Cisco Threat Awareness Service - Quick Start Guide. Last Updated: 16/06/16
|
|
- Katherine Park
- 6 years ago
- Views:
Transcription
1 Cisco Threat Awareness Service - Quick Start Guide. Last Updated: 16/06/16 Contents Introduction... 1 Intended Use... 1 Portal Navigation... 2 Registering a Network Resource... 2 Adding the Network Resource using Adding the Network Resource using DNS Cookie... 5 Threats Feeds... 6 Exposed Services... 7 Malicious Activity... 7 DNS Observations... 7 Suspicious DNS Requests... 7 For More Information... 8 Introduction The Cisco Threat Awareness Service (CTAS) is an easy-to-use, portal-based threat intelligence service. It enhances threat visibility for Smart Net Total Care (SNTC) customers, by making broad, foundation based security information accessible 24 hours a day. Timely detection of malicious activities based on Cisco s extensive network visibility and threat intelligence experience. Helps companies quickly identify compromised systems by flagging compromised networks and suspicious behaviour. Helps IT and security teams recognize threats and delivers actionable intelligence. Continuous improvement of overall security posture through analysis of network traffic as seen from outside the network. Intended Use This document is intended for users of the Smart Net Total Care (SNTC) portal, an online system provided as part of Cisco Smart Net Total Care. The instructions in this Guide assume that the user already has access to the Cisco Threat Awareness Service in the SNTC portal.
2 Portal Navigation After logging into the Smart Net Total Care portal, the left side navigation pane provides a means for accessing the different features offered via the portal. For the Cisco Threat Awareness Service, there is a new option called Security. Expanding this menu will reveal the Threat Awareness Service. The screenshot depicts the landing page for the Cisco Threat Awareness Service, as it will typically appear when it is first accessed (assuming one or more network resources are already authorized). In the right-hand pane is the Threat Awareness Service dashboard, comprised of four tabs, each displaying information on a different type of threat feed; Exposed Services, Malicious Activity, DNS Observations, and Suspicious DNS Requests. A description of each is found in the Threat Feeds section of this document. Navigating to a Threat Feed tab will cause the service to load the data for any network resources already registered with the Cisco Threat Awareness Service. NOTE: Threat information is available for authorized network resources only. Registering a Network Resource From the Threat Awareness Service dashboard, click on Settings already registered, with the corresponding status. to see a list of network resources that are Pending: A network resource with this status will not be included in the processing of the Threat Feeds. This status indicates the network resource is registered, but not yet authorized. Confirmed: A network resource with this status will it be included in the processing of Threat Feeds. This status indicates the network resource is authorized. The system requires authorization before a user can view the threat data. Information about the network resource is already available in Cisco s threat databases; this authorization is to confirm that the user has permission to view the data.
3 To register a new network resource for monitoring, click on either Add Domain or Add IP Address. Both of these options launch the Network Resource Wizard. From here you can choose to add a Domain, IP Address, IP Range, or CIDR Block. The Cisco Threat Awareness Service offers two authorization methods; DNS Authorization Cookie, or . The following section describes the required steps for each option. Adding the Network Resource using Use this method if you are not the owner of administrator and would like to request permission from the appropriate person via In the Network Resource Wizard, select the resource type you wish to add, e.g. CIDR Block. 2. Enter the domain name or IP Address, e.g / Optionally add an alias for the IP address. This is an alias within the portal only. 4. Click Next.
4 5. Select the method by clicking on Administrators. 6. Choose a recipient from the drop-down list, and click Send Click Finish. 8. Refresh the Settings page to see the new IP address entry, with a status of Pending. 9. Click on the IP Address to view the audit trail, including Authorization Method, the recipient, and token expiry date. NOTE: s are sent from no-reply@cisco.com to the selected recipient. The contains a one-time token that can be used only for the specified domain. The approver must click on the link in the , enter the token, and choose whether to Authorize Use or Decline Authorization. NOTE: Once the authorization request has been approved, the status of the domain is updated to Confirmed. The audit trail will provide details of the Authorization method, the date, and the approver, so all actions can be traced back.
5 NOTE: Please allow up to 24 hours for the Cisco Threat Awareness Service to perform a threat analysis. Adding the Network Resource using DNS Cookie Use this method if you have control of the DNS zone for this Domain or IP. 1. In the Network Resource Wizard, select the resource type you wish to add, e.g. Domain. 2. Enter the domain name or IP Address, e.g. cisco.com. 3. Optionally add an alias for the domain. This is an alias within the portal only. 4. Click Next. 5. Select the DNS Authorization Cookie method by clicking on DNS Instructions. 6. Create a TXT record containing the DNS Authorization Cookie, and place in the DNS zone for the specified domain. 7. Click Next and Finish.
6 8. Refresh the Settings page to see the new domain entry, with a status of Pending. 9. Click on the domain to view the audit trail, including the Authorization Method, the DNS Cookie, and token expiry date. NOTE: It may take up to 2 hours for the Cisco Threat Awareness Service to verify the DNS cookie, and update the status of the domain to Confirmed. The audit trail will provide further details so all actions can be traced back. NOTE: Please allow up to 24 hours for the Cisco Threat Awareness Service to perform a threat analysis. Threats Feeds Listed below is a brief description of each threat feed provided by the Cisco Threat Awareness Service. These are also found at the start of the feed in the portal.
7 Exposed Services Open Services: These services are available to the Internet and should be examined and removed if unnecessary. Services for Investigation: These services are available to the Internet and exhibit indicators that they are vulnerable to known attacks or contributing to denial of service attacks. Investigate and, if necessary, remediate these services. Malicious Activity IP Addresses: These IP addresses have either demonstrated malicious activity on the Internet or shown behaviors that indicate they may have malicious software installed. Hostnames and URLs: These DNS names and URLs are present within your network and have demonstrated malicious activity on the Internet. DNS Observations Unexpected DNS Names: These DNS names are not within your DNS domain names but resolve to IP addresses within your network. Investigate whether these are legitimate. Observed DNS Resolvers: These IP addresses are making DNS requests directly to the Internet. Determine if these are legitimate DNS servers and investigate remaining devices. Suspicious DNS Requests DNS Requests for Malicious Names: The following DNS requests for malicious DNS names were observed from your network. All controls are identical across the tabs. Each tab displays one or more charts with an accompanying table listing the IP addresses we are observing from within the registered address space. Selecting an entry in the table will highlight the corresponding entry in the chart, and vice versa. Expanding an entry in the table provide more details of the threat identified. The screenshot below shows the Services for Investigation feed under the Exposed Services tab. The default scope for each feed is 30 days, but this can be extended to a maximum of 90 day, or a minimum of 14 days. The feeds are updated globally (for all customers) every 24 hours. The last update time can be seen underneath the feed name, so in this example, the last update was processed on January 31 at 00:00 GMT. The table displays individual records, and when they were last observed, e.g. the first item in the table was last observed on January 29, while the second record was last observed on January 28. Looking at this record, we can see it is a TCP/433 SSL server, and the threat feeds have indicated this is vulnerable service (e.g. it may be open to some sort of Heart Bleed vulnerability). The Recommended steps may include suggestions such as patching the server, or running further vulnerability scans. The nature of the threat feed is dynamic; the category may be enriched to provide additional information. This will happen transparently as soon as more information becomes available, and in response to the continuously changing threat landscape.
8 To sort or search the data, click on the Filter icon in the top right of each feed. This provides the option to filter on IP address, Protocol, Port, Category, and Observed Date. The example below will display all observations of IP address , on port 443, on January 25th - 31st. Data may also be exported. Click on the (with a CSV attachment). icon, and download in CSV format, or send the exported data via For More Information On the Cisco Threat Awareness Service please visit the Cisco Threat Awareness Service Support Community.
Qualys Cloud Suite 2.30
Qualys Cloud Suite 2.30 Here s what s new in Qualys Cloud Suite 2.30! AssetView ThreatPROTECT Dynamic tag support for Amazon EC2 Metadata Search Assets by Amazon EC2 Metadata Cloud Agent Download Search
More informationClientNet Admin Guide. Boundary Defense for
ClientNet Admin Guide Boundary Defense for Email DOCUMENT REVISION DATE: Feb 2012 ClientNet Admin Guide / Table of Contents Page 2 of 36 Table of Contents OVERVIEW... 3 1 INTRODUCTION... 3 1.1. AUDIENCE
More informationOn the Surface. Security Datasheet. Security Datasheet
Email Security Datasheet Email Security Datasheet On the Surface No additional hardware or software required to achieve 99.9%+ spam and malware filtering effectiveness Initiate service by changing MX Record
More informationIBM Security SiteProtector System User Guide for Security Analysts
IBM Security IBM Security SiteProtector System User Guide for Security Analysts Version 2.9 Note Before using this information and the product it supports, read the information in Notices on page 83. This
More informationForeScout CounterACT. Configuration Guide. Version 2.2
ForeScout CounterACT Core Extensions Module: IOC Scanner Plugin Version 2.2 Table of Contents About the CounterACT IOC Scanner Plugin... 4 Use Cases... 5 Broaden the Scope and Capacity of Scanning Activities...
More informationThreatConnect Learning Exercises
ThreatConnect Learning Exercises The following exercises will teach you some of the important features within the ThreatConnect platform. You will learn various ways of adding intelligence data into ThreatConnect,
More informationConnection Logging. Introduction to Connection Logging
The following topics describe how to configure the Firepower System to log connections made by hosts on your monitored network: Introduction to, page 1 Strategies, page 2 Logging Decryptable Connections
More informationSentinel 4 IDS User Interface Guide
Sentinel 4 IDS User Interface Guide A quick primer on the available options of the Sentinel IDS s web-based user interface. Navigation Header This header will remain at the top of the page even if you
More informationEnhanced Threat Detection, Investigation, and Response
Enhanced Threat Detection, Investigation, and Response What s new in Cisco Stealthwatch Enterprise Release 6.10.2 Cisco Stealthwatch Enterprise is a comprehensive visibility and security analytics solution
More informationConnection Logging. About Connection Logging
The following topics describe how to configure the Firepower System to log connections made by hosts on your monitored network: About, page 1 Strategies, page 2 Logging Decryptable Connections with SSL
More informationChapter 5: Vulnerability Analysis
Chapter 5: Vulnerability Analysis Technology Brief Vulnerability analysis is a part of the scanning phase. In the Hacking cycle, vulnerability analysis is a major and important part. In this chapter, we
More informationOutline NET 412 NETWORK SECURITY PROTOCOLS. Reference: Lecture 7: DNS Security 3/28/2016
Networks and Communication Department NET 412 NETWORK SECURITY PROTOCOLS Lecture 7: DNS Security 2 Outline Part I: DNS Overview of DNS DNS Components DNS Transactions Attack on DNS Part II: DNS Security
More informationDetector Service Delivery System (SDS) Version 3.0
Detector Service Delivery System (SDS) Version 3.0 Detecting and Responding to IT Security Policy Violations Quick Start Guide 2018 RapidFire Tools, Inc. All rights reserved. V20180112 Contents Overview
More informationIntegrate Viper business antivirus EventTracker Enterprise
Integrate Viper business antivirus EventTracker Enterprise Publication Date: June 2, 2016 EventTracker 8815 Centre Park Drive Columbia MD 21045 www.eventtracker.com Abstract This guide provides instructions
More informationIntegrate Fortinet Firewall. EventTracker v8.x and above
EventTracker v8.x and above Publication Date: October 31, 2017 Abstract This guide provides instructions to configure Fortinet Firewall to send crucial events to EventTracker Enterprise by means of syslog.
More informationCounterACT IOC Scanner Plugin
CounterACT IOC Scanner Plugin Version 2.0.1 Table of Contents About the CounterACT IOC Scanner Plugin... 4 Use Cases... 5 Broaden the Scope and Capacity of Scanning Activities... 5 Use CounterACT Policy
More informationTenable.io User Guide. Last Revised: November 03, 2017
Tenable.io User Guide Last Revised: November 03, 2017 Table of Contents Tenable.io User Guide 1 Getting Started with Tenable.io 10 Tenable.io Workflow 12 System Requirements 15 Scanners and Agents 16 Link
More informationUser Identity Sources
The following topics describe Firepower System user identity sources, which are sources for user awareness. These users can be controlled with identity and access control policies: About, on page 1 The
More informationGFI MailSecurity 2011 for Exchange/SMTP. Administration & Configuration Manual
GFI MailSecurity 2011 for Exchange/SMTP Administration & Configuration Manual http://www.gfi.com info@gfi.com The information and content in this document is provided for informational purposes only and
More informationSkybox Firewall Assurance
Skybox Firewall Assurance Getting Started Guide 8.5.600 Revision: 11 Proprietary and Confidential to Skybox Security. 2017 Skybox Security, Inc. All rights reserved. Due to continued product development,
More informationSophos Central Admin. help
help Contents About Sophos Central... 1 Activate Your License...2 Overview... 3 Dashboard...3 Alerts...4 Logs & Reports... 10 People... 25 Devices... 34 Global Settings...50 Protect Devices...78 Endpoint
More informationIntegrate Microsoft Office 365. EventTracker v8.x and above
EventTracker v8.x and above Publication Date: March 5, 2017 Abstract This guide provides instructions to configure Office 365 to generate logs for critical events. Once EventTracker is configured to collect
More informationHarePoint Analytics. For SharePoint. User Manual
HarePoint Analytics For SharePoint User Manual HarePoint Analytics for SharePoint 2013 product version: 15.5 HarePoint Analytics for SharePoint 2016 product version: 16.0 04/27/2017 2 Introduction HarePoint.Com
More informationGigamon Metadata Application for IBM QRadar Deployment Guide
Gigamon Metadata Application for IBM QRadar Deployment Guide COPYRIGHT Copyright 2018 Gigamon. All Rights Reserved. No part of this publication may be reproduced, transmitted, transcribed, stored in a
More informationIntegrate Microsoft ATP. EventTracker v8.x and above
EventTracker v8.x and above Publication Date: August 20, 2018 Abstract This guide provides instructions to configure a Microsoft ATP to send its syslog to EventTracker Enterprise. Scope The configurations
More informationQualys Cloud Suite 2.28
Qualys Cloud Suite 2.28 We re excited to tell you about improvements and enhancements in Qualys Cloud Suite 2.28. AssetView ThreatPROTECT View Policy Compliance Summary in Asset Details Export Dashboards
More informationCisco Service Control Service Security: Outgoing Spam Mitigation Solution Guide, Release 4.1.x
CISCO SERVICE CONTROL SOLUTION GUIDE Cisco Service Control Service Security: Outgoing Spam Mitigation Solution Guide, Release 4.1.x 1 Introduction and Scope 2 Functionality Overview 3 Mass-Mailing-Based
More informationPerforming Administrative Tasks
CHAPTER 6 This section provides information about administrative tasks. It includes these topics: Stopping and Restarting the Cisco License Manager Server, page 6-1 How to Manage Users, page 6-2 Working
More informationWHITE PAPER HIGH-FIDELITY THREAT INTELLIGENCE: UNDERSTANDING FALSE POSITIVES IN A MULTI-LAYER SECURITY STRATEGY
WHITE PAPER HIGH-FIDELITY THREAT INTELLIGENCE: UNDERSTANDING FALSE POSITIVES IN A MULTI-LAYER SECURITY STRATEGY Dave Dubois, Global Security Product Management Version: 1.0, Jan 2018 A Multi-Layer Approach
More informationWindows Intune Trial Guide Getting the most from your Windows Intune trial. Simplify PC management. Amplify productivity.
Windows Intune Trial Guide Getting the most from your Windows Intune trial. Simplify PC management. Amplify productivity. CONTENTS 2 Overview 2 Trial Setup 3 Getting Started with the Administration Console
More informationReports Overview. Inventory and Reporting User Guide SNTC
Reports Overview The Reports user interface in Inventory and Reporting (IR) has been redesigned to make it easier to find and access customer inventory data. Instead of being presented with massive amounts
More informationSophos Enterprise Console Help. Product version: 5.3
Sophos Enterprise Console Help Product version: 5.3 Document date: September 2015 Contents 1 About Sophos Enterprise Console 5.3...6 2 Guide to the Enterprise Console interface...7 2.1 User interface layout...7
More informationCheckbox Quick Start Guide
Checkbox 5.0 - Quick Start Guide This How-To Guide will guide you though the process of creating a survey and adding a survey item to a page. Contents: - Log-In - How to create a survey - How to add/change
More informationComodo Dome Shield - Admin Guide
rat Comodo Dome Shield Software Version 1.16 Administrator Guide Guide Version 1.16.062718 Comodo Security Solutions 1255 Broad Street Clifton, NJ 07013 Table of Contents 1 Introduction to Comodo Dome
More informationUSM Anywhere AlienApps Guide
USM Anywhere AlienApps Guide Updated April 23, 2018 Copyright 2018 AlienVault. All rights reserved. AlienVault, AlienApp, AlienApps, AlienVault OSSIM, Open Threat Exchange, OTX, Unified Security Management,
More informationIBM CLOUD DISCOVERY APP FOR QRADAR
IBM CLOUD DISCOVERY APP FOR QRADAR Getting Started Updated: January 31 st, 2018 Page 1 Introduction This document provides instructions for installing, configuring, and using IBM Cloud Discovery App for
More informationKaspersky Security for Windows Server
Kaspersky Security for Windows Server User's Guide Application version: 10.1.1.746 Dear User, Thank you for choosing Kaspersky Lab as your security software provider. We hope that this document helps you
More informationTrend Micro Incorporated reserves the right to make changes to this document and to the service described herein without notice. Before installing and using the service, review the readme files, release
More informationForeScout CounterACT. Configuration Guide. Version 1.2
ForeScout CounterACT Core Extensions Module: NetFlow Plugin Version 1.2 Table of Contents About NetFlow Integration... 3 How it Works... 3 Supported NetFlow Versions... 3 What to Do... 3 Requirements...
More informationTrend Micro Incorporated reserves the right to make changes to this document and to the service described herein without notice. Before installing and using the service, review the readme files, release
More informationComodo IT and Security Manager Software Version 6.9
Comodo IT and Security Manager Software Version 6.9 End User Guide Guide Version 6.9.072817 Comodo Security Solutions 1255 Broad Street Clifton, NJ 07013 Table of Contents 1. Introduction to Comodo IT
More informationIntegrating Okta and Preempt Detecting and Preventing Threats With Greater Visibility and Proactive Enforcement
Integrating Okta and Preempt Detecting and Preventing Threats With Greater Visibility and Proactive Enforcement The Challenge: Smarter Attackers and Dissolving Perimeters Modern enterprises are simultaneously
More informationMcAfee MVISION Mobile epo Extension Product Guide
McAfee MVISION Mobile epo Extension 1809 Product Guide September 11, 2018 COPYRIGHT Copyright 2018 McAfee, LLC TRADEMARK ATTRIBUTIONS McAfee and the McAfee logo, McAfee Active Protection, epolicy Orchestrator,
More informationTrend Micro Business Support Portal
Lorem Ipsum Dolor Sit Amet Consectetur Adipiscing Trend Micro Business Support Portal User Guide Welcome to the Trend Micro Business Support Portal. This portal provides full online support for Trend Micro
More informationUnifier Project Controls User Guide
Unifier Project Controls User Guide 16 R2 September 2016 Contents Introduction to Project Controls... 17 Components of Project Controls... 19 About the Owner Template... 19 About the Contractor Template...
More informationUser Guide. Version R92. English
AuthAnvil User Guide Version R92 English October 9, 2015 Agreement The purchase and use of all Software and Services is subject to the Agreement as defined in Kaseya s Click-Accept EULATOS as updated from
More informationIPS Event Analysis R Administration Guide
IPS Event Analysis R70.20 Administration Guide 21 December, 2009 More Information The latest version of this document is at: http://supportcontent.checkpoint.com/documentation_download?id=10506 For additional
More informationNotices. Third Party Project Usage. Sample Code in Documentation
Malwarebytes AdwCleaner User Guide Version 7.2.4 26 September 2018 Notices Malwarebytes products and related documentation are provided under a license agreement containing restrictions on use and disclosure
More informationThe Privileged Appliance and Modules (TPAM) 1.0. Diagnostics and Troubleshooting Guide
The Privileged Appliance and Modules (TPAM) 1.0 Guide Copyright 2017 One Identity LLC. ALL RIGHTS RESERVED. This guide contains proprietary information protected by copyright. The software described in
More informationResolving Actions and Completion Policy Status About Non-Workflow BPs Creating a BP Record... 40
Unifier Project Controls User Guide Version 17 September 2017 Contents Introduction to Project Controls... 17 Downloading and Configuring Project Controls Base Product (On-Premises Deployment)17 Downloading
More informationForeScout CounterACT. Configuration Guide. Version 5.0
ForeScout CounterACT Core Extensions Module: Reports Plugin Version 5.0 Table of Contents About the Reports Plugin... 3 Requirements... 3 Supported Browsers... 3 Verify That the Plugin Is Running... 5
More informationTracking Messages
This chapter contains the following sections: Tracking Service Overview, page 1 Setting Up Centralized Message Tracking, page 2 Checking Message Tracking Data Availability, page 4 Searching for Email Messages,
More informationForeScout Extended Module for Tenable Vulnerability Management
ForeScout Extended Module for Tenable Vulnerability Management Version 2.7.1 Table of Contents About Tenable Vulnerability Management Module... 4 Compatible Tenable Vulnerability Products... 4 About Support
More informationComodo cwatch Network Software Version 2.23
rat Comodo cwatch Network Software Version 2.23 Administrator Guide Guide Version 2.23.060618 Comodo Security Solutions 1255 Broad Street Clifton, NJ 07013 Table of Contents 1 Introduction to Comodo cwatch
More informationComodo IT and Security Manager Software Version 5.4
Comodo IT and Security Manager Software Version 5.4 End User Guide Guide Version 5.4.090716 Comodo Security Solutions 1255 Broad Street Clifton, NJ 07013 Table of Contents 1. Introduction to Comodo IT
More informationThe following topics describe how to manage various policies on the Firepower Management Center:
The following topics describe how to manage various policies on the Firepower Management Center: Policy Deployment, page 1 Policy Comparison, page 11 Policy Reports, page 12 Out-of-Date Policies, page
More informationCarbon Black PCI Compliance Mapping Checklist
Carbon Black PCI Compliance Mapping Checklist The following table identifies selected PCI 3.0 requirements, the test definition per the PCI validation plan and how Carbon Black Enterprise Protection and
More informationHow To Embed EventTracker Widget to an External Site
How To Embed EventTracker Widget to an External Site Publication Date: March 27, 2018 Abstract This guide will help the user(s) to configure an EventTracker Widget to an External Site like SharePoint.
More informationIntroduction E-mark Mail
Introduction E-mark Mail This manual outlines the general functions of Emark.Mail. This means that the basic Emark.Mail modules subscriptions, mailings and statistics are addressed. 2 Logging in To log
More informationTransaction Approval Process
Access Online Transaction Approval Process User Guide Version 1.7 Cardholder Contents Introduction... 2 TAP Overview Flow Chart... 3 Cardholder Transaction Approval Process... 4 View-Only Access... 4 View
More informationDashboard Instructions
Dashboard Instructions The instructions below provide a brief overview of some of the tools available to you as you navigate the COMPASS performance dashboard. The dashboard was created to provide Communities
More informationManaging GSS Devices from the GUI
CHAPTER 1 This chapter describes how to configure and manage your Global Site Selector Manager (GSSM) and Global Site Selector (GSS) devices from the primary GSSM graphical user interface. It includes
More informationThe following topics describe how to configure correlation policies and rules.
The following topics describe how to configure correlation policies and rules. Introduction to and Rules, page 1 Configuring, page 2 Configuring Correlation Rules, page 5 Configuring Correlation Response
More informationPortal 2.0. Overview. Overview, on page 1 Dashboard, on page 2 Quick Analysis Reports, on page 2 Detailed Analysis Reports, on page 4
Overview, on page 1 Dashboard, on page 2 Quick Analysis Reports, on page 2 Detailed Analysis Reports, on page 4 Overview offers you more flexibility in customizing the data you are shown and drilling down
More informationCustomer Inquiry, Dispute & Information (CIDI) User Guide
U S E R G U I D E CALIFORNIA ISO Customer Inquiry, Dispute & Information (CIDI) User Guide Revision History Version Date Description By 1.0 04/26/10 CIDI initial user guide Latisha Collins 1.1 04/27/10
More informationSetting up Microsoft Office 365
Integration Guide Revision G McAfee SaaS Email Protection Securing Exchange Online in Microsoft Office 365 Setting up Microsoft Office 365 Use this guide to configure Microsoft Office 365 and Microsoft
More informationUser Guide. Version R94. English
AuthAnvil User Guide Version R94 English March 8, 2017 Copyright Agreement The purchase and use of all Software and Services is subject to the Agreement as defined in Kaseya s Click-Accept EULATOS as updated
More informationPrevent Network Attacks
How-to Guide CounterACT Version 7.0.0 Table of Contents About Preventing Network Attacks... 3 Prerequisites... 3 Create and Apply a Threat Protection Policy... 4 Evaluate Threats... 8 Generate Reports...
More informationReadyTalk for Marketo User Guide
ReadyTalk for Marketo User Guide Revised 11/24/2015 Contents Configuring ReadyTalk & Marketo... 3 Setting Up Your Event in ReadyTalk... 5 Setting Up Your Event in Marketo... 7 Creating a New Program...
More informationManaging WCS User Accounts
7 CHAPTER This chapter describes how to configure global email parameters and manage WCS user accounts. It contains these sections: Adding WCS User Accounts, page 7-2 Viewing or Editing User Information,
More informationThe following topics describe how to use dashboards in the Firepower System:
The following topics describe how to use dashboards in the Firepower System: About, page 1 Firepower System Dashboard Widgets, page 2 Managing, page 14 About Firepower System dashboards provide you with
More informationComodo cwatch Web Security Software Version 2.10
rat Comodo cwatch Web Security Software Version 2.10 Website Administrator Guide Guide Version 2.10.042018 Comodo Security Solutions 1255 Broad Street Clifton, NJ 07013 Table of Contents 1 Introduction
More informationComodo Dome Shield - Admin Guide
rat Comodo Dome Shield Software Version 1.12 Administrator Guide Guide Version 1.12.111717 Comodo Security Solutions 1255 Broad Street Clifton, NJ 07013 Table of Contents 1 Introduction to Comodo Dome
More informationSmart Call Home Web Application
CHAPTER 3 This chapter discusses the following areas: Overview of the Launch Smart Call Home Smart Call Home Overview Page Registration Management Processes Report Generation Overview of the Smart Call
More informationBQS User Guide For Digital Skills Test Centres
BQS User Guide For Digital Skills Test Centres Feb 2015 v1.5 Contents 1. Getting Started... 3 1.1 Administration... 3 1.2 Automated Testing Website... 3 1.3 Software Requirements... 3 2. BQS Web Administration...
More informationFireMon Security manager
FireMon Security manager Regain control of firewalls with comprehensive firewall management The enterprise network is a complex machine. New network segments, new hosts and zero-day vulnerabilities are
More informationORACLE MANAGED CLOUD SECURITY SERVICES - SERVICE DESCRIPTIONS. December 1, 2017
ORACLE MANAGED CLOUD SECURITY SERVICES - SERVICE DESCRIPTIONS December 1, 2017 Table of Contents Oracle Managed Security Database Encryption Service for Oracle IaaS... 3 Oracle Managed Security Database
More informationPOA Bridge. Security Assessment. Cris Neckar SECUREWARE.IO
POA Bridge Security Assessment Cris Neckar SECUREWARE.IO Executive Summary The engagement team performed a limited scope, source code assessment of POA Network s POA Bridge. The purpose of this assessment
More informationEFFECTIVE VULNERABILITY MANAGEMENT USING QUALYSGUARD 1
EFFECTIVE VULNERABILITY MANAGEMENT USING QUALYSGUARD 1 EFFECTIVE VULNERABILITY MANAGEMENT USING QUALYSGUARD ICTN 6823 BOYD AARON SIGMON EAST CAROLINA UNIVERSITY EFFECTIVE VULNERABILITY MANAGEMENT USING
More informationHTTP Errors User Guide
Version 3.8 Published: 2016-03-28 Copyright 2016, Cisco Systems, Inc. Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000
More informationContents. Common Site Operations. Home actions. Using SharePoint
This is a companion document to About Share-Point. That document describes the features of a SharePoint website in as much detail as possible with an emphasis on the relationships between features. This
More informationHow to configure the UTM Web Application Firewall for Microsoft Lync Web Services connectivity
How to configure the UTM Web Application Firewall for Microsoft Lync Web Services connectivity This article explains how to configure your Sophos UTM to allow access Microsoft s Lync Web Services (the
More informationIntegrate Trend Micro Control Manager. EventTracker v8.x and above
Integrate Trend Micro Control Manager EventTracker v8.x and above Publication Date: May 24, 2018 Abstract This guide provides instructions to configure Trend Micro Control Manager to generate logs for
More informationCreating and Editing Budgets
EXO Business CRM User Guide 4. Select the levels to create budgets at by ticking the required boxes in the Budget Model section. It is only necessary to tick one box for each column - ticking the box for
More informationCreating Dashboard. Version: 7.3
Creating Dashboard Version: 7.3 Copyright 2015 Intellicus Technologies This document and its content is copyrighted material of Intellicus Technologies. The content may not be copied or derived from, through
More informationFirepower Management Center High Availability
The following topics describe how to configure Active/Standby high availability of Cisco Firepower Management Centers: About, on page 1 Establishing, on page 7 Viewing Status, on page 8 Configurations
More informationIntegrate Palo Alto Traps. EventTracker v8.x and above
EventTracker v8.x and above Publication Date: August 16, 2018 Abstract This guide provides instructions to configure Palo Alto Traps to send its syslog to EventTracker Enterprise. Scope The configurations
More informationFlowmon Application for QRadar User Guide
Flowmon Application for QRadar User Guide Version 01.00.00 Flowmon Application for QRadar is an extension connecting IBM QRadar with events from Flowmon ADS Solution. Flowmon Application was build with
More informationMalwarebytes AdwCleaner User Guide
Malwarebytes AdwCleaner User Guide AdwCleaner >= 7.1 March 21, 2018 Notices Malwarebytes products and related documentation are provided under a license agreement containing restrictions on use and disclosure
More informationManaging WCS User Accounts
CHAPTER 7 This chapter describes how to configure global e-mail parameters and manage WCS user accounts. It contains these sections: Adding WCS User Accounts, page 7-1 Viewing or Editing User Information,
More informationIC L19 - Consolidate Information from across your Infrastructure to create a custom report for PCI DSS Hands-On Lab
IC L19 - Consolidate Information from across your Infrastructure to create a custom report for PCI DSS Hands-On Lab Description How to implement external data connectors for data relevant to PCI and map
More informationISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002
ISO 27002 COMPLIANCE GUIDE How Rapid7 Can Help You Achieve Compliance with ISO 27002 A CONTENTS Introduction 2 Detailed Controls Mapping 3 About Rapid7 8 rapid7.com ISO 27002 Compliance Guide 1 INTRODUCTION
More informationSonicWall Capture Client 1.0. Operations
SonicWall Capture Client 1.0 Operations Contents Part 1. Introduction About Capture Client................................................................5 Description...........................................................................
More informationVeeam Universal Application Item Recovery
Veeam Universal Application Item Recovery Version 9.5 User Guide November, 2016 2016 Veeam Software. All rights reserved. All trademarks are the property of their respective owners. No part of this publication
More informationForescout. Engine. Configuration Guide. Version 1.3
Forescout Core Extensions Module: Device Classification Engine Version 1.3 Contact Information Forescout Technologies, Inc. 190 West Tasman Drive San Jose, CA 95134 USA https://www.forescout.com/support/
More informationBLOOMBERG VAULT FOR FILES. Administrator s Guide
BLOOMBERG VAULT FOR FILES Administrator s Guide INTRODUCTION 01 Introduction 02 Package Installation 02 Pre-Installation Requirement 02 Installation Steps 06 Initial (One-Time) Configuration 06 Bloomberg
More informationGenerate Reports to Monitor End-user Activity
This chapter contains the following sections: Overview of Reporting, on page 1 Using the Reporting Pages, on page 2 Enabling Reporting, on page 7 Scheduling Reports, on page 7 Generating Reports On Demand,
More informationCisco Service Control Usage Analysis and Reporting Solution Guide,
CISCO SERVICE CONTROL SOLUTION GUIDE Cisco Service Control Usage Analysis and Reporting Solution Guide, Release 3.8.x 1 About this Guide 2 Usage Analysis and Reporting Solution Overview 3 Using the SCA
More informationKaspersky Security for Windows Server
Kaspersky Security for Windows Server User's Guide Application version: 10.1.0.622 Dear User, Thank you for choosing Kaspersky Lab as your security software provider. We hope that this document helps you
More informationLive Connect. Live Connect
2 Chapter 9 - Introduction Fig. 9.1 Brief Overview Pop-up Window provides single machine interface to give you full control over your endpoints with minimal end user interruption. It is built to help you
More information