Search for Training

RSA NetWitness Administration

Course Overview


The RSA NetWitness Administration training course focuses on administration of the RSA NetWitness product. This course provides an overview of RSA NetWitness, hands-on installation and configuration of components, including a Log Decoder, managing users, and creating filters and rules. Additionally, the RSA NetWitness Administration course covers integration with other products, monitoring capabilities and troubleshooting of common issues.

Course Content


RSA NetWitness Overview   

  • RSA NetWitness architecture
  • RSA NetWitness components
  • Data flow between components

Appliance Setup and Software Installation   

  • RSA NetWitness appliance setup
  • RSA NetWitness software components

Configuring RSA NetWitness   

  • Managing Services
  • Configuring and Managing Devices
  • Setting up data collection of packets and logs
  • Viewing packets and logs in Investigator

RSA NetWitness Live   

  • RSA NetWitness Live Overview
  • Configuring NetWitness Live subscriptions
  • Managing a Live feed

Managing Users   

  • User management interface
  • User groups and roles
  • Creating users and groups
  • Viewing groups and roles
  • Configuring external authentication
  • Editing user settings
  • Informer roles
  • Creating Informer Users

Creating Rules and Filters   

  • Rules, filters, feeds and parsers
  • Decoder filters and Informer rules
  • Best practices for creating filters and rules
  • Creating Decoder filters
  • Creating Informer rules and alerts
  • Creating a feed
  • Pushing a rule to the Decoder
  • Reprocessing a collection

Integrating RSA NetWitness with Other Products   

  • NetWitness SIEM link
  • Setting up Informer to communicate with SIEM products
  • Connecting to HP ArcSight
  • The RSA enVision Connector

Monitoring RSA NetWitness   

  • Tools that can be used to monitor RSA NetWitness components
  • Configuring SNMP
  • Monitoring NetWitness components for performance and efficiency
  • Tips and best practices for tuning the Decoder, Concentrator, Broker and Informer
  • Methods for viewing and modifying logs

Troubleshooting RSA NetWitness   

  • Common problems
  • Investigating and resolving common problems
  • Troubleshooting tools

Customer Reviews


Thanks to Xpertised and the tutor who walked me through all the topics with Practical exposure which is helping me in my current project.
-Waseem

Course was quite helpful in terms of understanding of concepts and practicality. Its really a very friendly environment to learn. The timing were mutually chosen, as we both are working professional. I am quite satisfied with the course.
-Tanmoy

...more
Share:

For Batch Details
Call us at: +91 7259222234

Not sure? Consult Our Experts

What is the sum of 8 + 9? (security question)

Looking for a Training for

Myself

My Team/Organization

I agree to be contacted over mail or phone

or
Call us at: +91 7259222234

Subscribe to our weekly newsletter