rozšírené vyhľadávanie
Máte nejaké otázky?
+420 731 175 867 (Po-Pá: 09-17hod.)
SK
0 Košík

ARC4300i – Installing and Configuring ArcSight Platform

Kód kurzu: ARC430

This instructor-led course teaches you how to install and configure ArcSight Platform 23.2 on-premise with the ArcSight Platform Installation program.

3 860 EUR

4 632 EUR s DPH

Najbližší termín od 12.05.2025

Výber termínov
Máte otázku?
+420 731 175 867 edu@edutrainings.cz

Odborní
certifikovaní lektori

Mezinárodne
uznávané certifikácie

Široká ponuka technických
a soft skills kurzov

Zobraziť soft skills kurzy

Skvelý zákaznicky
servis

Prispôsobenie kurzov
presne na mieru

Termíny kurzov

Počiatočný dátum: 12.05.2025

Forma: Virtuálna

Dĺžka kurzu: 5 dní

Jazyk: en

Cena bez DPH: 3 860 EUR

Registrovať

Počiatočný dátum: Na vyžiadanie

Forma: Virtuálna

Dĺžka kurzu: 5 dní

Jazyk: en

Cena bez DPH: 3 860 EUR

Registrovať

Počiatočný
dátum		 Miesto
konania		 Forma Dĺžka
kurzu		 Jazyk Cena bez DPH
12.05.2025 Virtuálna 5 dní en 3 860 EUR Registrovať
Na vyžiadanie Virtuálna 5 dní en 3 860 EUR Registrovať
G Garantovaný kurz

Nenašli ste vhodný termín?

Napíšte nám o vypísanie alternatívneho termínu na mieru.

Kontakt

Popis kurzu

On completion of this course, participants should be able to:

  • Describe the ArcSight Platform and its Architecture
  • Describe the system requirements
  • Install ArcSight Platform
  • Verify a successful installation
  • Configure ArcSight Platform to ingest events
  • Configure collectors and CTH with ArcMC
  • Configure Topics and Routes
  • Configure ESM and SOAR Integration
  • Manage ArcSight Users
  • Enable Single Sign-On
  • Add features to an existing ArcSight installation

Cieľová skupina

This course is designed for Security Professionals and SOC Administrators, who are responsible for deploying and administrating the ArcSight Platform within their environment.

Štruktúra kurzu

Module 1: Architecture

  • Describing the ArcSight Platform and its Architecture
  • Describing the underlying CDF infrastructure
  • Identifying the ArcSight Platform Capabilities
  • Explaining other related components to the Platform
  • Considerations and Best Practices

Module 2: System Requirements

  • Describing the following:
    o System Requirements
    o Host Requirements
    o DNS requirements
    o NFS Requirements
    o ArcSight Database

Module 3: YAML Files

  • Configuring the ArcSight Platform YAML Files

Module 4: Installing ArcSight Platform

  • Pre-installing ArcSight
  • Installing ArcSight

Module 5: Post-Install Activities

  • Checking the status of the ArcSight Platform Installation
  • Accessing and exploring the ITOM Management Portal
  • Running the post-install command to finalize the deployment
  • Uploading License Files under the ITOM Management Portal
  • Logging into Fusion for the First Time

Module 6: Transformation Hub Management from Fusion ArcMC

  • Validating a successful integration between Transformation Hub and the new containerized ArcMC available in Fusion
  • Retrieving the master root certificate

Module 7: Producing Events and Transformation Hub Ingestion

  • Recognizing and describing how events are produced
  • Describing event formats: classic (CEF) and AVRO
  • Installing a CEF Producer and AVRO Producer of events
  • Detailed walkthrough of the configuration steps and all parameters
  • Sending Test Alerts Replay Events to Transformation Hub
  • Validating Topics and Transformation Hub Ingestion

Module 8: Collectors and CTH Deployment from ArcMC

  • Defining the difference between a Collector and Connector
  • Listing the advantages of using Collectors
  • Describing what’s needed to perform a Collector Deployment using ArcMC
  • Deploying CTH from ArcMC and route events from th-syslog to other topics

Module 9: Topic and Route Management

  • Managing Topic and Routes
  • Local vs Global Event Enrichment
  • Types of Stream Processor Instances in Transformation Hub
  • Configuring Topics and Routes – Step by Step Example for Global Event Enrichment

Module 10: Integrating ESM and SOAR

  • Configuring the ESM and SOAR Integration
  • Verifying a Successful Integration

Module 11: Enabling Single Sign-On

  • Configuring the ESM Admin User for Single Sign-on
  • Enabling Single Sign-on

Module 12: Managing Users in ArcSight

  • Managing ArcSight Users Overview
  • Managing ESM Users
  • Managing Fusion Users
  • Managing SOAR Users
  • Defining Recon User Permissions and Roles
  • Defining Intelligence User Permissions and Roles

Module 13: Adding More ArcSight Capabilities

  • Describing the benefits of adding more ArcSight capabilities
  • Adding more ArcSight capabilities
  • Specify mandatory filtering on pre-defined fields or user-specified fields
  • Create lookup values for field attributes
  • Create and use parameters and parameter groups

Predpokladané znalosti

This course assumes a familiarity working with command line tools, have experience deploying applications in Windows and Linux environments, and having computer desktop, browser, and file system navigation skills.

Potrebujete poradiť alebo upraviť kurz na mieru?

pruduktová podpora

+420 731 175 867

edu@edutrainings.cz