IBM Security

IS680G: IBM Network Protection Advanced Topics


             Recommended Duration: 3 Days
Skill Level: Advanced
Cost: $3,800 (b/GST)

This course will teach you how to combat advanced threats and protect web applications. It focuses on advanced configuration and administration of the IBM Network Protection (XGS) appliance. Learn how XGS uses X-Force, PAM, Injection Logic Engine, and other tools to prevent attacks. You also learn how to use APIs to interact with the appliance, implement SNMP, set up a high availability configuration, and migrate policies from the IBM Network IPS appliance to XGS. Troubleshooting techniques are also taught.


Audience


This course is designed for security administrators, security analysts, security technical architects, offense managers, network administrators, professional services using IPS solutions, and IPS administrators.

Minimum Pax To Run:

  • 2 Students

Prerequisites


Before taking this course, make sure that you have the following skills:

  • IT infrastructure
  • IT security fundamentals
  • Linux
  • Windows
  • Basic experience with the WMware environment
  • TCP/IP networking
  • Experience navigating and using the Network Protection local management interface

Before attending this course, you should be proficient in using the Network Protection local management interface or IS671G: IBM Security Network Protection Administration and Configuration .

Course Agenda


Describe how IBM X-Force, the Protocol Analysis Module, and eXpress updates can help prevent attacks
Use the Injection Logic Engine to prevent SQL Injection and cross-site scripting attacks
Compare how the appliance can address security issues listed in the Open Web Application Security Project (OWASP) Top 10 report
Provide a high-level description of advanced persistent threat attacks that gained media attention
Describe how the Network Protection applicance can protect against mutated attacks
Manage the appliance using application programming interfaces (APIs)
Configure SNMP alerts generated by response objects and system alerts
Use a variety of processes, files, and tools to troubleshoot the appliance
Use the appliance in high-availability networks
Migrate legacy policies from the Network IPS appliance to the Network Protection appliance


Course Overview


Day 1

  • Unit 1: Protecting against various attacks
  • Unit 2: Protecting web applications using the PAM Injection Logic Engine (ILE)
  • Unit 3: Web application protection and the OWASP Top 10 Project
  • Unit 4: Combating advanced persistent threat attacks

Day 2

  • Unit 5: Combating mutated attacks
  • Unit 6: Using an API to interact with XGS appliances
  • Unit 7: Implementing SNMP

Day 3

  • Unit 8: Troubleshooting techniques
  • Unit 9: Implementing high availability using XGS
  • Unit 10: Migrating IBM Network IPS (GX) policies to IBM Network Protection (XGS)