalized private session gives you the ultimate flexibility and helps maximize your team’s valuable time!

Requesting Team Training
DateTimeTypePriceAdd To Cart

Introduction to Stealthwatch Implementation

2 Day
Virtual

$2,375.00

Chat with a Coach

Chat with a Coach

Have a more immediate need? Why spend the next hour searching online for answers when you can spend just 15 minutes with one of our experts and get accurate and personalized answers to all of your questions. 

$9.99 | 15 Minutes

Book Now