Network Forensics Deployment(WBT)

This entry-level online course covers deployment options, basic administration and core functionality for FireEye Network Forensics (PX) appliances.

Learning Objectives

After completing this course, learners should be able to:

  • Describe the FireEye Network Forensics appliance
  • Illustrate how Network Forensics appliances are deployed in a typical network
  • Search and filter connection and session data using Network Forensics appliances
  • Reconstruct session data for a malicious breach using Network Forensics appliances

Who Should Attend

Network security professionals and incident responders who must work with FireEye Network Forensics to process large amounts of high-speed packet data.

Prerequisites

A working understanding of networking and network security, the Windows operating system, file system, registry and use of the command line interface (CLI).

Duration

2.5-3 hours

Web-Based Training Web-Based Training

Courses cannot be purchased or accessed from this site.

If you would like to register for this course, please contact your FireEye account manager.

Thank you.

Course Outline

Instructor-led sessions are typically a blend of lecture and hands-on lab activities.

  1. PX Platform Introduction
    • Overview : purpose and benefits
    • PX in the malware attack lifecycle
    • Common use cases for PX
  2. PX Series Deployment Options
    • Ingress/egress
    • Network core
    • Pivot with NX
    • With NX inline mode
    • With IA
    • With Helix
    • With FireEye iSight
  3. PX Series System Readiness
    • System Readiness checks
    • Access management interfaces
    • CLI and system checks
    • Web UI checks
  4. Common Administration Tasks
    • Administration duties
    • Configuring the authentication
    • Role assignment
    • Managing users
    • Restarting PX system and processes
    • System and configuration backup and restore
    • Event-based Capture (EBC)