Course Overview
This course covers how to plan and install ArcSight Enterprise Security Manager (ESM) in Compact and Distributed Mode. You will also learn how to install and configure SmartConnectors, Forwarding Connectors, Syslog Connectors, customize ESM and the Console, configure Storage Groups, backup and restore ESM, manage certificates, manage users, and access Administrator reports and dashboards.
Highlights:
- Installing ArcSight ESM
- Installing Connectors
- Managing ArcSight ESM
Who should attend
This course is for Administrators who install, maintain, and troubleshoot ESM components
- Design and implement integrations between ArcSight ESM and other ArcSight products
- Proactively investigate the health of the ESM CORRE environment.
Prerequisites
To be successful in this course, you should have the following prerequisites or knowledge:
- Knowledge of ESM Concepts
- (Minimum) 6 Months ArcSight Administration Experience
- Database SQL statements experience
- Linux Administration experience
- Successful Completion of ArcSight ESM Administrator & Analyst Course or Equivalent Experience
Course Objectives
On completion of this course, participants should be able to:
- Identify the ESM communication strategy used between the various devices and components within an ESM Network
- Define each ESM operation modes and components, Compact and Distributed, and the issues ESM Distributed Mode comes to solve
- Plan, install, and run ESM in Distributed Mode
- Identify functions and navigate the Command Center UI
- Install and customize the ESM console
- Install and configure ArcSight SmartConnectors
- Install and configure a Forwarding Connector
- Setup Notifications
- Import Zone and Asset information with the Network Model wizard
- Customize ArcSight ESM using the properties files
- Describe and install ArcSight upgrades and patches
- Create Users and define User Permissions
- Review Administrator Reports, Dashboards and Filters
- Configure and manage storage groups
- Describe CORRE daily job archives
- Recognize how to Back up and restore ESM
- Describe and deploy uses of SSL technology in ArcSight ESM
Course Content
- Introduction to ESM Administration
- ESM Distributed Components
- Installing ESM Distributed Mode
- Maintaining ESM Properties Files and Upgrades
- Installing the ESM Console
- Installing SmartConnectors
- Managing the Network Model
- Configuring SmartConnector Destinations
- Installing the ESM Super and Syslog Connectors
- SmartConnectors Configurations and Advanced Features
- Command Center
- Accessing Administrator Content
- Content Management and Peering
- ESM User Administration and Notification
- ESM Certification Management
- ESM Backup and Restore
English