SWAT – Cisco Stealthwatch Tuning


Contact Us

We would love to hear from you. Please complete this form to pre-book or request further information about our delivery options.


I'd like to receive emails with the latest updates and promotions from Insoft.

Data Protection & Privacy

I hereby allow Insoft Ltd. to contact me on this topic. Further, I authorise Insoft Ltd. processing, using collecting and storing my personal data for the purpose of these activities. All your data will be protected and secured as outlined in our privacy policy.

Upcoming Dates

Nov 1 - Nov 2, 2021
09:00 - 17:00

Dec 6 - Dec 7, 2021
09:00 - 17:00

Jan 10 - Jan 11, 2022
09:00 - 17:00

SWAT – Cisco Stealthwatch Tuning
2 days  (Instructor Led Online)  |  Network Security

Course Details

Cisco Stealthwatch Tuning is a two-day course which provides resources to make the configuration and use of the Cisco Stealthwatch System manageable. The course builds on the content introduced in the Cisco Stealthwatch for Security Operations, Cisco Stealtwatch for Network Operations and Cisco Stealthwatch for System Administrators courses.


Upon completing this course, the learner will be able to meet these overall objectives:

  • Describe how the Cisco Stealthwatch Enterprise system provides network visibility through monitoring and detection.
  • Define tuning and how it helps the Stealthwatch system create actionable alarms.
  • Use the stages of the tuning process to identify workflows and best practices to operationalize Stealthwatch


Module One

  • Course Introduction
  • Cisco Stealthwatch Tuning Course Overview
  • The Purpose of Tuning
  • Understanding Security Events and Alarms
  • Defining Stealthwatch Policies

Module Two

  • Posture the System
  • Host Locks and Custom Security Events
  • Response Management
  • Tiered Alarms
  • Culminating Scenario: Tuning
  • Tuning Best Practices in Stealthwatch
  • Cisco Stealthwatch Tuning Course Outcomes
  • Course Conclusion

Target Audience

The primary audience for this course is as follows:

  • Individuals who are responsible for tuning the Stealthwatch System, creating and maintaining policies, monitoring traffic, and obtaining and responding to actionable alarm.


The knowledge and skills that the learner should have before attending this course are as follows:

  • Cisco Stealthwatch for Security Operations
  • Cisco Stealthwatch for Network Operations
  • Stealthwatch Foundation