MARS - Cisco MARS Training - Firefly Communications

Course	Length	Format	Select an option
Implementing Cisco Security Monitoring, Analysis and Response System (MARS) v3.0	4 days	Lecture/lab
Course outline
Lesson 1: Introducing CS-MARS Effective Security Monitoring and Management Cisco Self-Defending Network and the Role of Cisco Security MARS Cisco Security MARS Cisco Security MARS Terminology Cisco Security MARS Technologies Cisco Security MARS User Interface Cisco Security MARS Product Portfolio Lesson 2: Understanding the System Architecture Cisco Security MARS Software Components Cisco Security MARS Process Flow Details Lesson 3: Configuring a Cisco Security MARS Appliance Initial Cisco Configuration Overview Scenario: Configuration Tasks Deployment Planning Guidelines Lesson 4: Adding Reporting and Mitigation Devices Overview of Reporting and Mitigation Devices Scenario: Adding a Cisco Reporting Device and Enabling NetFlow Data-Enabling Features of Cisco Security MARS Integrating Cisco Security MARS with Third-Party Applications Lesson 5: Viewing the Summary Page Summary Page Overview Dashboard Network Status My Reports Lesson 6: Managing Rules Rules Overview Working with System and User Inspection Rules Working with Drop Rules Rule Groups Overview Lesson 7: Understanding Queries and Reports Query Page Scenario: Configuring a Query Reports Page Scenario: Configuring a System Report Lesson 8: Investigating and Mitigating Incidents Incidents Overview Incidents Scenario: Role of Cisco Security MARS in Your Network False Positives Case Management Scenario: Configuring a Case to Track an Incident Configuring Notifications Case Study: Preventing the W32 Blaster Worm Lesson 9: Working with User-Defined Log Parser Templates Overview of User-Defined Log Parser Templates Scenario: Configuring a Customer Parser Lesson 10: Integrating with Cisco Security Manager Overview of Cisco Security Manager Policy Table Lookup Scenario: Invoking Cisco Security Manager Policy Table Lookup from Cisco Security MARS Lesson 11: Managing and Administering the System Management Overview Overview of System Maintenance Tasks IPS Signature Dynamic Update Settings Upgrading the Cisco Security MARS Appliance Software Migrating Data from Cisco Security MARS 4.3.x to 5.3.x Lesson 12: Troubleshooting and Optimizing Cisco Security MARS Hardware Installation Issues Device Configuration Issues Global Controller-to-Local Controller Communications Sizing Cisco Security MARS Deployment Tuning Cisco Security MARS Securing Cisco Security MARS Lesson 13: Using the Cisco Security MARS Global Controller Cisco Security MARS Global Controller Overview Configuring the Cisco Security MARS Global Controller Summary Tab Incidents Queries and Reports Rules Management System Maintenance
Course labs
Lab: Accessing the Cisco Security MARS Appliance Lab: Adding Reporting Devices and Enabling NetFlow Lab: Configuring the Syslog Forwarding Feature Lab: Generating Summary Reports Lab: Configuring Cisco Security MARS Event Types Lab: Configuring an Inspection Rule Lab: Performing a Query and Creating a Custom Report Lab: Performing Incident Investigation and Mitigation Lab: Configuring the Custom Parser Lab: Performing Cisco Security Manager Policy Lookup Lab: Reviewing the CLI and Upgrading the Device Version Lab: Configuring IPS Auto Signature Download Lab: Configuring AAA RADIUS Authentication and Working with the Account Locking and Session Timeout Menu Lab: Retrieving Raw Messages

CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, Cisco, Cisco IOS, Cisco Systems, the Cisco Systems logo, and Networking Academy are registered trademarks or trademarks of Cisco Systems, Inc. and/or its affiliates in the U.S. and certain other countries. All other trademarks mentioned in this document or Web site are the property of their respective owners.