IBM Security Network Prevention is a next-generation intrusion prevention system. This course provides the processes, procedures, and practice necessary to configure the Network Protection (XGS) appliance to protect your network. Students learn through hands-on labs how to configure the appliance, configure management and protection policies, and block a variety of common attacks.

* Describe the characteristics and architecture of the IBM Security Network Protection appliance
* Connect the appliance to your network
* Configure initial settings on the appliance and register it with SiteProtector
* Use network objects and network access rules to configure the Network Access Policy
* Use IPS objects to configure the Intrusion Prevention Policy
* Describe different alert types and configure SNMP alerts generated by response objects and system alerts
* Use objects and policies to tune your security policy
* Capture network packets
* Configure local, remote, and passive user authentication
* Inspect outbound and inbound SSL traffic
* Use the SNORT syntax to incorporate rules in the appliance
* Use advanced threat protection and quarantine rules to block events
* Integrate the appliance with IBM Security QRadar SIEM
* Monitor events on the appliance

This course is designed for network and security professionals who evaluate, implement, manage, or monitor the IBM Security Network Protection appliance.
 

Before taking this course, make sure that you have the following skills:
* Basic knowledge of information security concepts
* Familiarity with networking concepts, such as switching, routing, and firewalls, and tools, such as network sniffers and FTP clients
* Solid knowledge of the TCP/IP protocol and IPv4 networking
* Use the IBM Security SiteProtector™ console to manage agents. Students should attend IS604G, IBM Security SiteProtector System: Basic Implementation and Administration or an equivalent course before attending this class.
 

Unit 1: Introduction to IBM Security Network Protection
Unit 2: Setting up the appliance
Unit 3: Managing the appliance
Unit 4: Configuring the Network Access Policy
Unit 5: Configuring the Intrusion Prevention Policy
Unit 6: Using alerts and events
Unit 7: Tuning Network Access Policy rules and Intrusion Prevention behavior
Unit 8: Capturing network traffic
Unit 9: Controlling user access
Unit 10: Inspecting SSL-encrypted traffic
Unit 11: Implementing SNORT rules
Unit 12: Configuring advanced threat protection
Unit 13: Integrating with QRadar SIEM
Unit 14: Monitoring event data

Prior to enrolling, IBM Employees must follow their Division/Department processes to obtain approval to attend this public training class. Failure to follow Division/Department approval processes may result in the IBM Employee being personally responsible for the class charges.
GBS practitioners that use the EViTA system for requesting external training should use that same process for this course. Go to the EViTA site to start this process: http://w3.ibm.com/services/gbs/evita/BCSVTEnrl.nsf
Once you enroll in a GTP class, you will receive a confirmation letter that should show:
    The current GTP list price
    The 20% discounted price available to IBMers. This is the price you will be invoiced for the class.