IS613G: IBM Security Network Intrusion Prevention
System 4.6 Configuration and Deployment
.png) |
Recommended Duration: 2 Days Skill Level: Basic Cost: $2,300 (b/GST) |
|---|
QRadar SIEM provides deep visibility into network, user, and application activity. It provides collection, normalization, correlation, and secure storage of events, flows, assets, and vulnerabilities. Suspected attacks and policy breaches are highlighted as offenses. In this course, you learn to navigate the user interface and how to investigate offenses. You search and analyze the information from which QRadar SIEM concluded a suspicious activity. Hands-on exercises reinforce the skills learned.
Course Agenda
 |
Describe intrusion prevention concepts and the IBM Security Network Intrusion Prevention System (IPS) |
|
Connect an IBM Security Network Intrusion Prevention Systemappliance to your network |
|
Configure the initial settings on the appliance and register it with SiteProtector |
|
Manage the IBM Security Network Intrusion Prevention Systemusing SiteProtector |
|
Configure firewall rules for IBM Security Network Intrusion Prevention System |
|
Configure protection domains, security events, and response filters |
|
Configure the X-Force Virtual Patch, data loss prevention, and web application protection policies |
|
Configure user-defined events, tuning parameters, OpenSignature events, and connection events |
|
Enable S.N.O.R.T and configure S.N.O.R.T rules for IBM Security Network Intrusion Prevention System |
|
Integrate the IBM Security Network Intrusion Prevention System with IBM QRadar SIEM |