Endpoint Security Troubleshooting

This workshop introduces a framework for troubleshooting the FireEye Endpoint Security (HX) appliance and Endpoint Security Agent installations. The course includes checklists, case studies and guidance for transitioning difficult cases to the FireEye support team. Optional modules expand this workshop to include FireEye core hardware and virtual appliances

This workshop is experimental hands-on and will give learners experience resolving common issues.

Learning Objectives

After completing this course, learners should be able to:

  • Resolve issues commonly encountered with Endpoint Security Agent whitelisting
  • Validate endpoints to ensure that they are performing as expected
  • Use Endpoint Security logs and diagnostics for troubleshooting
  • Explore common issues across core installations
  • Understand common issues with hardware and virtual appliances

Who Should Attend

FireEye Endpoint Security appliance administrators who must regularly resolve FireEye Endpoint Security issues.

Prerequisites

Completion of the Endpoint Security Deployment course. Experience with network administration and support.

Duration

1 day

Instructor-Led Training Instructor-Led Training

Courses cannot be purchased or accessed from this site.

If you would like to register for this course, please contact your FireEye account manager.

Thank you.

Course Outline

Instructor-led sessions are typically a blend of lecture and hands-on lab activities.

  1. Deployment
    • Checking hardware deployment
    • Agent compatibility
  2. Connectivity
    • Agent connectivity and validation
    • HX – HXD connectivity
  3. Whitelisting
    • Whitelisting
    • Validate a whitelist
  4. Performance
    • General performance settings
    • Memory map I/O
    • Creating effective memory map I/O settings
  5. HX Logs
    • Using and understanding logs
    • Logs for xAgent install/uninstall issue
    • Obtaining agent logs from endpoint
    • Using agent diagnostics