Fortinet NSE 5 - FortiSiem (SIEM)

 

Course Overview

In this course, you will learn about FortiSIEM initial configurations, architecture, and the discovery of devices on the network. You will also learn how to collect performance information and aggregate it with syslog data to enrich the overall view of the health of your environment, how to use the configuration database to greatly facilitate compliance audits, and how to integrate FortiSIEM into your network awareness infrastructure.

Who should attend

Anyone who is responsible for the day-to-day management of FortiSIEM should attend this course.

Prerequisites

You must have an understanding of the topics covered in the following courses, or have equivalent experience.

Course Objectives

After completing this course, you should be able to:

  • Identify business drivers for using SIEM tools
  • Describe SIEM and PAM concepts
  • Describe key features of FortiSIEM
  • Understand how collectors, workers, and supervisors work together
  • Configure notifications
  • Create new users and custom roles
  • Describe and enable devices for discovery
  • Understand when to use agents
  • Perform real-time, historic structured searches
  • Group and aggregate search results
  • Examine performance metrics
  • Create custom incident rules
  • Edit existing, or create new, reports
  • Configure and customize the dashboards
  • Export CMDB information
  • Identify Windows agent components
  • Describe the purpose of Windows agents
  • Understand how the Windows agent manager works in various deployment models
  • Identify reports that relate to Windows agents
  • Understand the FortiSIEM Linux file monitoring agent
  • Understand agent registration
  • Monitor agent communications after deployment
  • Troubleshoot FortiSIEM issues

Course Content

  • Introduction
  • SIEM and PAM Concepts
  • Discovery and FortiSIEM Agents
  • FortiSIEM Analytics
  • CMDB Lookups and Filters
  • Group By and Data Aggregation
  • Rules and MITRE ATT&CK
  • Incidents and Notification Policies
  • Reports and Dashboards
  • Maintaining and Tuning
  • Troubleshooting

Prices & Delivery methods

Online Training

Duration
3 days

Price
  • CHF 2,190.—
Classroom Training

Duration
3 days

Price
  • Switzerland: CHF 2,190.—
 

Schedule

Instructor-led Online Training:   Course conducted online in a virtual classroom.

German

Time zone: Central European Time (CET)

Online Training Time zone: Central European Summer Time (CEST) Course language: German
Online Training Time zone: Central European Summer Time (CEST) Course language: German
Online Training Time zone: Central European Summer Time (CEST) Course language: German
Online Training Time zone: Central European Time (CET) Course language: German