Security Information and Event Management

Security information and event management (SIEM) is an approach to security management that seeks to provide a holistic view of an organization’s information technology (IT) security. A SIEM system collects logs and other security-linked support for analysis. Most SIEM systems work by deploying multiple collection agents in a hierarchical fashion to collect security-related events from end-user devices, hosts, network equipment -- and even specialized security equipment like firewalls, antivirus or intrusion prevention systems. The collectors forward events to a centralized management console, which performs inspections and flags anomalies. To permit the scheme to identify anomalous events, it’s significant that the SIEM administrator first creates a profile of the organization under normal event conditions.

Course Objectives

  • Comprehend Intrusion Tolerance, Prevention and Detection
  • Comprehend characteristics of a Robust SIEM
  • Install Alien Vault SIEM
  • Use Web Interface
  • Configure Sensor, Server, and Logger
  • Configure Network Inventory
  • Configure Vulnerability Scanning
  • Configure Signature Updates
  • Configure Tickets
  • Prologue to Cyberoam UTM
  • Install and configure Cyberoam
  • Monitor Security
  • and Logs with Cyberoam
  • Report analysis of Cyberoam.

Course Contents

Prerequisites
  • Basic Networking Knowledge

Interested in Koenig Training?

Fill out this simple form for a more detailed discussion on how can we help you better.

  • Captcha