GB
/
GBP
/
EN

Shaping the future of IT skills

Maximising IT performance through learning

Cisco Stealthwatch Tuning - SWAT

WGAC-CSC-SWAT

Cisco

Description

Show Tabs
Introduction
Prerequisites & Audience
Course Benefits

  • Create summary views of all alarms in the system.
  • Explain how summary views can help prioritize the tuning strategy.
  • Develop tuning recommendations based on security events and alarm summary.
  • Identify workflows for tuning specific security events.
  • Test tuning strategies and recommendations.
Course Topics

Module 1: Introduction



  • Cisco Stealthwatch Tuning Course Overview
  • The Purpose of Tuning
  • Understanding Security Events and Alarms
  • Defining Stealthwatch Policies


Module 2: Classify the Stealthwatch System



  • Classify the System
  • Lab: Classify Public and Private IP Addresses
  • Lab: Trusted Internet Hosts
  • Lab: Classify Undefined Services and Applications


Module 3: Quiet Noisy Hosts



  • Quiet Noisy Hosts
  • Lab: Classify Network Scanners with the SMC Web UI
  • Lab: Reclassify IPs to Reduce Noise


Module 4: Posture the Stealthwatch System



  • Posture the System
  • Lab: Edit Role Policy
  • Host Locks and Custom Security Events
  • Lab: Host Locks and Custom Security Events
  • Response Management
  • Tiered Alarms
  • Lab: Create a Dashboard


Module: Summary and Course Wrap-up



  • Culminating Scenario: Tuning
  • Tuning Best Practices in Stealthwatch
  • Cisco Stealthwatch Tuning Course Outcomes
  • Course Conclusion

Cisco courses


Implementing Cisco Nexus 9000 Switches in NX-OS Mode - Advanced v1.0 - DCNXA
CODE: WGAC-CSC-DCNXA
Implementing Cisco Advanced Call Control and Mobility Services - CLACCM
CODE: WGAC-CSC-CLACCM
Cisco IOS XR Broadband Network Gateway Implementation and Verification - IOSXR304
CODE: WGAC-CSC-IOSXR304
Network Convergence System 5500 Series Router v1.0 - NCS5500HW
CODE: WGAC-CSC-NCS5500HW
Developing Applications for Cisco Webex and Webex Devices - DEVWBX
CODE: WGAC-CSC-DEVWBX
Implementing Cisco Collaboration Cloud and Edge Solutions - CLCEI
CODE: WGAC-CSC-CLCEI
Securing Cisco Networks with Open Source Snort - SSFSNORT
CODE: WGAC-CSC-SSFSNORT
Implementing Cisco Tetration Analytics - DCITET
CODE: WGAC-CSC-DCITET
Cisco Video Infrastructure Implementation VII
CODE: WGAC-CLC-VII
Configuring Cisco NXOS Switches and Fabrics in the Data Center - DCCNX
CODE: WGAC-CSC-DCCNX
Applying Cisco Business Architecture Discipline - DTBAS
CODE: WGAC-CSC-DTBAS
Cisco Unified Communications IPv6 Implementation - CUCIPI
CODE: WGAC-CSC-CUCIPI
Mastering The Cisco Business Architecture Discipline - DTBAD
CODE: WGAC-CSC-DTBAD
Cisco Customer Success Manager - DTCSM
CODE: WGAC-CSC-DTCSM
Cisco Express Networking Bootcamp Engineer Track - OCSE
CODE: WGAC-CSC-OCSE
Implementing Cisco NX-OS Switches and Fabrics in the Data Center v1.0 - DCNX
CODE: WGAC-CSC-DCNX
Cisco Unified Attendant Console Standard End User - CUACSEU
CODE: WGAC-CSC-CUACSEU
Understanding Cisco Cybersecurity Operations Fundamentals - CBROPS
CODE: WGAC-CSC-CBROPS
Implementing Cisco HyperFlex - DCIHX
CODE: WGAC-CSC-DCIHX
Cisco Stealthwatch for System Administrators - SSA
CODE: WGAC-CSC-SSA
Cisco Policy Suite Core Technologies for Mobility - CPSCTM
CODE: WGAC-CSC-CPSCTM
Implementing Automation for Cisco Data Center Solutions - DCAUI
CODE: WGAC-CSC-DCAUI
Introducing Cisco MDS 9000 Series Switches - DCIMDS
CODE: WGAC-CSC-DCIMDS
Planning and Deploying SD-Access Fundamentals (for Customers) v1.0 - CUST-SDA-FUND
CODE: WGAC-CSC-CUST-SDA-FUND
Cisco SDWAN Operation and Deployment - ENSDW
CODE: WGAC-CSC-ENSDW
Protecting Against Malware Threats with Cisco AMP for Endpoints - SSFAMP
CODE: WGAC-CSC-SSFAMP
Cisco IOS XR System Administration - IOSXR200
CODE: WGAC-CSC-IOSXR200
Cisco Virtual WideArea Application Services - VWAAS
CODE: WGAC-CSC-VWAAS
Introduction to Cisco Sales Express Security - ESICS
CODE: WGAC-CSC-ESICS
Implementing Automation for Cisco Service Provider Solutions - SPAUI
CODE: WGAC-CSC-SPAUI
Cisco Unified Contact Centre Express Advanced Administration - CUCCXAA
CODE: WGAC-CSC-CUCCXAA
Cisco Application Centric Infrastructure Operations and Troubleshooting - DCACIO
CODE: WGAC-CSC-DCACIO
Cisco UC Technical Training for Help Desk Engineers - UCTTHD
CODE: WGAC-CSC-UCTTHD
Deploying Cloud Connect Solutions with Cisco Cloud Services Router 1000V v1.0 - CLDCSR
CODE: WGAC-CSC-CLDCSR
Generating Reports with Cisco Unified Intelligence Center - CGRUIC
CODE: WGAC-CSC-CGRUIC
Implementing and Operating Cisco Service Provider Network Core Technologies - SPCOR
CODE: WGAC-CSC-SPCOR
Cisco Meeting Server Advanced - COLLAB350
CODE: WGAC-CSC-COLLAB350
Securing Networks with Cisco Firepower NextGeneration IPS - SSFIPS
CODE: WGAC-CSC-SSFIPS
Implementing Cisco Application Centric Infrastructure - DCACI
CODE: WGAC-CSC-DCACI
Designing Cisco Enterprise Networks - ENSLD
CODE: WGAC-CSC-ENSLD
Securing Industrial IoT Networks with Cisco Technologies - ISECIN
CODE: WGAC-CSC-ISECIN
Implementing Secure Solutions with Virtual Private Networks - SVPN
CODE: WGAC-CSC-SVPN
Cisco Stealthwatch Security - SSO
CODE: WGAC-CSC-SSO
Deploying Cisco SDAccess - ENSDA
CODE: WGAC-CSC-ENSDA
Implementing Cisco Catalyst 9000 Switches - ENC9K
CODE: WGAC-CSC-ENC9K
Cisco Optical Technology Advanced - OPT300
CODE: WGAC-CSC-OPT300
Managing SAN Infrastructure with Cisco Data Center Network Manager v1.0 - DCNMS
CODE: WGAC-CSC-DCNMS
Introducing Cisco NXOS Switches and Fabrics in the Data Center - DCINX
CODE: WGAC-CSC-DCINX
Cisco Stealthwatch Network - SNO
CODE: WGAC-CSC-SNO
Cisco Big Data Analytics& Architecture and Management - ANDMB
CODE: WGAC-CSC-ANDMB
Transforming to a Cisco Intent-Based Network v1.0 - IBNTRN
CODE: WGAC-CSC-IBNTRN
Cisco Meeting Server Support - SMSS
CODE: WGAC-CSC-SMSS
Implementing Cisco Service Provider Advanced Routing Solutions - SPRI
CODE: WGAC-CSC-SPRI
Engineering Cisco Meraki Solutions Part 1 - ECMS1
CODE: WGAC-CSC-ECMS1
Implementing Cisco Enterprise Advanced Routing and Services - ENARSI
CODE: WGAC-CSC-ENARSI
Cisco Unified Contact Centre Express Bespoke UCCX CUCM CUC - CUCCE
CODE: WGAC-CSC-CUCCE
Cisco MDS 9000 Series Switches Overview - DCMDSO
CODE: WGAC-CSC-DCMDSO
Cisco Service Provider 5G Technologies Foundations - SPMBL100
CODE: WGAC-CSC-SPMBL100
Introduction to 802.1X Operations for Cisco Security Professionals
CODE: WGAC-CSC-802.1X
Configuring the Cisco Nexus 9000 in NXOS Mode - C9KNX
CODE: WGAC-CSC-C9KNX
Cisco BE6K CUCM TelePresence and Expressway Video Solutions - BE6KBC
CODE: WGAC-CSC-BE6KBC
Managing Enterprise Networks with Cisco Prime Infrastructure - MENPI
CODE: WGAC-CSC-MENPI
Understanding Cisco Service Provider Network Foundations - SPFNDU
CODE: WGAC-CSC-SPFNDU
Implementing Automation for Cisco Enterprise Solutions - ENAUI
CODE: WGAC-CSC-ENAUI
Understanding Cisco Wireless Foundations - WLFNDU
CODE: WGAC-CSC-WLFNDU
Developing Applications and Automating Workflows using Cisco Core Platforms - DEVASC
CODE: WGAC-CSC-DEVASC
Bespoke Introduction to Customizing Reports with Cisco Unified Intelligence Center - BICRCUIC
CODE: WGAC-CSC-BICRCUIC
Introduction to Cisco Sales SMB Account Manager - SMBICS
CODE: WGAC-CSC-SMBICS
Cisco Webex Room Kit Support - CWRKS
CODE: WGAC-CSC-CWRKS
Implementing and Configuring Cisco Identity Services Engine - SISE
CODE: WGAC-CSC-SISE
Implementing Cisco SD-WAN Solutions v2.0 - ENSDWI
CODE: WGAC-CSC-ENSDWI
Troubleshooting Cisco Data Center Infrastructure - DCIT
CODE: WGAC-CSC-DCIT
Implementing Cisco Quality of Service - QOS
CODE: WGAC-CSC-QOS
Implementing and Operating Cisco Collaboration Core Technologies - CLCOR
CODE: WGAC-CSC-CLCOR
Cisco Digital Network Architecture Implementation Essentials - DNAIE
CODE: WGAC-CSC-DNAIE
Designing Cisco Enterprise Wireless Network - ENWLSD
CODE: WGAC-CSC-ENWLSD
Cisco Meeting Server Intermediate - COLLAB250
CODE: WGAC-CSC-COLLAB250
Introducing Cisco Unified Computing System - DCIUCS
CODE: WGAC-CSC-DCIUCS
Cisco IPv6 Fundamentals, Design & Deployment - IP6FD
CODE: WGAC-CSC-IP6FD
Developing Solutions using Cisco IoT and Edge Platforms - DEVIOT
CODE: WGAC-CSC-DEVIOT
Implementing an Integrated Threat Defense Solution - SECUR201
CODE: WGAC-CSC-SECUR201
Implementing and Operating Cisco Enterprise Network Core Technologies - ENCOR
CODE: WGAC-CSC-ENCOR
Cisco NCS 2000 Series Deploying 96Channel - OPT201
CODE: WGAC-CSC-OPT201
Deploying Cisco Unified Intelligence Center - DUIC
CODE: WGAC-CSC-DUIC
Integrated Threat Defense Investigation and Mitigation - SECUR202
CODE: WGAC-CSC-SECUR202
Introduction to Cisco Sales - ICS
CODE: WGAC-CSC-ICS
Introduction to Cisco Sales Express Networking - ENICS
CODE: WGAC-CSC-ENICS
Engineering Cisco Meraki Solutions Bundle - ECMSBC
CODE: WGAC-CSC-ECMSBC
Securing Cisco Networks with Snort Rule Writing Best Practices - SSFRULES
CODE: WGAC-CSC-SSFRULES
Implementing Cisco Enterprise Wireless Networks - ENWLSI
CODE: WGAC-CSC-ENWLSI
Cisco IOS XR Layer 3 VPN Implementation and Verification - IOSXR301
CODE: WGAC-CSC-IOSXR301
Implementing and Administering Cisco Solutions - CCNA
CODE: WGAC-CSC-CCNA
Cisco BE6K CUCM CMS and Expressway Video Solutions - BCCEV
CODE: WGAC-CSC-BCCEV
Express Security for Systems Engineer Bootcamp - ASAESE
CODE: WGAC-CSC-ASAESE
Operating Cisco IP Fabric for Media Solution - IPFMSN
CODE: WGAC-CSC-IPFMSN
Implementing Cisco Multicast - MCAST
CODE: WGAC-CSC-MCAST
Cisco IOS XR Basic Troubleshooting - IOSXR201
CODE: WGAC-CSC-IOSXR201
Cisco Next Generation Wireless with Catalyst 9800 - CNGW9800
CODE: WGAC-CSC-CNGW9800
Cisco Meeting Server Implementation - CMSI
CODE: WGAC-CSC-CMSI
Introduction to Cisco Finesse Agent Desktop - CIFAD
CODE: WGAC-CSC-CIFAD
Implementing Segment Routing on Cisco IOS XR - SEGRTE201
CODE: WGAC-CSC-SEGRTE201
Multicloud Management with Cisco CloudCenter Suite - CLDCCS
CODE: WGAC-CSC-CLDCCS
Introduction to Cisco Finesse Supervisor Desktop - CIFSD
CODE: WGAC-CSC-CIFSD
Deploying Cisco Unified Contact Center Express - UCCX
CODE: WGAC-CSC-UCCX
DNAC Activation and Assurance - DNACAA
CODE: WGAC-CSC-DNACAA
Implementing Cisco Unified Communications Manager with Jabber - ICUCMJ
CODE: WGAC-CSC-ICUCMJ
Deploying Basic Cisco Wireless LANs - WDBWL
CODE: WGAC-CSC-WDBWL
Cisco Small Business Technical Overview Exam Accelerated Bootcamp - SMBPPTO
CODE: WGAC-CSC-SMBPPTO
Cisco Webex Teams & BE6K Implementation - WTHI
CODE: WGAC-CSC-WTHI
Networking & TCP/IP Fundamentals - NWF
CODE: WGAC-CSC-NWF
Cisco Unified Communications Manager Advanced Administration with Jabber - UCMAAJ
CODE: WGAC-CSC-UCMAAJ
Configuring BGP on Cisco Routers - BGP
CODE: WGAC-CSC-BGP
Cisco Unified Communications Manager Intermediate Administration - CUCMIA
CODE: WGAC-CSC-CUCMIA
Implementing Cisco Enterprise SD-Branch v1.0 - ENSDBI
CODE: WGAC-CSC-ENSDBI
Performing CyberOps Using Cisco Security Technologies - CBRCOR
CODE: WGAC-CSC-CBRCOR
Introducing Automation for Cisco Solutions - CSAU
CODE: WGAC-CSC-CSAU
Cisco Stealthwatch Tuning - SWAT
CODE: WGAC-CSC-SWAT
Configuring VXLANs on Cisco Nexus 9000 Series Switches - DCVX9K
CODE: WGAC-CSC-DCVX9K
Cisco Certified Technician Supporting Cisco Routing and Switching Network Devices - RSTECH
CODE: WGAC-CSC-RSTECH
Cisco Unified Communications Manager Advanced Admin - CUCMAA
CODE: WGAC-CSC-CUCMAA
Engineering Cisco Meraki Solutions Part 2 - ECMS2
CODE: WGAC-CSC-ECMS2
Securing Email with Cisco Email Security Appliance - SESA
CODE: WGAC-CSC-SESA
Developing Applications Using Cisco Platforms and APIs - DEVCOR
CODE: WGAC-CSC-DEVCOR
Configuring Cisco Unified Computing System - DCCUCS
CODE: WGAC-CSC-DCCUCS
Configuring Cisco MDS 9000 Switches - DCMDS
CODE: WGAC-CSC-DCMDS
Implementing Cisco Service Provider VPN Services - SPVI
CODE: WGAC-CSC-SPVI
Implementing and Operating Cisco Data Center Core Technologies - DCCOR
CODE: WGAC-CSC-DCCOR
Introducing Cisco Cloud Consumer Security - SECICC
CODE: WGAC-CSC-SECICC
Designing Cisco Data Center Infrastructure - DCID
CODE: WGAC-CSC-DCID
Wireshark Basic Principles - WBP
CODE: WGAC-CSC-WBP
Multicloud Automation and Orchestration with Cisco CloudCenter Suite - CLDAO
CODE: WGAC-CSC-CLDAO
Understanding Cisco Data Center Foundations - DCFNDU
CODE: WGAC-CSC-DCFNDU
Cisco NSO Administration and DevOps - NSO303
CODE: WGAC-CSC-NSO303
Deploying Basic and Advanced Cisco Wireless LANs Bootcamp - WDBWL-WDAWL
CODE: WGAC-CSC-WDBWL-WDAWL
Bespoke Cisco SD Access Technical Training - BCSDATT
CODE: WGAC-CSC-BCSDATT
Cisco ASR 9000 Series IOS XR 64Bit Software Migration and Operational Enhancements - IOSXR211
CODE: WGAC-CSC-IOSXR211
Cisco Unified Contact Centre Express UCCX Video Call Centre Implementation with Jabber - UCCXVCCI
CODE: WGAC-CSC-UCCXVCCI
Securing Cloud Deployments With Cisco Technologies - SECCLD
CODE: WGAC-CSC-SECCLD
Implementing Cisco Collaboration Applications - CLICA
CODE: WGAC-CSC-CLICA
Cisco WebEx Teams Implementation - CWTI
CODE: WGAC-CSC-CWTI
Implementing DevOps Solutions and Practices using Cisco Platforms - DEVOPS
CODE: WGAC-CSC-DEVOPS
Introducing Cisco Nexus 9000 Switches in NXOS Mode - DCINX9K
CODE: WGAC-CSC-DCINX9K
Managing Enterprise Security with Cisco Security Manager - SSECMGT
CODE: WGAC-CSC-SSECMGT
Implementing Cisco Collaboration Conferencing - CLCNF
CODE: WGAC-CSC-CLCNF
Cisco Unified Communications Security Implementation - CUCS
CODE: WGAC-CSC-CUCS
Securing the Web with Cisco Web Security Appliance - SWSA
CODE: WGAC-CSC-SWSA
Cisco SD-WAN Operation and Deployment v1.0 - SDWFND
CODE: WGAC-CSC-SDWFND
Cisco IOS XR Multicast Routing Implementation and Verification - IOSXR302
CODE: WGAC-CSC-IOSXR302
Kubernetes Integration with Cisco CloudCenter Suite v1.0 - CLDKUB
CODE: WGAC-CSC-CLDKUB
Deploying Cisco Unified Contact Center Enterprise Software - DUCCE
CODE: WGAC-CSC-DUCCE
Deploying Advanced Cisco Wireless LANs - WDAWL
CODE: WGAC-CSC-WDAWL
Cisco Unified Attendant Console Standard Administration - CUACS
CODE: WGAC-CSC-CUACS
Bespoke Cisco Unified Contact Centre Enterprise Workshop - BUCCXW
CODE: WGAC-CSC-BUCCXW
Cisco Network Service Orchestrator NSO Essentials for Programmers and Network Architects v3.0 - NSO201
CODE: WGAC-CSC-NSO201
Adopting The Cisco Business Architecture Approach - DTBAA
CODE: WGAC-CSC-DTBAA
Implementing Cisco Collaboration Devices Express Collaboration for Systems Engineer - ECCICD
CODE: WGAC-CSC-ECCICD
Leveraging Cisco Intent-Based Networking DNA Assurance v1.0 - DNAAS
CODE: WGAC-CSC-DNAAS
Deploying Cisco Unified Contact Center Express - UCCXD
CODE: WGAC-CSC-UCCXD
Implementing Automation for Cisco Security Solutions - SAUI
CODE: WGAC-CSC-SAUI
Understanding Cisco Collaboration Foundations - CLFNDU
CODE: WGAC-CSC-CLFNDU
Operating and Implementing Cisco WAN Automation Engine - WAE200
CODE: WGAC-CSC-WAE200
Administering Cisco Unified Contact Center Enterprise Part 2 - AUCCE2
CODE: WGAC-CSC-AUCCE2
Implementing Cisco - MPLS
CODE: WGAC-CSC-MPLS
Administering Cisco Unified Contact Center Enterprise Part 1 - AUCCE1
CODE: WGAC-CSC-AUCCE1
Bespoke Cisco Packaged Contact Centre Enterprise Workshop - BCPCCXW
CODE: WGAC-CSC-BCPCCXW
Implementing Cisco SDWAN Solutions - SDWAN300
CODE: WGAC-CSC-SDWAN300
Deploying Cisco Connected Mobile Experiences - WCMX
CODE: WGAC-CSC-WCMX
Cisco Aggregation Services Router 9000 Series Essentials - ASR9KE
CODE: WGAC-CSC-ASR9KE
Introduction to Cisco IOS XR - IOSXR100
CODE: WGAC-CSC-IOSXR100
Cisco NSO Advanced for Python Programmers - NSO300
CODE: WGAC-CSC-NSO300
Introduction to Cisco Sales Express Collaboration for Account Managers - ECICS
CODE: WGAC-CSC-ECICS
Cisco Optical Technology Intermediate - OPT200
CODE: WGAC-CSC-OPT200
Implementing Automation for Cisco Collaboration Solutions - CLAUI
CODE: WGAC-CSC-CLAUI
Securing Networks with Cisco Firepower Next Generation Firewall - SSNGFW
CODE: WGAC-CSC-SSNGFW
Implementing and Operating Cisco Security Core Technologies - SCOR
CODE: WGAC-CSC-SCOR
We use cookies to understand how you use our site and to improve your experience. To learn more, click here. Read our revised Privacy Policy and Terms and Conditions.