Fortinet NSE 7 Advanced Analytics Certification Training Course: Exam - NSE7_ADA-5.2

Download Course Contents

NSE 7 Advanced Analytics Course Overview

Enrol for the 2-day NSE 7 Advanced Analytics certification training course from Koenig Solutions accredited by Fortinet. In this three-day course, you will learn how to use FortiSIEM in a multi-tenant environment. You will learn to add various organizations to FortiSIEM and discover devices from each organization. You will learn to differentiate logs and events from each organization and apply appropriate rules.

You will dive deep into rules and their architecture. You will also learn about incidents and how they are generated when a rule is triggered. You will learn about different clear conditions. You will also dive deep into baseline calculations performed on FortiSIEM. You will learn to create your own baseline profile and run queries based on the profile. Finally, you will learn the methods of remediation available on FortiSIEM.

Through a blend of hands-on labs and interactive lectures, you will explore the role of FortiSIEM in a service provider environment. You will configure FortiSIEM in a cluster with a worker and NFS server for data storage. You will add organizations to FortiSIEM and manage the scope of each organization. You will register collectors from those organizations on FortiSIEM. You will also register Linux and Windows agents. You will analyze events from different organizations and understand how those events trigger some of the built-in rules.

You will create your own rules and generate security events to trigger incidents for those rules.

This is a Rare Course and it can be take up to 3 weeks to arrange the training.

  • 1. Do you have limited Window for training?
  • 2. Can you only spend 4-hours per day?
  • 3. Do you want to start training immediately?
  • If your answer is yes to any one of the above, you need 1-on-1- Training
The 1-on-1 Advantage
Flexible Dates
4-Hour Sessions
  • View video
  • The course will be free if we are not able to start within 7 days of booking.
  • Only applicable for courses on which this logo appears.

Your will learn:

  • Details are not available.
  • Details are not available.
  • Details are not available.
  • Details are not available.
  • Details are not available.
  • Details are not available.
  • Details are not available.
Live Online Training (Duration : 24 Hours) Fee On Request
Group Training Date On Request
1-on-1 Training
4 Hours
8 Hours
Week Days

Start Time : At any time

12 AM
12 PM

1-On-1 Training is Guaranteed to Run (GTR)
Classroom Training (Available: London, Dubai, India, Sydney, Vancouver)
Duration : On Request
Fee : On Request
On Request
Classroom Training is available. Enquire for the fee Click
Ultra-Fast Track

If you can't spare 24 hours. We can offer you an Ultra-Fast Track for 12 hours

Course Prerequisites
  • Knowledge of network protocols
  • Basic understanding of firewall concepts
  • Basic understanding of SIEM products
  • Basic understanding of Linux
It is highly recommended that you have an understanding of the topics covered in the NSE 5 FortiSIEM course.

Target Audience:

Security professionals involved in the management, configuration, administration, and monitoring of FortiSIEM devices in an enterprise or service provider deployment used to monitor and secure the networks of customer organizations should attend this course.

Participants should have a thorough understanding of all the topics covered in the Fortinet training before attending the NSE 7 Advanced Analytics course.

Learning Objectives:

  • Identify various implementation requirements for a multi-tenant FortiSIEM deployment
  • Understand how FortiSIEM can be deployed in a hybrid environment with and without collectors
  • Understand EPS restrictions on FortiSIEM
  • Define organizations on FortiSIEM and assign collectors to organizations
  • Deploy collectors in a multi-tenant solution
  • Register collectors on the supervisor
  • Understand the impact of excessive collectors on a FortiSIEM cluster
  • Identify the impact of excessive collectors on a FortiSIEM cluster
  • Manage EPS assignment on collectors
  • Manage collector high availability
  • Maintain and troubleshoot a collector installation
  • Install Windows and Linux agents and identify the benefits of log collection through agents
  • Understand agent architecture and associate templates with Windows and Linux agents
  • Understand rule processes architecture and differentiate between a rule worker and a rule master
  • Understand how the rule engine sliding time window works when it is evaluating rules
  • Understand the out-of-the-box single pattern security rules and how to create rules by evaluating security events
  • Define actions for a single pattern security rule
  • Understand incident generation and identify the attributes that trigger an incident
  • Identify multiple pattern security rules and define conditions and actions for them
  • Understand how baseline data is useful in creating conditions in rules
  • Differentiate between a standard report and a baseline report
  • Understand the built-in baseline profile and learn to create your own baseline profiles
  • Understand how statistical average and standard deviation calculations are performed on FortiSIEM
  • Understand hourly buckets for weekdays and weekends
  • Clone and edit some out-of-the-box baseline rules

Request More Information

Add Name and Email Address of participant (If different from you)