Use Case Workshop: Gaining Visibility of Deceptive Applications (UCWDA)
Use Case Workshops are hands-on, instructor-led courses focused on specific use case outcomes in Cisco Stealthwatch Enterprise. The workshops are designed to help you quickly identify and investigate common threats and to provide effective workflows so that you can fully understand Stealthwatch capabilities.
Who should attend
This course is intended for individuals who are responsible for tuning the Stealthwatch System, creating and maintaining policies, monitoring traffic, and obtaining and responding to actionable alarms.
To complete this workshop, the following components must be installed and configured on your network:
- Stealthwatch Management Console
- Stealthwatch Release 7.0 or later
- Stealthwatch Flow Collector
- Stealthwatch Flow Sensor (DPI or other capable devices)
In this workshop, you'll work through a series of activities that focus on viewing applications in Cisco Stealthwatch Enterprise. With additional metadata provided from deep packet inspection (Flow Sensor, NBAR, or equivalent), you will identify unwanted application behavior in the network.
How you’ll benefit
In a lab environment, you will learn how to use:
- Peer-to-Peer (P2P)
- Application tunneling
- Application alarming
- URL searching
After taking this course you should be able to
- Explain how Stealthwatch provides visibility of applications.
- Use Stealthwatch tools to investigate the behavior of applications in the network