This website uses cookies. By clicking OK, you consent to the use of cookies. Click Here to learn more about how we use cookies.
OK
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

RSA enVision® Discussions

Browse the RSA enVision discussion board to get product help and collaborate with other users of RSA enVision.
RSAAdmin
Beginner
Beginner
‎2008-07-28 01:00 PM

Thoughts on "RSA enVision Administration and Operation" Training July 22 - 24, 2008

I just got back from Bedford, Massachusetts after attending the "RSA enVision Administration and Operation" training class.  It was held at the RSA Headquarters and was an instructor led class. 

 

I have to say, being new to enVision, that this class was worth every penny.  The insights into the various features of the application were very helpful in understanding its use.  Although, I must admit that some of the topics I was hoping the class would cover were not included.  For example, there was no discussion of the "lsmaint" command. 

 

Overall, the class did a great job in exposing the major facets of the application and had many accompanying labs.  We did quite a few of the "hands on" exercises in the lab manual.  The instructor was knowledgeable of enVision and was able to answer most of the questions the class had.  However, I did get the impression that he did not use application in a production environment.  But that was certainly OK, the important subject matter was discussed thoroughly. 

 

If you are new to enVision like me and have the opportunity to take the class, it will *definitely* help fill in any holes of knowledge you might be missing.  In fact, RSA should include the price of this class when they sell the appliances – it would help any aspiring administrator get off to the right foot with enVision. 

 

Another interesting note from the class – the networking opportunity with fellow enVision administrators.  The overall class was about the same skill level – some people had more experience than others, but not by much.  I hope my classmates find their way to the Intelligence Community so we can exchange tips and tricks...

 

DebbieU, they did mention the Intelligence Community in class (as well as my Sales Rep, Morgan Miller and a colleague, Paul a fellow with an English accent mentioned it as well).

0 Likes
Reply
5 Replies
RSAAdmin
Beginner
Beginner
‎2008-07-28 01:26 PM

Thanks for the class summary. I've sent a note to the head of Training so that she can make sure to incorporate mention of the Intelligence Community into all enVision training classes.

 

You'll be happy to note that a description of lsmaint will be included in the next enVision release. We'll also include examples of how to use it to do necessary tasks like backing up data, deleting, moving, copying, etc.

 

Have any recommendations for additional courses we could offer?

0 Likes
Reply
RSAAdmin
Beginner
Beginner
In response to RSAAdmin
‎2008-07-30 03:21 PM

Being new to enVision it is a little hard to say.  Perhaps some of the veteran admins out there can chime in.  One topic area that I could see diving deeper into would be alerts, correlation, and VAM usage.  These topics were covered, but I believe a one or two day class on these topics alone would be great for the intermediate level admin or a refresher for the expert admin.

 

Of course, the labs would have to be much harder than the simple alerts we created.

0 Likes
Reply
RSAAdmin
Beginner
Beginner
In response to RSAAdmin
‎2008-07-31 03:02 PM

Yes I do have some suggestions to add to courses

 

suggestion is an advanced reporting class: since envision 3.7.0 clearly lacks a online help of the values of the different table entries and the relation to the devices who's data will fill the tables, there certainly should be a routine to go from devicemsg.xml to table to value to report-sql

then you can play magic with the reporting gui

 

perhaps an dummies guide to envision reporting-sql, or an 1 day course of "building sql-queries for reporting" 

 

another suggestion is a 1 day course for just novice users,

who will run predefined reports, but are not too well into this topic

 

regards Ernst M

0 Likes
Reply
RSAAdmin
Beginner
Beginner
In response to RSAAdmin
‎2008-09-22 07:40 PM

I took the RSA enVision Essentials course only to find out that it was for the Sales Channel.

As I was the end user I didn't find it very suited to my needs.  My co-worker took the Adminsitration course, but wanted more.

 

I'd like to see more details on how to capture and report on specific information. 

We have many inhouse built programs that log to the Event Viewer logs, using our own LogID numbers,  It would have been nice to see how to develop the XML to parse this.

 

Tim  

0 Likes
Reply
RSAAdmin
Beginner
Beginner
In response to RSAAdmin
‎2008-09-22 08:47 PM

This is excellent feedback, thanks Tim. We are currently evaluating our training and documentation needs and will add these requests to the list.
0 Likes
Reply
© 2020 RSA Security LLC or its affiliates.
All rights reserved.