Cisco
Technology
Security
Cisco Stealthwatch for Network Operations (SNO)

Cisco Stealthwatch for Network Operations is a two-day lab intensive course that focuses on how to monitor your network's health and provides helpful workflows that allow you to quickly react to common network operations issues.

About the course

Prerequisites

The knowledge and skills that the learner should have before attending this course are as follows:

  • Flow Basics
  • Cisco Stealthwatch Overview and Components
  • Cisco Stealthwatch SMC Client Interface Overview

Course Objectives

Upon completing this course, the learner will be able to meet these overall objectives:   

  • Explain what Cisco Stealthwatch is and how it works.
  • Describe the goals of using Cisco Stealthwatch in the proactive and operational modes.
  • Define basic concepts of investigation and detection of potential security issues using the Cisco Stealthwatch System.
  • Complete workflows to identify indicators of compromise in your network.
  • Describe alarm types and alarm notification within Cisco Stealthwatch.
  • Explain the utility of maps in the Cisco Stealthwatch System.
  • Describe how the Cisco Stealthwatch System contributes to successful incident handling
Course content

Module One

  • Welcome and Course Overview
  • Stealthwatch Technical Overview
  • Introduction to Network Operations
  • Proactive Monitoring
  • Validate Exporters
  • Manage Hosts and Host Groups
  • Proactive Monitoring
  • Utilize Maps
  • Configure Host Locking Rules

Module Two

  • Day One Review
  • Proactive Monitoring Continued
  • Create Custom Security Events
  • Manage Policies
  • Set Response Management Rules
  • Reactive Tasks
  • View Current Interfaces
  • Investigate Slow Response
  • Review the Web Application: What’s New?
  • Wrap-Up
Who Should Attend

The primary audience for this course is as follows:

  • Customers who are new to the Stealthwatch System and face specific challenges related to network health and maintenance on a daily basis.