Security Analytics Administration Training

Live Online & Classroom Enterprise Training

Security Analytics Administration Training provides an overview of RSA Security Analytics, hands-on configuration of components, managing users, and creating filters and rules

Looking for a private batch ?

REQUEST A CALLBACK

Certified Trainer
Authorized Courseware
Completion Certificate from ATP

Enterprise Reporting
Lifetime Access
CloudLabs
24x7 Support
Real-time code analysis and feedback

What is Security Analytics Administration Training about?

The course provides an overview of RSA Security Analytics hands-on configuration of components managing users and creating filters and rules. Additionally the course covers integration with enVision and monitoring capabilities.

What are the objectives of Security Analytics Administration Training ?

At the end of Security Analytics Administration training course, participants will learn to:

Describe the Security Analytics architecture
Describe the Security Analytics Warehouse
Describe the licensing process
Describe the Security Analytics User Interface
Customize the interface
Configure and license devices
Create device groups
Add users and groups
Set permissions for users and groups
Configure external authentication to Active Directory
Set up integration with RSA enVision or event sources
Configure data capture including log collection
Configure Live Manager
Deploy feeds to the Decoder
Configure the Reporting Engine
Create filters and rules on the Decoder
Use the REST API for basic tasks
Configure SNMP
Monitor the environment
Identify and resolve issues
Describe the RSA enVision to Security Analytics migration process

What are the prerequisites for Security Analytics Administration Training?

Familiarity with networking fundamentals and general information security concepts.
Familiarity with Linux.

Available Training Modes

Live Online Training

18 Hours

Classroom Training

3 Days

Course Outline Expand All

Expand All

1. RSA Security Analytics Overview

What is RSA Security Analytics

RSA Security Analytics architecture

Licensing

RSA Security Analytics Data flow

Data sources

Deployment scenarios

The Virtual Environment

RSA Security Analytics user interface

Customizing the interface

2. Configuring RSA Security Analytics

Configuring devices

Configuring Live

Custom feeds

Configuration files

Configuring the Reporting Engine

Configuring Context Menu Actions

Configuring the Warehouse

Configuring the Warehouse Connector

Configuring the Archiver

Configuring Event Stream Analysis (ESA)

Configuring Malware Analysis

3. Setting Up Data Collection

Setting up capture for packets and log data

Configuring log collection

Setting up collection for: - File Reader - tWindows - tODBC - tCheck Point - tVMware - tSDEE - tSNMP - tSyslog -

Testing data capture

4. Managing Users

User administration overview

Managing device users

Managing RSA Security Analytics users

Configuring external authentication (Active Directory)

5. Creating Rules, Reports and Alerts

Rules overview - Rules data flow - tBPF - tNetwork rules - tApplication rules - tCorrelation rules -

Navigating data

Creating Reports

Creating Charts

Creating Alerts

Role Based Access Control

6. Monitoring the environment

Viewing statistics

Monitoring devices

Monitoring query performance

Monitoring Concentrator aggregation

Tuning the Index

Resetting the databases

Viewing logs

REST API

Troubleshooting log collection

Crash Reporter

7. Migrating from RSA enVision to RSA Security Analytics

Migration overview

The Z-Connector

Configuring the IPDB Extractor Service

Migrating enVision data

Who is the instructor for this training?

The trainer for this Security Analytics Administration Training has extensive experience in this domain, including years of experience training & mentoring professionals.

Reviews

My outlook on training changed completely after attending SpringPeople BPC training. The content, the trainer and infrastructure at SpringPeople were top notch and perfectly in tune with the industry requirements. Regardless to say, training is now something that I look forward to to. Kudos to everyone at SpringPeople!

Shweta Priya

Sony

I attended the 3-day AngularJs training at SpringPeople. The trainer was an industry veteran with vast experience in the subject. Notably, the hands-on training, and the Q&A session stood out. Overall, I found SpringPeople a great place to learn with excellent facilities and great trainers. Would recommend SpringPeople to my colleagues and friends.

Swati Singh

I attended the training on API Design for Mulesoft. The sessions were well planned and value-laden. I benefited immensely from the hands-on experience enabled through virtual labs. I would like to specifically commend the efficiency of the support team who were always available to resolve my concerns.

Nikhil Kohli

Stryker

I attended the jQuery training batch, conducted by Mr. Vijay, an SME who did a thorough coverage of all the essentials. He took us through concepts such as jQuery animations, event handlers, plugins, and jQuery-UI by small programs, very easily. The sessions were useful and well structured. By the end of the training, I was well equipped to develop a SPA on Product Management System. Overall, the learning experience at SpringPeople was great!

Heena Rajan

Mindtree