This basic course is designed for network and security professionals who evaluate, implement, manage, or monitor the IBM Security Network Protection appliance.
This course provides processes, procedures, and practice necessary to configure the Network Protection appliance to protect your network. The following topics are included in this course: Create objects used to configure appliance policies Configure network access policy rules Create intrusion prevention policy objects Capture packets Use event filters and advanced tuning parameters to tune events Use IP data to monitor the network Use authentication to control network access Configure SSL decryption on inbound and outbound network traffic Implement quarantine rules Send events to IBM Security QRadar SIEM Students also learn through hands-on labs how to configure the appliance, configure policies, and block a variety of common attacks
Introduction to IBM Security Network Protection Setting up the appliance Configuring the network access policy Configuring the intrusion prevention policy Tuning network access policy rules and intrusion prevention behavior Using identity objects to control network access Inspecting SSL encrypted traffic Configuring advanced threat protection Integrating with QRadar SIEM Monitoring event data
Connect the appliance to your network Configure initial settings on the appliance and register it with SiteProtector Use network objects and network access rules to configure the Network Access Policy Use IPS objects to configure the intrusion prevention policy Use objects, policies, packet captures, and event data to tune your security policy Configure local, remote, and passive user authentication Inspect outbound and inbound SSL traffic Use quarantine rules to block events Integrate the appliance with IBM Security QRadar SIEM Monitor events on the appliance