Course Description

The Introduction to SiteProtector with Proventia Intrusion Prevention Appliances (G400/2000) course provides concepts, methods and practices necessary to successfully use the SiteProtector management tool with Proventia G400/2000 appliance, RealSecure Server Sensor and Internet Scanner. The course focuses on hands-on exercises supported by demonstrations, presentations and lecture. Starting with an introduction to the SiteProtector architecture and its various components, students learn about the role of each component and how they act in concert to monitor and protect an enterprise network. Students also learn how to install and configure SiteProtector, how to manage and configure G400/2000 appliances and Server Sensor, how to run discovery and vulnerability scans and how to monitor and analyze security events for network assets.

Note: If your SiteProtector deployment uses RealSecure Network Sensors rather than Proventia G400/2000 appliances, then you may want to register for the Introduction to SiteProtector course instead of this course.

If your needs call for more in-depth Proventia Intrusion Prevention Appliance knowledge, then you may want to register for the Proventia Intrusion Prevention Appliance (G Series) Course.

Key Instructional Focus and Objectives:

• Describing SiteProtector's system architecture and how it integrates data from various network agents, host-based agents and network- and host based scanners.
• Explaining SiteProtector installation options and the different approaches for deploying SiteProtector components on a network.
• Migrating from RealSecure Workgroup Manager to SiteProtector.
• Performing a Custom SiteProtector installation on multiple computers.
• Using the SiteProtector Console to monitor security events and to manage appliances, sensors/agents and scanners.
• Using the SiteProtector Web Portal to view the status of SiteProtector assets and monitor security events.
• Organizing SiteProtector and network assets to facilitate effective management and analysis.
• Importing Active Directory groups and host information into SiteProtector.
• Using event analysis best practices.
• Using the SiteProtector Reporting Module to run Site reports.
• Using the Policy Editor to configure sensor policies and responses.
• Working with policies for Proventia appliances and RealSecure Network and Server Sensors.
• Configuring SiteProtector components, Proventia appliances, RealSecure Network and Server Sensors, Internet Scanner and Proventia Desktop.
• Using SiteProtector to run Internet Scanner discovery and vulnerability scans.
• Using the SiteProtector Enterprise Dashboard to facilitate trend analysis and run Enterprise reports.
• Applying X-Press Updates to SiteProtector components, appliances, sensors/agents and scanners.
• Configuring SiteProtector Database maintenance settings.

Key Hands-on Lab Focus and Objectives

• Installing and configuring SiteProtector components: Deployment Manager, Application Server, Site Database, Event Collector, Agent Manager, X-Press Update Server.
• Installing sensors and scanners: RealSecure Server Sensor and Internet Scanner.
• Using the SiteProtector Console to monitor event data, and manage sensors and scanners.
• Applying X-Press Updates to SiteProtector components, appliances, sensors and scanners.
• Creating Analysis views and data filters.
• Creating a Baseline view.
• Displaying detailed information about security events.
• Creating incidents and exceptions.
• Exporting Analysis view data.
• Running Site and Enterprise reports.
• Using the Policy Editor to configure policies and responses.
• Configuring policy settings, including firewall rules, connection events, protection domains and response objects for Proventia G400/2000 intrusion prevention appliances.
• Configuring properties for sensors and scanners: RealSecure Server Sensor and Internet Scanner.
• Configuring Server Sensor security events, filters and dynamic blocking.
• Configuring predefined and user defined sensor responses.
• Configuring event propagation settings.
• Applying policies to sensors and groups.
• Running a discovery scan and a vulnerability scan.