NetWitness NextGen and Palo Alto Networks Integration Guide. NetWitness Corporation
|
|
- Shauna Sandra Lucas
- 6 years ago
- Views:
Transcription
1 NetWitness NextGen and Palo Alto Networks Integration Guide NetWitness Corporation
2 Table of Contents Introduction... 3 Creating a NetWitness URI from Palo Alto Networks Data... 4 Appendix A: Uniform Resource Identifier (URI)... 7 Appendix B: PAN OS Log Link Appendix C: SIEMLink
3 Introduction Palo Alto Networks next generation firewalls provide policy based visibility and control over applications users and threats. Leveraging their firewall technology improves your security posture and provides excellent visibility into your infrastructure. Combining that visibility with the industry leading forensic capabilities of NetWitness NextGen, provides you with detailed insight into your network and enables fast and reliable incident resolution. NetWitness NextGen was designed from inception to be able to easily integrate with existing security and network technologies. This guide provides instruction on how to integrate NetWitness Investigator and Palo Alto Networks. Upon completion of this guide, you should be able to configure Palo Alto Networks firewalls to pass a custom URI that the user can leverage to pivot into Investigator for further session analysis. To accomplish this, you will need to be familiar with the following features: Uniform Resource Identifier (URI) A programmatic feature that provides a simple and extensible way of launching NetWitness NextGen applications using the nw:// and nws:// operators. Complete documentation for the NetWitness URI can be found in Appendix A. PAN-OS Log Link A feature of Palo Alto Networks OS 3.1 for providing links from log data to external systems. The links will show up at the bottom of the log detail page in the log viewer and they will open the constructed URI. Further documentation on PAN- OS Log-Link can be found in Appendix B. The supported versions for this document are NetWitness NextGen 9.0 and Palo Alto Networks OS
4 Creating a NetWitness URI from Palo Alto Networks Data The first step when setting up an integration link is to decide what information you want to see in Investigator. The following table shows the correlation between Palo Alto Networks data and NetWitness metadata. PAN Data Element src dst sport dport NetWitness Metadata ip.src ip.dst tcp.srcport or udp.srcport** tcp.dstport or udp.dstport** **This field depends on the PAN proto field. If proto=udp, then use udp.srcport, etc Knowing that, let s say that you wanted to be able to see an IP s activity for the last day when they show up on a certain log. Let s start with the NetWitness URI. From our previous reading, we know that the basic template is as follows: nw://<host name>?collection=<collection Name>&time=<time range>&name=<name>&where=<where clause>&sessions=<session total>&history=<history tag> Since we re using SSL on all of our devices, we ll change the operator at the beginning and add the hostname information. For this example, I will be using a remote collection named Soundwave on a Concentrator also named Soundwave: nws:// soundwave:50005/?collection= SOUNDWAVE%3A50005&time=<time range>&name=<name>&where=<where clause>&sessions=<session total>&history=<history tag> You ll notice the %3A in between the collection name and port. This is the : symbol after URL encoding. You will be required to encode any special characters after the hostname portion of the URI. There are multiple sites online that can assist you with URL encoding. Next we need to add a time range and a name to be displayed in Investigator. Since we want to see activity for the last day, we will use the last 24 hours of collection time. To keep things simple, we will just use the source IP address for the name. nws://soundwave:50005/?collection=soundwave%3a50005&time=last+24+hours+of +Collection+Time&name= {src}&where=<where clause>&sessions=<session total>&history=<history tag> Since we re interested in a time range rather than a finite number of sessions for this query, we ll delete the session count (sessions=<session total>). That leaves us with the where and history clauses. For the where clause, we want to see the activity of the source IP, so we will 4
5 add an argument mapping the PAN source IP ({src}) to the NetWitness source IP (ip.src). The history tag is used to show the name of the drill when you look in the History menu in Investigator. In this case the name we are using should suffice, so we will drop it altogether. nws://soundwave:50005/?collection=soundwave%3a50005&time=last+24+hours+of +Collection+Time&name={src}&where=ip.src%3D{src} This URI could be enhanced by showing not only the traffic where the source IP is the originator, but all traffic to and from the source IP listed in the Log Detail. You can add to a where clause by using an and (&&) or an or ( ) connector. Don t forget to encode the special characters! Here is an example of adding an or connector to show all traffic to and from our source IP. nws://soundwave:50005/?collection=soundwave%3a50005&time=last+24+hours+of +Collection+Time&name={src}&where=%28ip.src%3D{src}%7C%7Cip.dst%3D{src}%29 Note1: The and & or connectors can also be useful if you want to see traffic from one IP to another, or if you wanted to add a specific port. Note2: When using multiple arguments in a where clause, you should always enclose your arguments in parentheses. Don t forget to encode! Now that we have our URI, let s log into the Palo Alto Networks Device and enter it in. SSH into the device using your credentials. From there, use the configure command to get to the proper prompt. The proper syntax for entering the URI is: set deviceconfig system log-link NW_Source_IP_Last_24 url nws://soundwave:50005/?collection=soundwave%3a50005&time=last+24+hours+of +Collection+Time&name={src}&where=ip.src%3D{src}%7C%7Cip.dst%3D{src} If you paste this in, you will have to cursor back and hit Ctrl+V before entering the? into the SSH window. After the command is successfully entered, you can save the configuration using the commit command. You should now be able to pivot directly from Palo Alto Networks Log Detail window into NetWitness Investigator! So let s take a look at the Log Link integration in action. First, we need to select a record to examine. 5
6 Next, click the Details icon to see the Traffic Log Details page. In the bottom left corner, you should see the name of the Log-Link that we created. Click on that link and it should bring up your Investigator window. You may be prompted for a password depending on how your authentication is configured. 6
7 Appendix A: Uniform Resource Identifier (URI) NetWitness Investigator supports programmatic use of Uniform Resource Identifiers (URI). It allows a user the capability of launching programmatically into NetWitness Investigator from an external application. Upon Investigator installation the nw:// and nws:// URI schemes are registered on the workstation. An example of this functionality can be demonstrated by right-click and copy the URL from Investigator breadcrumb area (middle top) and then paste the URL into Internet Explorer, which will then launch Investigator to the query location. The URL can also be run from command line by copying the URL into Start > Run with the syntax for launching the URL as a parameter for Nwinvestigator.exe, Nw://<host name>?collection=<collection Name>&time=<time range>&name=<name>&where=<where clause>. A full example of a URL looks like the following: nw://demo Collection?collection=Demo+Collection&time=All+Data&more-states=&more-allstates=&name= &where=ip.src%3D &sessions=1&history=collection% 3DDemo+Collection%26time%3DAll+Data The base syntax is in the following scheme in non-ssl or SSL format: Without SSL enabled: nw://<host name>? With SSL: nws://<host name>? Note: The server you are requesting data from must have SSL enabled to use the SSL scheme. Base URI Syntax In the Navigation View, which is the central mechanism for drilling into the extracted metadata, every click has a URL behind it tracked in the breadcrumb box at the middle-top of the interface. The base syntax is as follows for the URL: Nw://<host name>?collection=<collection Name>&time=<time range>&name=<name>&where=<where clause>&sessions=<session total>&history=<history tag> <host name> = Concentrator host name:port in the case of a remote collection <host name> = local collection name in the case of a local collection Below are examples of various URLs and syntax guidelines copied directly from the Investigator breadcrumb input box. Please note the URLs may be encoded. 7
8 Figure 5. Navigation View In the Navigation View, the following is an example of the scheme for a remote collection and a local collection drill. Example of a remote collection drill nw://soundwave:50005/?collection=soundwave%3a50005&time=last+24+hours+of+collecti on+time&more-states=&more-allstates=&name=%22suspicious_possible_malicious_http_redirect%22&where=ip.src%3d %26%26+alert%3D%22suspicious_possible_malicious_http_redirect%22&sessions=289& history=collection%3dsoundwave%3a50005%26time%3dlast+24+hours+of+collection+ti me%7ccollection%3dsoundwave%3a50005%26time%3dlast+24+hours+of+collection+ti me%26more-states%3d%26more-allstates%3d%26name%3d %26where%3dip.src%3d %26sessions%3d
9 Example of a local collection drill nw://analyst1?collection=analyst1&time=all+data&more-states=&more-allstates=&name=http&where=service%3d80&sessions=345&history=collection%3danalyst1% 26time%3DAll+Data Base URL Parameters Time ranges can be used to set up parameters for data collection. The acceptable values of these parameters are listed below for that piece of the URL. 1) time = time range of the query Allowable values: a) Today b) Today 12 AM to 5:59 AM c) Today 6 AM to 1159 AM d) Today 12 PM to 5:59 PM e) Today 6 PM to 11:59 PM f) Yesterday g) This Week h) Last Week i) Last 6 Hours of Collection Time j) Last 12 Hours of Collection Time k) Last 24 Hours of Collection Time l) Last 2 Days of Collection Time m) Last 5 Days of Collection Time n) Last 7 Days of Collection Time o) All Data p) Any custom range (i.e Feb-04 9:15 AM to 2010-Feb-04 1:15 PM ) 2) Name= what appears in the Breadcrumb Window in Investigator. Should be formed such that it makes sense to the user when viewing the link within Investigator 3) Where = where clause according to the SDK doc with all operators URL encoded 4) Sessions = number of sessions that exist for the drill with the last drill value 5) History= what appears in the History drop down in Investigator Session List View The session list view will display a representation of all the sessions that correspond to the drill form the Navigation View. 9
10 Figure 6. Session View Session List View Syntax The syntax has to be in the following format with examples listed below of a remote collection drill and a local collection drill for the URL. Nw://<host name>?collection=<collection Name>&time=<time range>&view=session&name=<name>&where=<where clause>&sessions=<session total>&history=<history tag> Example of a remote collection drill nw://soundwave:50005/?collection=soundwave%3a50005&sessions=289&time=today&mor e-states=&more-allstates=&view=session&name=sessions+for+%22cnn.disqus.com%22&where=ip.src%3d %26%26+alert%3D%22suspicious_possible_malicious_http_redirect%22+%26%26+alias. host%3d%22cnn.disqus.com%22&history=collection%3dsoundwave%3a50005%26time%3 DLast+24+Hours+of+Collection+Time%7Ccollection%3DSOUNDWAVE%3A50005%26time%3 DLast+24+Hours+of+Collection+Time%26more-states%3D%26more-allstates%3D%26name%3D %26where%3Dip.src%3D %26sessions%3D524 3%7Ccollection%3DSOUNDWAVE%3A50005%26more-states%3D%26more-allstates%3D%26name%3D%22suspicious_possible_malicious_http_redirect%22%26where%3Di p.src%3d %26%26+alert%3d%22suspicious_possible_malicious_http_redirect%22 %26sessions%3D289%26time%3DToday 10
11 Example of a local collection drill nw://analyst1?collection=analyst1&time=all+data&sessions=345&more-states=&more-allstates=&view=session&name=sessions+for+%22download.windowsupdate.com%22&where=s ervice%3d80+%26%26+alias.host%3d%22download.windowsupdate.com%22&history=collecti on%3danalyst1%26time%3dall+data%7ccollection%3danalyst1%26time%3dall+data%26m ore-states%3d%26more-allstates%3d%26name%3dhttp%26where%3dservice%3d80%26sessions%3d345 Content View The content view displays content for a particular session. Figure 7. Content View Content View Syntax The following is the syntax format that needs to be used for the URL in the content view along with the acceptable render types. Nw://<host name>?collection=<collection Name>&time=<time range>& where=<where clause>&view=content&name= Content+for+Session+%23<session ID>&sessionid=<session ID>&allpackets=<true or false>&render=<render type> 11
12 Allowable render types: 1) Hex 2) Packets 3) Web 4) Mail 5) IM 6) VoIP 7) Details The following list the examples of the hex view, packets view, web view, mail view, IM view, VoIP view and details view. The basic syntax is the same except for the render type. Examples: Hex nw://analyst1?collection=analyst1&time=all+data&sessions=345&more-states=&more-allstates=&where=service%3d80+%26%26+alias.host%3d%22download.windowsupdate.com%2 2&view=content&name=Content+for+Session+%23121&sessionid=121&allpackets=false&rend er=hex Packet View nw://analyst1?collection=analyst1&time=all+data&sessions=345&more-states=&more-allstates=&where=service%3d80+%26%26+alias.host%3d%22download.windowsupdate.com%2 2&view=content&name=Content+for+Session+%23121&sessionid=121&allpackets=false&rend er=packets Mail View nw://analyst1?collection=analyst1&time=all+data&sessions=345&more-states=&more-allstates=&where=service%3d80+%26%26+alias.host%3d%22download.windowsupdate.com%2 2&view=content&name=Content+for+Session+%23121&sessionid=121&allpackets=false&rend er=mail Web View nw://analyst1?collection=analyst1&time=all+data&sessions=345&more-states=&more-allstates=&where=service%3d80+%26%26+alias.host%3d%22download.windowsupdate.com%2 2&view=content&name=Content+for+Session+%23121&sessionid=121&allpackets=false&rend er=web 12
13 IM View nw://analyst1?collection=analyst1&time=all+data&sessions=345&more-states=&more-allstates=&where=service%3d80+%26%26+alias.host%3d%22download.windowsupdate.com%2 2&view=content&name=Content+for+Session+%23121&sessionid=121&allpackets=false&rend er=im Audio View nw://analyst1?collection=analyst1&time=all+data&sessions=345&more-states=&more-allstates=&where=service%3d80+%26%26+alias.host%3d%22download.windowsupdate.com%2 2&view=content&name=Content+for+Session+%23121&sessionid=121&allpackets=false&rend er=voip Details nw://analyst1?collection=analyst1&time=all+data&sessions=345&more-states=&more-allstates=&where=service%3d80+%26%26+alias.host%3d%22download.windowsupdate.com%2 2&view=content&name=Content+for+Session+%23121&sessionid=121&allpackets=false&rend er=details Search View Search View is the mechanism for locating individual sessions with specified string values or regular expressions. Figure 8. Search View Search View Syntax 13
14 The following is the syntax format that needs to be used for the URL in the search view along with the acceptable render types. Nw://<host name>?collection=<collection Name>&time=<time range>&name=<name>&where=<where clause>&view=searchresults®ex=<on=1,off=1>&ci=<on=1,off=1>&ds=<on=1,off=1>&sm=< on=1,off=1>&sp=<on=1,off=1>&export=<on=1,off=1>&exportfile=<export file name>&hashpcapfiles=<on=1,off=1>&destiscoll=<local Collection Name>&history=<History Tag> Search View Parameters Time ranges can be used to set up parameters for data collection. The acceptable values of these parameters are listed below for that piece of the URL. 1. time = time range of the query Allowable values: a. Today b. Today 12 AM to 5:59 AM c. Today 6 AM to 1159 AM d. Today 12 PM to 5:59 PM e. Today 6 PM to 11:59 PM f. Yesterday g. This Week h. Last Week i. Last 6 Hours of Collection Time j. Last 12 Hours of Collection Time k. Last 24 Hours of Collection Time l. Last 2 Days of Collection Time m. Last 5 Days of Collection Time n. Last 7 Days of Collection Time o. All Data p. Any custom range (i.e Feb-04 9:15 AM to 2010-Feb-04 1:15 PM ) 2. Name= what appears in the Breadcrumb Window in Investigator. Should be formed such that it makes sense to the user when viewing the link within Investigator 3. Where = where clause according to the SDK doc with all operators URL encoded 4. Regex= Enable or disable 5. Ci= Enable or disable Case Insensitivity 6. Ds= Enable or disable Decode Sessions 7. Sm= Enable or disable Search Metadata 8. Sp= Enable or disable Search Content 9. Export= Enable or disable exporting 10. Exportfile= File type of the export file to be created, only works if Export is enabled a. Allowable values i. pcap ii. payload iii. payload1 iv. payload2 14
15 v. xml vi. nwd 11. HashPCapFiles= Enable or Disable hash file creation on the export files. Only works if Export is enabled 12. DestIsColl= Local Collection name of the Collection that is created when exporting search results to a Local Collection 13. History=What appears in the History drop down in Investigator Example: nw://soundwave:50005/?collection=soundwave%3a50005&time=last+24+hours+of+collecti on+time&sessions=2&more-states=&more-allstates=&where=feed.category%3d%22honeynet%22+%26%26+did%3d%22nw9decoder%22& view=searchresults&name=search+for+%22netwitness%22&search=netwitness®ex=0&ci= 1&ds=1&sm=1&sp=1&export=0&exportFile=&hashPcapFiles=0&destIsColl=&history=collection %3DSOUNDWAVE%3A50005%26time%3DLast+24+Hours+of+Collection+Time%7Ccollection %3DSOUNDWAVE%3A50005%26time%3DLast+24+Hours+of+Collection+Time%26morestates%3D%26more-allstates%3D%26name%3D%22honeynet%22%26where%3Dfeed.category%3D%22honeynet%2 2%26sessions%3D2%7Ccollection%3DSOUNDWAVE%3A50005%26time%3DLast+24+Hours +of+collection+time%26sessions%3d2%26more-states%3d%26more-allstates%3d%26view%3dsession%26name%3dsessions+for+%22nw9decoder%22%26where% 3Dfeed.category%3D%22honeynet%22+%26%26+did%3D%22nw9decoder%22%7Ccollection %3DSOUNDWAVE%3A50005%26time%3DLast+24+Hours+of+Collection+Time%26sessions% 3D2%26more-states%3D%26more-allstates%3D%26where%3Dfeed.category%3D%22honeynet%22+%26%26+did%3D%22nw9dec oder%22%26name%3dcontent+search%26view%3dsearch The supported field category, element name, data type and description are provided in the following table for constructing the URL. CATEGORY NAME ELEMENT DATA TYPE DESCRIPTION Network session ID UInt64 Session ID time TimeT Start Time size UInt32 Size Network(continued) eth.src MAC Ethernet Source Address eth.dst MAC Ethernet Target Address 15
16 eth.type UInt16 Ethernet Protocol ip.proto UInt8 IP Protocol ip.src IPv4 Source IP Address ip.dst IPv4 Destination IP Address ipv6.src IPv6 Source IPv6 Address ipv6.dst IPv6 Target IPv6 Address ipv6.proto IPv6 IPv6 Protocol tcp.srcport UInt16 TCP Source Port tcp.dstport UInt16 TCP Destination Port udp.srcpor UInt16 UDP Source Port udp.dstport UInt16 UDP Target Port CATEGORY NAME ELEMENT DATA TYPE DESCRIPTION Application service UInt16 Service Type Entities action Text Action Event (login, logoff, sendfrom, sendto, get, put, delete, attach, print) username Text User Account Text Address filename Text Filename resource handle Text Resource Handle Entities (continued) database Text Database name group Text Group Channel 16
17 Alias Records alias.ip IPv4 IP Address Alias Record alias.host Text Hostname Record content Text Content Type fullname Text Fullname Properties nickname Text Nickname buddy Text Buddy Name client Text Client Application server Text Server Application Password Text Password cookie Text Cookie Response Text Response referrer Text Referer created Text Created modified Text Modified generator Text Generated message Text Message subject Text Subject attachment Text Subject Properties (continued) crypto Text Crypto Key 17
18 org Text Organization orig_ip Text Originating IP Address link Text Link renewal Text Renewal dns Text Dns address Text Address subnet Text Subnet sql Text Sql Query sqlresponse Text Sql Response create Text Create invite Text Invite crc Text 32bit CRC Hash md5 Text MD5 Hash phone Text Phone Number device Text Device Name signature Text Signature alertid Text Alert ID sourcefile Text Source File Properties (continued) found Text Found match Text Match 18
19 encapsulated Text Encapsulated data_chan Text Data Channel proxy Text Proxy Name 19
20 Appendix B: PAN OS Log Link There is a new feature in PAN-OS 3.1 for providing links from log data to external systems. The links will show up at the bottom of the log detail page in the log viewer and they will open the constructed URI. The fields of the log that are available for use in constructing the link URI are as follows: src - source IP address dst - destination IP address sport - source port dport - destination port proto - protocol recvtime_yyyy - year of receive time recvtime_mm - month of receive time recvtime_dd - day of receive time recvtime_hh - hour of receive time recvtime_mm - minute of receive time recvtime_ss - second of receive time elapsed - elapse time (session time in seconds. available for traffic log only, "" otherwise) direction - client-to-server or server-to-client (available for threat, data filtering and URL log only, "" otherwise) suser - source user duser - destination user szone - source zone dzone - destination zone ingress - ingress interface egress - egress interface These links are setup in the CLI from the configure prompt via the following CLI command: set deviceconfig system log-link <link name> url <link url> For example, you could create a link like this: set deviceconfig system log-link NW_Source_IP_Last_24 url nws://soundwave:50005/?collection=soundwave%3a50005&time=last+24+hours+of+collec tion+time&name={src}+last+24+hours&where=ip.src%3d{src}%7c%7cip.dst%3d{src}&histor y=collection Note: To get? to be accepted in the CLI, you need to do a CTRL-V. You can save these changes to the running configuration using the commit command. At this point you should see the link at the bottom of the log detail page. 20
21 Multiple links can be set and all will show up at the bottom of the log detail window so you could have various links using different portions of the log data as needed. 21
22 Appendix C: SIEMLink SIEMLink is another good way to integrate NetWitness Investigator with your Palo Alto Networks device. It is also a great way to integrate with other security appliances that use a Web based GUI. This appendix offers basic SIEMLink instructions. If you aren t familiar with SIEMLink, please check the NetWitness Community site for more information. SIEMLink is a breakthrough in network security monitoring innovation, enabling instant integration of NetWitness NextGen technology with existing enterprise security infrastructures. SIEMLink is compatible with any SIEM, log consolidator, I/T Search Engine, IDS/IPS, Firewall, NSM, CMF/DLP, sniffer, NBAD,etc. For flexibility, it is a Microsoft Windows system tray application that acts as a real-time translator between an external Web based application (e.g., a SIEM) and NetWitness NextGen. The tray application takes a screen scrape of an event string from any application and parses it to formulate a valid NetWitness query. Specifically, the application identifies Time and IP address data values in the string and constructs a request that automatically retrieves data for analysis through the NetWitness Investigator application. As an example, during an incident, an analyst using Cisco MARS identified a suspicious event in need of deeper analysis: An IIS Backslash Evasion was observed on Feb 15, 2008 at 7:20 PM EST, between the IP addresses and With a single highlight of the event text and a right-click, the analyst pivoted instantly to the network data for that alert. With the data instantly provided via SIEMLink, the staff determined from the content of the HTTP transaction that actual backslash evasion did not exist. This almost immediate resolution to the alert prompted a rapid modification to the IDS rule that had triggered the alert. The rule change, to reduce false-positives, cleared the incident out of the work queue in less than one minute. Figure 1. NetWItness SIEMLink with Cisco MARS 22
23 NetWitness SIEMLink supports three implementation modes that ultimately resolve to a highly-focused analysis of network traffic through the NetWitness NextGen infrastructure including internet browser, free form, and manual input. Via Internet Browser For use with any web-based console application, a user can simply highlight any event text, right-click, and Send to NetWitness with SIEMLink. For applications that disable right-click functionality, an IE toolbar button is also provided. SIEMLink automatically interprets and resolves that event and retrieves any data NetWitness may have around the event for analysis. Figure 2. Integration by Internet Browser within SourceFires defense Center Via Free Form Copy and Paste NetWitness SIEMLink can accept free form text for resolution and analysis, copied and pasted into it from any application containing text-based events, with or without a web browser interface. Users simply copy the text event string, right-click the tray icon, and paste it into the NetWitness NextGen infrastructure. 23
24 Figure 3. Copy and Paste Method Via Manual Input Finally, NetWitness SIEMLink supports manual input of parameters into its interface. There are three types of input for use with NetWitness NextGen: Collection (required) A dropdown box shows available servers in the Investigator configuration. The utility remembers the last selection. IP address (required) Any number of IP addresses may be entered for query. Time A time widget is provided to select a time period for query. Figure 4. Integration via Manual Input 24
Novetta Cyber Analytics
Know your network. Arm your analysts. Introduction Novetta Cyber Analytics is an advanced network traffic analytics solution that empowers analysts with comprehensive, near real time cyber security visibility
More informationNetWitness Overview. Copyright 2011 EMC Corporation. All rights reserved.
NetWitness Overview 1 The Current Scenario APT Network Security Today Network-layer / perimeter-based Dependent on signatures, statistical methods, foreknowledge of adversary attacks High failure rate
More informationTrademarks. License Agreement. Third-Party Licenses. Note on Encryption Technologies. Distribution
Copyright 2017 EMC Corporation. All Rights Reserved. Trademarks RSA, the RSA Logo and EMC are either registered trademarks or trademarks of EMC Corporation in the United States and/or other countries.
More informationPass4sure q. Cisco Securing Cisco Networks with Sourcefire IPS
Pass4sure.500-285.42q Number: 500-285 Passing Score: 800 Time Limit: 120 min File Version: 6.1 Cisco 500-285 Securing Cisco Networks with Sourcefire IPS I'm quite happy to announce that I passed 500-285
More informationLogging into the Firepower System
The following topics describe how to log into the Firepower System: Firepower System User Accounts, on page 1 User Interfaces in Firepower Management Center Deployments, on page 3 Logging Into the Firepower
More informationSun Mgt Bonus Lab 6: Migration to App-ID Security Policy
1 Overview Legacy firewall rules are created around the Network (IPs) and Transport (Ports) layers of the Open Systems Interconnection (OSI) model. During a phased migration, legacy firewall rules are
More informationForescout. eyeextend for Palo Alto Networks Wildfire. Configuration Guide. Version 2.2
Forescout Version 2.2 Contact Information Forescout Technologies, Inc. 190 West Tasman Drive San Jose, CA 95134 USA https://www.forescout.com/support/ Toll-Free (US): 1.866.377.8771 Tel (Intl): 1.408.213.3191
More informationConfiguring the CSS for Device Management
CHAPTER 2 Configuring the CSS for Device Management Before you can use the WebNS Device Management user interface software, you need to perform the tasks described in the following sections: WebNS Device
More informationForeScout CounterACT. Controller Plugin. Configuration Guide. Version 1.0
ForeScout CounterACT Network Module: Centralized Network Controller Plugin Version 1.0 Table of Contents About the Centralized Network Controller Integration... 4 About This Plugin... 4 How It Works...
More informationWHY SIEMS WITH ADVANCED NETWORK- TRAFFIC ANALYTICS IS A POWERFUL COMBINATION. A Novetta Cyber Analytics Brief
WHY SIEMS WITH ADVANCED NETWORK- TRAFFIC ANALYTICS IS A POWERFUL COMBINATION A Novetta Cyber Analytics Brief Why SIEMs with advanced network-traffic analytics is a powerful combination. INTRODUCTION Novetta
More informationClientless SSL VPN End User Set-up
71 CHAPTER This section is for the system administrator who sets up Clientless (browser-based) SSL VPN for end users. It summarizes configuration requirements and tasks for the user remote system. It also
More informationMonitoring the Device
The system includes dashboards and an Event Viewer that you can use to monitor the device and traffic that is passing through the device. Enable Logging to Obtain Traffic Statistics, page 1 Monitoring
More informationCisco Next Generation Firewall Services
Toronto,. CA May 30 th, 2013 Cisco Next Generation Firewall Services Eric Kostlan Cisco Technical Marketing 2011 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 1 Objectives At the
More informationClientless SSL VPN Remote Users
This chapter summarizes configuration requirements and tasks for the user remote system. It also helps users get started with Clientless SSL VPN. It includes the following sections: Make sure that the
More informationDeploying Security Analytics Tips & Tricks to Achieve Ludicrous Speed Guy Bruneau, GSE
Deploying Security Analytics Tips & Tricks to Achieve Ludicrous Speed Guy Bruneau, GSE 1 About Me Senior Security Consultant @IPSS Inc. Incident Handler @Incident Storm Center gbruneau@isc.sans.edu Experience:
More informationCompare Security Analytics Solutions
Compare Security Analytics Solutions Learn how Cisco Stealthwatch compares with other security analytics products. This solution scales easily, giving you visibility across the entire network. Stealthwatch
More informationIdentity Policies. Identity Policy Overview. Establishing User Identity through Active Authentication
You can use identity policies to collect user identity information from connections. You can then view usage based on user identity in the dashboards, and configure access control based on user or user
More informationForeScout Extended Module for MaaS360
Version 1.8 Table of Contents About MaaS360 Integration... 4 Additional ForeScout MDM Documentation... 4 About this Module... 4 How it Works... 5 Continuous Query Refresh... 5 Offsite Device Management...
More informationAbout This Document 3. Overview 3. System Requirements 3. Installation & Setup 4
About This Document 3 Overview 3 System Requirements 3 Installation & Setup 4 Step By Step Instructions 5 1. Login to Admin Console 6 2. Show Node Structure 7 3. Create SSO Node 8 4. Create SAML IdP 10
More informationUSM Anywhere AlienApps Guide
USM Anywhere AlienApps Guide Updated April 23, 2018 Copyright 2018 AlienVault. All rights reserved. AlienVault, AlienApp, AlienApps, AlienVault OSSIM, Open Threat Exchange, OTX, Unified Security Management,
More informationLenovo ThinkAgile XClarity Integrator for Nutanix Installation and User's Guide
Lenovo ThinkAgile XClarity Integrator for Nutanix Installation and User's Guide Version 1.0 Note Before using this information and the product it supports, read the information in Appendix A Notices on
More informationLink Gateway Initial Configuration Manual
Link Gateway Initial Configuration Manual Copyright 2016 NetLinkz. All Rights Reserved. No part of this publication may be reproduced, transmitted, transcribed, stored in a retrieval system, or translated
More informationAdvanced Application Reporting USER GUIDE
Advanced Application Reporting USER GUIDE CONTENTS 1.0 Preface: About This Document 5 2.0 Conventions 5 3.0 Chapter 1: Introducing Advanced Application Reporting 6 4.0 Features and Benefits 7 5.0 Product
More informationSun Mgt Bonus Lab 11: Auto-Tagging in PAN-OS 8.X
1 Overview Introduced first in PAN-OS 8.0, the Dynamic IP Address and Tag Registration feature makes a significant step forward in the automation of operational, administrative, and, most importantly,
More informationSonicWALL / Toshiba General Installation Guide
SonicWALL / Toshiba General Installation Guide SonicWALL currently maintains two operating systems for its Unified Threat Management (UTM) platform, StandardOS and EnhancedOS. When a SonicWALL is implemented
More informationPractice Labs User Guide
Practice Labs User Guide This page is intentionally blank Contents Introduction... 3 Overview... 3 Accessing Practice Labs... 3 The Practice Labs Interface... 4 Minimum Browser Requirements... 5 The Content
More informationBIG-IP Analytics: Implementations. Version 13.1
BIG-IP Analytics: Implementations Version 13.1 Table of Contents Table of Contents Setting Up Application Statistics Collection...5 What is Analytics?...5 About HTTP Analytics profiles... 5 Overview:
More informationImplementing Infoblox Data Connector 2.0
DEPLOYMENT GUIDE Implementing Infoblox Data Connector 2.0 2017 Infoblox Inc. All rights reserved. Implementing Infoblox Data Connector, July 2017 Page 1 of 31 Contents Overview... 3 Prerequisites... 3
More informationDEPLOYMENT GUIDE DEPLOYING F5 WITH ORACLE ACCESS MANAGER
DEPLOYMENT GUIDE DEPLOYING F5 WITH ORACLE ACCESS MANAGER Table of Contents Table of Contents Introducing the F5 and Oracle Access Manager configuration Prerequisites and configuration notes... 1 Configuration
More informationDATA SHEET RSA NETWITNESS PLATFORM PERVASIVE VISIBILITY. ACTIONABLE INSIGHTS.
DATA SHEET RSA NETWITNESS PLATFORM PERVASIVE VISIBILITY. ACTIONABLE INSIGHTS. KEY ANALYSTS BENEFITS: Gain complete visibility across your network Alleviate pressures from security staff shortages with
More informationHigh Availability. Palo Alto Supports Two types of High Availability. I. Active/Passive II. Active/Active
Agenda 1. Prerequisites for Active/Passive HA 2. What Doesn t Sync in Active/Passive? 3. Configure Interface E1/4 & E1/5 type HA respectively on Primary PA 4. Configure Primary PA with HA General Setup,
More informationConfiguring a Palo Alto Firewall in AWS
Configuring a Palo Alto Firewall in AWS Version 1.0 10/19/2015 GRANT CARMICHAEL, MBA, CISSP, RHCA, ITIL For contact information visit Table of Contents The Network Design... 2 Step 1 Building the AWS network...
More informationDKT 224/3 LAB 2 NETWORK PROTOCOL ANALYZER DATA COMMUNICATION & NETWORK SNIFFING AND IDENTIFY PROTOCOL USED IN LIVE NETWORK
DKT 224/3 DATA COMMUNICATION & NETWORK LAB 2 NETWORK PROTOCOL ANALYZER SNIFFING AND IDENTIFY PROTOCOL USED IN LIVE NETWORK Lab #2 2 Lab #2 : Network Protocol Analyzer (Sniffing and Identify Protocol used
More informationConfiguring Traffic Policies for Server Load Balancing
CHAPTER3 Configuring Traffic Policies for Server Load Balancing This chapter describes how to configure the ACE appliance to use classification (class) maps and policy maps to filter and match interesting
More informationForeScout CounterACT. (AWS) Plugin. Configuration Guide. Version 1.3
ForeScout CounterACT Hybrid Cloud Module: Amazon Web Services (AWS) Plugin Version 1.3 Table of Contents Amazon Web Services Plugin Overview... 4 Use Cases... 5 Providing Consolidated Visibility... 5 Dynamic
More informationSIEM FOR BEGINNERS Everything You Wanted to Know About
SIEM FOR BEGINNERS Everything You Wanted to Know About Log Management But were Afraid to Ask www.alienvault.com A Rose By Any Other Name SLM/LMS, SIM, SEM, SEC, SIEM Although the industry has settled on
More informationThe following topics provide more information on user identity. Establishing User Identity Through Passive Authentication
You can use identity policies to collect user identity information from connections. You can then view usage based on user identity in the dashboards, and configure access control based on user or user
More informationMEDIASEAL Encryptor Client Manual
MEDIASEAL Encryptor Client Manual May 2018 Version 3.7.1 Fortium Technologies Ltd www.fortiumtech.com Copyright 2018 - Fortium Technologies Ltd Information contained in this document is subject to change
More informationConfiguring BIG-IP ASM v12.1 Application Security Manager
Course Description Configuring BIG-IP ASM v12.1 Application Security Manager Description The BIG-IP Application Security Manager course gives participants a functional understanding of how to deploy, tune,
More informationMedianet Metadata. Finding Feature Information. Restrictions for Medianet Metadata
This module provides an overview of medianet metadata. It also describes how metadata is used by different components of a network to make policy decisions. Finding Feature Information, page 1 Restrictions
More informationForeScout Extended Module for MobileIron
Version 1.8 Table of Contents About MobileIron Integration... 4 Additional MobileIron Documentation... 4 About this Module... 4 How it Works... 5 Continuous Query Refresh... 5 Offsite Device Management...
More informationPalo Alto Networks PAN-OS
RSA Security Analytics Ready Implementation Guide Partner Information Last Modified: November 24 th, 2014 Product Information Partner Name Palo Alto Networks Web Site www.paloaltonetworks.com Product Name
More informationSOLUTION BRIEF REMOTE ACCESS: WEBSHELLS SEE EVERYTHING, FEAR NOTHING
REMOTE ACCESS: WEBSHELLS SEE EVERYTHING, FEAR NOTHING RSA Visibility Reconnaissance Weaponization Delivery Exploitation Installation C2 Action WHAT IS A WEBSHELL? A WebShell is a piece of code or a script
More informationSecurity Manager Policy Table Lookup from a MARS Event
CHAPTER 17 Security Manager Policy Table Lookup from a MARS Event This chapter describes how to configure and use Security Manager and MARS so as to enable bi-directional lookup between events recieved
More informationSIEM FOR BEGINNERS EVERYTHING YOU WANTED TO KNOW ABOUT LOG MANAGEMENT BUT WERE AFRAID TO ASK.
SIEM FOR BEGINNERS EVERYTHING YOU WANTED TO KNOW ABOUT LOG MANAGEMENT BUT WERE AFRAID TO ASK www.alienvault.com A Rose By Any Other Name SLM/LMS, SIM, SEM, SEC, SIEM Although the industry has settled on
More informationMonitoring and Analysis
CHAPTER 3 Cisco Prime Network Analysis Module 5.1 has two types of dashboards: One type is the summary views found under the Monitor menu, and the other type is the over time views found under the Analyze
More informationIntegrate Palo Alto Traps. EventTracker v8.x and above
EventTracker v8.x and above Publication Date: August 16, 2018 Abstract This guide provides instructions to configure Palo Alto Traps to send its syslog to EventTracker Enterprise. Scope The configurations
More informationPANORAMA. Figure 1: Panorama deployment
PANORAMA Security deployments are complex and can overload IT teams with complex security rules and mountains of data from multiple sources. Panorama network security management empowers you with easy-to-implement,
More informationGSS Administration and Troubleshooting
CHAPTER 9 GSS Administration and Troubleshooting This chapter covers the procedures necessary to properly manage and maintain your GSSM and GSS devices, including login security, software upgrades, GSSM
More informationForeScout Open Integration Module: Data Exchange Plugin
ForeScout Open Integration Module: Data Exchange Plugin Version 3.2.0 Table of Contents About the Data Exchange Plugin... 4 Requirements... 4 CounterACT Software Requirements... 4 Connectivity Requirements...
More informationActivating Intrusion Prevention Service
Activating Intrusion Prevention Service Intrusion Prevention Service Overview Configuring Intrusion Prevention Service Intrusion Prevention Service Overview Intrusion Prevention Service (IPS) delivers
More informationLab - Using Wireshark to Examine a UDP DNS Capture
Topology Objectives Part 1: Record a PC s IP Configuration Information Part 2: Use Wireshark to Capture DNS Queries and Responses Part 3: Analyze Captured DNS or UDP Packets Background / Scenario If you
More informationConfiguring AVC to Monitor MACE Metrics
This feature is designed to analyze and measure network traffic for WAAS Express. Application Visibility and Control (AVC) provides visibility for various applications and the network to central network
More informationBIG-IP Analytics: Implementations. Version 12.1
BIG-IP Analytics: Implementations Version 12.1 Table of Contents Table of Contents Setting Up Application Statistics Collection...5 What is Analytics?...5 About HTTP Analytics profiles...5 Overview: Collecting
More informationLab - Using Wireshark to Examine a UDP DNS Capture
Topology Objectives Part 1: Record a PC s IP Configuration Information Part 2: Use Wireshark to Capture DNS Queries and Responses Part 3: Analyze Captured DNS or UDP Packets Background / Scenario If you
More informationReporting Guide - V8.1
Web Security - V8.1 4225 Executive Sq, Ste 1600 La Jolla, CA 92037-1487 Give us a call: 1-800-782-3762 Send us an email: wavesupport@edgewave.com For more info, visit us at: www.edgewave.com 2001 2018
More informationPort Mirroring in CounterACT. CounterACT Technical Note
Table of Contents About Port Mirroring and the Packet Engine... 3 Information Based on Specific Protocols... 4 ARP... 4 DHCP... 5 HTTP... 6 NetBIOS... 7 TCP/UDP... 7 Endpoint Lifecycle... 8 Active Endpoint
More informationBSc Year 2 Data Communications Lab - Using Wireshark to View Network Traffic. Topology. Objectives. Background / Scenario
BSc Year 2 Data Communications Lab - Using Wireshark to View Network Traffic Topology Objectives Part 1: (Optional) Download and Install Wireshark Part 2: Capture and Analyze Local ICMP Data in Wireshark
More informationPAN 802.1x Connector Application Installation Guide
PAN 802.1x Connector Application Installation Guide Version 1.2 "Copyright CodeCentrix. All rights reserved 2015. Version 1.2 Contact Information CodeCentrix www.codecentrix.co.za/contact Email: info@codecentrix.co.za
More informationIT Essentials v6.0 Windows 10 Software Labs
IT Essentials v6.0 Windows 10 Software Labs 5.2.1.7 Install Windows 10... 1 5.2.1.10 Check for Updates in Windows 10... 10 5.2.4.7 Create a Partition in Windows 10... 16 6.1.1.5 Task Manager in Windows
More informationAvailable Commands CHAPTER
CHAPTER 2 This chapter contains the Cisco IPS 6.2 commands listed in alphabetical order. It contains the following sections:. anomaly-detection load, page 2-4 anomaly-detection save, page 2-5 banner login,
More informationCustom Application Signatures
Custom Application Signatures Tech Note PAN-OS 4.1 Revision A Contents Overview... 3 Why Custom App-IDs... 3 Objectives... 3 Signatures for Custom App-IDs... 3 Research the Application... 3 Identify Patterns
More informationApplication and Data Security with F5 BIG-IP ASM and Oracle Database Firewall
F5 White Paper Application and Data Security with F5 BIG-IP ASM and Oracle Database Firewall Organizations need an end-to-end web application and database security solution to protect data, customers,
More informationEMC Secure Remote Support Device Client for Symmetrix Release 2.00
EMC Secure Remote Support Device Client for Symmetrix Release 2.00 Support Document P/N 300-012-112 REV A01 EMC Corporation Corporate Headquarters: Hopkinton, MA 01748-9103 1-508-435-1000 www.emc.com Copyright
More informationDigital forensics Technical Fundamentals. Saurabh Singh
Digital forensics Technical Fundamentals Saurabh Singh 159744151 saurabhgcet1989@gmail.com Topics Source of network based evidence Principles of internetworking Internet protocol Suite conclusion Source
More informationMission Guide: GUI Windows
Mission Guide: GUI Windows Your Mission: Use F-Response to connect to a remote Windows machine Using F-Response to connect to a remote Windows machine and access one or more targets Step 1: Open and start
More informationRemote Access VPN. Remote Access VPN Overview. Licensing Requirements for Remote Access VPN
Remote Access virtual private network (VPN) allows individual users to connect to your network from a remote location using a laptop or desktop computer connected to the Internet. This allows mobile workers
More informationDocument the CCIE Lab
NetBrain Technologies Inc. Document the CCIE Lab With NetBrain Personal Edition Plus 1. Install and activate NetBrain Workstation... 3 1.1 Setup NetBrain Workstation Personal Edition Plus... 3 1.2 Activate
More information6.1. Getting Started Guide
6.1 Getting Started Guide Netmon Getting Started Guide 2 Contents Contents... 2 Appliance Installation... 3 IP Address Assignment (Optional)... 3 Logging In For the First Time... 5 Initial Setup... 6 License
More informationSecurity. Risk Management. Compliance.
Richard Nichols Netwitness Operations Director, RSA Security. Risk Management. Compliance. 1 Old World: Static Security Static Attacks Generic, Code-Based Static Infrastructure Physical, IT Controlled
More informationAspera Connect Windows XP, 2003, Vista, 2008, 7. Document Version: 1
Aspera Connect 2.6.3 Windows XP, 2003, Vista, 2008, 7 Document Version: 1 2 Contents Contents Introduction... 3 Setting Up... 4 Upgrading from a Previous Version...4 Installation... 4 Set Up Network Environment...
More informationPANORAMA. Key Security Features
PANORAMA Security deployments are complex and can overload IT teams with complex security rules and mountains of data from multiple sources. Panorama network security management empowers you with easy-to-implement,
More informationForeScout Extended Module for Palo Alto Networks Next Generation Firewall
ForeScout Extended Module for Palo Alto Networks Next Generation Firewall Version 1.2 Table of Contents About the Palo Alto Networks Next-Generation Firewall Integration... 4 Use Cases... 4 Roll-out Dynamic
More informationConfiguring the Oracle Network Environment. Copyright 2009, Oracle. All rights reserved.
Configuring the Oracle Network Environment Objectives After completing this lesson, you should be able to: Use Enterprise Manager to: Create additional listeners Create Oracle Net Service aliases Configure
More information<Partner Name> <Partner Product> RSA NETWITNESS Security Operations Implementation Guide. Gurucul Risk Analytics
RSA NETWITNESS Security Operations Implementation Guide Jeffrey Carlson, RSA Partner Engineering Last Modified: June 27 th, 2017 (GRA) Overview Gurucul is changing the
More informationForeScout Extended Module for Splunk
ForeScout Extended Module for Splunk Version 2.7.0 Table of Contents About Splunk Integration... 5 Support for Splunk Enterprise and Splunk Enterprise Security... 7 What's New... 7 Support for Splunk Cloud...
More informationTHE RSA SUITE NETWITNESS REINVENT YOUR SIEM. Presented by: Walter Abeson
THE RSA NETWITNESS SUITE REINVENT YOUR SIEM Presented by: Walter Abeson 1 Reality Goals GOALS VERSUS REALITY OF SIEM 1.0 Single compliance & security interface Analyze & prioritize alerts across various
More informationNetScaler Analysis and Reporting. Goliath for NetScaler Installation Guide v4.0 For Deployment on VMware ESX/ESXi
NetScaler Analysis and Reporting Goliath for NetScaler Installation Guide v4.0 For Deployment on VMware ESX/ESXi (v4.0) Document Date: October 2016 www.goliathtechnologies.com 1 Legal Notices Goliath for
More informationIntegrating VMware Workspace ONE with Okta. VMware Workspace ONE
Integrating VMware Workspace ONE with Okta VMware Workspace ONE You can find the most up-to-date technical documentation on the VMware website at: https://docs.vmware.com/ If you have comments about this
More informationConfiguring Vulnerability Assessment Devices
CHAPTER 10 Revised: November 10, 2007 Vulnerability assessment (VA) devices provide MARS with valuable information about many of the possible targets of attacks and threats. They provide information useful
More informationCommunity Edition Getting Started Guide. July 25, 2018
Community Edition Getting Started Guide July 25, 2018 Copyright 2018 by Qualys, Inc. All Rights Reserved. Qualys and the Qualys logo are registered trademarks of Qualys, Inc. All other trademarks are the
More informationOnline Help StruxureWare Data Center Expert
Online Help StruxureWare Data Center Expert Version 7.2.7 What's New in StruxureWare Data Center Expert 7.2.x Learn more about the new features available in the StruxureWare Data Center Expert 7.2.x release.
More informationStealthwatch and Cognitive Analytics Configuration Guide (for Stealthwatch System v6.10.x)
Stealthwatch and Cognitive Analytics Configuration Guide (for Stealthwatch System v6.10.x) Copyrights and Trademarks 2018 Cisco Systems, Inc. All rights reserved. NOTICE THE SPECIFICATIONS AND INFORMATION
More informationThe Future of Threat Prevention
The Future of Threat Prevention Bricata is the leading developer of Next Generation Intrusion Prevention Systems (NGIPS) technology, providing innovative, disruptive, high-speed, high-performance network
More informationApp-ID. PALO ALTO NETWORKS: App-ID Technology Brief
App-ID Application Protocol Detection / Decryption Application Protocol Decoding Application Signature Heuristics App-ID is a patent-pending traffic classification technology that identifies more than
More informationCisco Craft Works Interface Quick Start Guide Cisco IOS XR Software Release 3.2 1
Quick Start Guide Cisco Craft Works Interface Quick Start Guide Cisco IOS XR Software Release 3.2 1 Introduction 2 About the CWI 3 Getting Started 4 Setting Up the Router and CWI Client 5 Getting Started
More informationIdentity Firewall. About the Identity Firewall
This chapter describes how to configure the ASA for the. About the, on page 1 Guidelines for the, on page 7 Prerequisites for the, on page 9 Configure the, on page 10 Monitoring the, on page 16 History
More informationMicroStrategy Academic Program
MicroStrategy Academic Program Creating a center of excellence for enterprise analytics and mobility. HOW TO DEPLOY ENTERPRISE ANALYTICS AND MOBILITY ON AWS APPROXIMATE TIME NEEDED: 1 HOUR In this workshop,
More informationCreating a Unifi Lab Network on your existing network
Creating a Unifi Lab Network on your existing network This tutorial will outline how to add a Unifi USG-3 and Unifi Switch 8 to your existing network to create a separate subnet. This tutorial assumes
More informationUsing Hypertext Transfer Protocol over Secure Sockets Layer (HTTPS)
CHAPTER 2 Using Hypertext Transfer Protocol over Secure Sockets Layer (HTTPS) This chapter contains information on the following topics: HTTPS Overview, page 2-1 HTTPS for Cisco Unified IP Phone Services,
More informationForeScout Extended Module for Splunk
Version 2.8 Table of Contents About Splunk Integration... 5 Support for Splunk Enterprise and Splunk Enterprise Security... 6 What's New... 6 Support for Splunk Cloud... 6 Support for Batch Messaging...
More informationForeScout Amazon Web Services (AWS) Plugin
ForeScout Amazon Web Services (AWS) Plugin Version 1.1.1 and above Table of Contents Amazon Web Services Plugin Overview... 4 Use Cases... 5 Providing Consolidated Visibility... 5 Dynamic Segmentation
More informationEqualizer Quick Start Guide
Equalizer Quick Start Guide Equalizer is the premier Load Balancing appliance that is easy to set up and administer. To get Equalizer onto your network and into operation, follow these steps. Step 1: Initial
More informationvrealize Operations Management Pack for NSX for vsphere 2.0
vrealize Operations Management Pack for NSX for vsphere 2.0 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new edition.
More informationRSA SecurID Access SAML Configuration for Datadog
RSA SecurID Access SAML Configuration for Datadog Last Modified: Feb 17, 2017 Datadog is a monitoring service for cloud-scale applications, bringing together data from servers, databases, tools, and services
More informationProtocol Analysis: Capturing Packets
Protocol Analysis: Capturing Packets This project is intended to be done on the EiLab Network, but if you want to try to VPN into the EiLab Network on your own PC from your home or workplace, follow these
More informationPASS4TEST. IT Certification Guaranteed, The Easy Way! We offer free update service for one year
PASS4TEST \ http://www.pass4test.com We offer free update service for one year Exam : 300-210 Title : Implementing Cisco Threat Control Solutions Vendor : Cisco Version : DEMO Get Latest & Valid 300-210
More informationHypertext Transfer Protocol over Secure Sockets Layer (HTTPS)
Hypertext Transfer Protocol over Secure Sockets Layer (HTTPS) This chapter provides information about Hypertext Transfer Protocol over Secure Sockets Layer. HTTPS, page 1 HTTPS for Cisco Unified IP Phone
More informationCHAPTER. Introduction
CHAPTER 1 Cisco Unified Communications Manager (formerly Cisco Unified CallManager) serves as the software-based call-processing component of the Cisco Unified Communications family of products. A wide
More informationManagement Tools. Management Tools. About the Management GUI. About the CLI. This chapter contains the following sections:
This chapter contains the following sections:, page 1 About the Management GUI, page 1 About the CLI, page 1 User Login Menu Options, page 2 Customizing the GUI and CLI Banners, page 3 REST API, page 3
More information