ATD with DXL, TIE and MAR Administration

X

Contact Us

We would love to hear from you. Please complete this form to pre-book or request further information about our delivery options.

Subscribe

I'd like to receive emails with the latest updates and promotions from Insoft.

Data Protection & Privacy

I hereby allow Insoft Ltd. to contact me on this topic. Further, I authorise Insoft Ltd. processing, using collecting and storing my personal data for the purpose of these activities. All your data will be protected and secured as outlined in our privacy policy.


Upcoming Dates


Sep 19 - Sep 22, 2022
09:00 - 17:00
Online

Oct 17 - Oct 20, 2022
09:00 - 17:00
Online

Nov 14 - Nov 17, 2022
09:00 - 17:00
Online

Dec 12 - Dec 15, 2022
09:00 - 17:00
Online

Jan 9 - Jan 12, 2023
09:00 - 17:00
Online

Feb 6 - Feb 9, 2023
09:00 - 17:00
Online

ATD with DXL, TIE and MAR Administration
4 days  (Instructor Led Online)  |  CyberSecurity

Course Details

In this course, you will learn the tasks crucial to set up, administer, and manage Advanced Threat Defence (ATD), Data Exchange Layer (DXL), Threat Intelligence Exchange (TIE), and Active Response (MAR) solutions.

Our ATD with DXL, TIE and MAR Administration course provides an indepth look at each of the products and how they integrate with each
other. In this course, you will learn the tasks crucial to set up, administer, and manage Advanced Threat Defense (ATD), Data Exchange Layer (DXL), Threat Intelligence Exchange (TIE), and Active Response (MAR) solutions. This combined solution enables you to gain better visibility to your environment, protecting and limiting exposure to threats and vulnerabilities. This course combines lectures and practical lab exercises with significant time allocated for hands-on interaction with the ATD, TIE, DXL, and MAR user interfaces, as well as detailed instructions for the integration of this solution.

Objectives

  • Describe ATD solution purpose, key features, and benefits.
  • Install and configure ATD appliance settings.
  • Create VM and analyzer profiles in ATD to be used for analysis.
  • Submit content to ATD for analysis, interpret the results, generate reports, and manage the whitelist and blacklist.
  • Update security content and software in ATD.
  • Identify resources and tools useful for basic troubleshooting in ATD.
  • Describe the DXL, TIE, and MAR solutions, requirements, and key features.
  • Install and verify TIE, DXL, and MAR components.
  • Configure basic policies for DXL brokers and clients.
  • Configure the DXL broker in ePO.
  • Describe and perform basic troubleshooting tasks for DXL.
  • Identify and configure policies required for a TIE environment.
  • Analyze and manage threat reputation.
  • Explain how to configure the Active Response service from ePO.
  • Explain how to use MAR collectors, searches, reactions, and triggers.
  • Use Threat Workspace to investigate malware.
  • Integrate ATD with selected McAfee solutions and explain how to operationalize the solutions to deliver specific outcomes.

Outline

Day 1

  • Welcome
  • Products Integration
  • Advanced Threat Defense Solution Overview
  • ATD Installation and Set up
  • Configuring ATD Appliance Settings
  • Creating Virtual Machines in ATD

Day 2

  • Malware Analysis in ATD
  • Configuring ATD Cluster
  • Managing Content and Basic Troubleshooting in ATD
  • Data Exchange Layer Overview
  • Threat Intelligence Exchange Overview
  • Active Response Overview

Day 3

  • DXL, TIE, and MAR Installation
  • Managing, Configuring, and Troubleshooting DXL
  • Configuring and Using TIE
  • Configuring and Using MAR

Day 4

  • Using MAR Threat Workspace, Health Status, and Remediation History
  • ATD Integration with ePO, DXL, TIE, and MAR
  • ATD Integration with MWG and NSP
  • ATD Integration with Email Connector and ESM

Target Audience

This course is intended for system and network administrators, security personnel, auditors, and/or consultants concerned with system endpoint security