RSA NetWitness SecOps Manager Implementation

Document created by Connor Mccarthy Employee on Nov 14, 2017Last modified by Connor Mccarthy Employee on Mar 30, 2018
Version 8Show Document
  • View in full screen mode

OnDemandLabDetails

Register

 

 

 

In order to register for a class, you need to first create an EMC account
If you need further assistance, contact us

 

 

Summary

The RSA Archer NetWitness SecOps Implementation ondemand lab provides information on performing the implementation tasks of:

  • Planning for the implementation 
  • Mapping data between SecOps and Security Analytics
  • Integrating Enterprise Management

 

Overview
This self-paced on-demand lab, addresses the implementation and operationalization of the RSA NetWitness SecOps Manager Implementation. The course focuses on the primary tasks to implement and integrate SecOps with Enterprise Management and Security Analytics into a security solution. Course content includes an overview of how SecOps integration works, the importance of requirements identified in a statement of work and ACD design document, implementation roles and responsibilities, and the primary tasks to implement SecOps. The course includes a series of videos demonstrating the key implementation tasks.

 

Lab exercises provide students with the ability to practice what they have learned. To maximize the value of your learning experience, this course also includes access to RSA University’s virtual environment.


Audience
This course is intended for:

  • RSA Professional Services Consultants
  • RSA Partners
  • MSSP Partners
  • Consultants responsible for implementing SecOps


Delivery Type
On-Demand Lab (self-paced eLearning with lab)

 

Lab exercises provide students with the ability to practice what they have learned. To maximize
the value of your learning experience, this course also includes access to RSA University’s virtual environment.


Accessing the Lab Environment

Lab exercises are performed in the RSA University virtual lab environment. The downloadable Lab Guide provides detailed instructions on access the environment. For more information please view the document Access RSA University Virtual Labs – available
on the RSA University site: RSA University Content.

 

Prerequisite Knowledge/Skills

To get the most from this course, participants should be familiar with the following:

  • Familiarity with Windows Server Basics
  • An understanding of SecOps from a practitioner’s perspective
  • Experience with or knowledge of SecOps installation
  • Familiarity with RSA Archer GRC
  • A basic level of awareness of Security Analytics features and functions, data collection, and data flow.
  • An understanding of Security Analytics Incident Management Fundamentals

 

Learning Objectives
Upon successful completion of this on-demand lab, participants should be able to:

  • Configure, customize, and manage the implementation of SecOps in a customer environment.
  • Configure and customize SecOps according to customer needs as described in a Statement of Work (SOW).
  • Describe the end-to-end process of a SecOps implementation, including tasks, tools, processes, and completion criteria.
  • Identify SecOps support, services, community, and other resources available for implementation assistance.
  • Add additional meta data to SecOps
    • Custom mapping meta data
    • SecOps OOTB meta data
  • Integrate the Enterprise Management plug-in
    • Set UCF Endpoint
    • Configure Device Criticality
    • Configure SA Criticality Category
    • Configure SA Live Feed

 

Course Outline

  • Module 1: Basics and Concepts
    • SecOps architecture and functionality
    • SecOps sub-solutions
    • How integration works with SA and with other products

 

  • Module 2: Implementation Planning and Strategy
    • Understanding the SOW
    • SecOps Implementation Lifecycle
    • Understanding the ACD Design
    • Implementing 3rd-Party Alert Sources

 

  • Module 3: Configuration and Customization
    • SecOps Implementation Tasks
      • Mapping data between SecOps – Security Analytics
      • Integrating Enterprise Management Integrating SecOps with Archer Enterprise Management to provide business
        context around critical assets.
         
  • Module 4: Conducting the Implementation
    • SecOps Implementation Check List
    • SecOps Implementation Guide
    • Critical roles during a SecOps implementation
    • Implementation process / activities
    • SecOps implementation completion criteria

 

  • Module 5: Support, Services, Community, and Other Resources
    • Engaging Customer Support
    • Identifying additional support, services, and community resources

 

 

OnDemandLabDetails

Register

 

 

 

In order to register for a class, you need to first create an EMC account
If you need further assistance, contact us

Attachments

    Outcomes