The RSA Archer NetWitness SecOps Implementation ondemand lab provides information on performing the implementation tasks of:
- Planning for the implementation
- Mapping data between SecOps and Security Analytics
- Integrating Enterprise Management
This self-paced on-demand lab, addresses the implementation and operationalization of the RSA NetWitness SecOps Manager Implementation. The course focuses on the primary tasks to implement and integrate SecOps with Enterprise Management and Security Analytics into a security solution. Course content includes an overview of how SecOps integration works, the importance of requirements identified in a statement of work and ACD design document, implementation roles and responsibilities, and the primary tasks to implement SecOps. The course includes a series of videos demonstrating the key implementation tasks.
Lab exercises provide students with the ability to practice what they have learned. To maximize the value of your learning experience, this course also includes access to RSA University’s virtual environment.
This course is intended for:
- RSA Professional Services Consultants
- RSA Partners
- MSSP Partners
- Consultants responsible for implementing SecOps
On-Demand Lab (self-paced eLearning with lab)
Lab exercises provide students with the ability to practice what they have learned. To maximize
the value of your learning experience, this course also includes access to RSA University’s virtual environment.
Accessing the Lab Environment
Lab exercises are performed in the RSA University virtual lab environment. The downloadable Lab Guide provides detailed instructions on access the environment. For more information please view the document Access RSA University Virtual Labs – available
on the RSA University site: RSA University Content.
To get the most from this course, participants should be familiar with the following:
- Familiarity with Windows Server Basics
- An understanding of SecOps from a practitioner’s perspective
- Experience with or knowledge of SecOps installation
- Familiarity with RSA Archer GRC
- A basic level of awareness of Security Analytics features and functions, data collection, and data flow.
- An understanding of Security Analytics Incident Management Fundamentals
Upon successful completion of this on-demand lab, participants should be able to:
- Configure, customize, and manage the implementation of SecOps in a customer environment.
- Configure and customize SecOps according to customer needs as described in a Statement of Work (SOW).
- Describe the end-to-end process of a SecOps implementation, including tasks, tools, processes, and completion criteria.
- Identify SecOps support, services, community, and other resources available for implementation assistance.
- Add additional meta data to SecOps
- Custom mapping meta data
- SecOps OOTB meta data
- Integrate the Enterprise Management plug-in
- Set UCF Endpoint
- Configure Device Criticality
- Configure SA Criticality Category
- Configure SA Live Feed
- Module 1: Basics and Concepts
- SecOps architecture and functionality
- SecOps sub-solutions
- How integration works with SA and with other products
- Module 2: Implementation Planning and Strategy
- Understanding the SOW
- SecOps Implementation Lifecycle
- Understanding the ACD Design
- Implementing 3rd-Party Alert Sources
- Module 3: Configuration and Customization
- SecOps Implementation Tasks
- Mapping data between SecOps – Security Analytics
- Integrating Enterprise Management Integrating SecOps with Archer Enterprise Management to provide business
context around critical assets.
- SecOps Implementation Tasks
- Module 4: Conducting the Implementation
- SecOps Implementation Check List
- SecOps Implementation Guide
- Critical roles during a SecOps implementation
- Implementation process / activities
- SecOps implementation completion criteria
- Module 5: Support, Services, Community, and Other Resources
- Engaging Customer Support
- Identifying additional support, services, and community resources