We will going to have training on McAfeee SIEM,
I need list checklist covering points to make sure trainer has covered all areas , since I am new to this tool.
Thanks in Advance
thanks xded for information ,
looking for ward for more information , if any one has attended Mcafee official training , what were the topics they cover..
this training is from the vendor who is implementing the tool, they are not organized , so I have feeling they might miss some important topics.
I just would like to share with guys if you already don't know it.
There's a program called ACE for partners, and if you are, you can sign up at www.securityalliance.mcafee.com .
Steps to take certification:
1. Complete the Pre-Work ( A serie of web courses )
2. 2 Days of presencial course at McAfee Building
3. Get an opportunity ID and install a POC of SIEM
You can find complete details at www.securityalliance.mcafee.com .
Any doubt you can contact me and I'll be happy to help.
I Just forgot the question you made!!
You can find details here and download the data sheet:
Chapter 1: SIEM Overview
Chapter 2: McAfee Enterprise Security Manager and Receiver Overview
McAfee Enterprise Security Manager Properties Overview
Chapter 3: McAfee Enterprise Security Manager Interface Views
Chapter 4: Receiver Data Source Configuration • Receiver Data Sources
• Receiver Properties
• Adding a Data Source
• Data Source Types
• Configuring Common Data Sources • Client Data Sources
• Data Source Profiles
• Data Source AutoLearn
• Adding VA Data Sources
• Asset Manager
• Real Time in Data Enrichment
Chapter 5: Aggregation
• About Aggregation and Timestamps • Event Aggregation
• Dynamic Aggregation
• Setting Event Aggregation Levels
• Default Aggregation Settings
• Customizing Aggregation
• Flow Aggregation
• Port Values
Chapter 6: Policy Editor
Chapter 7: Correlation
Chapter 8: Alarms and Watchlists
Chapter 9: Reporting
Chapter 10: Working with McAfee Enterprise Log Manager
• McAfee Enterprise Log Manager Logs
• Migrating the Database
• McAfee Enterprise Log Manager Compression • SAN volumes
• Full Text Indexer
• McAfee Enterprise Log Manager Storage Pools • iSCSI Configuration
• Adding, Editing, or Deleting Storage Devices
• ELM Mirrored Data Storage
• ELM Data
Chapter 11: Troubleshooting and System Management
Enterprise Security Manager Interface Troubleshooting
Chapter 12: SIEM Workflow
• McAfee Enterprise Security Manager Interface Desktop
• Event Drilldown
• Event Analysis
• More About Using Specific Dashboards:
Normalized, Asset Vulnerability, Event and Destination Geo-Location, Source User, Host, Default Flow, Incident
• SIEM Workflow Demonstration • Case Management