Presented by: McClain Marchman, Cisco Stealthwatch Advanced Services Network Consulting Engineer, Cisco Security Business Group
Reduce operator overhead, advance Stealthwatch optimization, and receive more accurate alarming on meaningful events? Yes, you can!
The Stealthwatch Host Group Automation (HGA) Service gives you a logical means of categorizing network assets for improved visibility and control. It enables the classification of your host groups from third-party data feeds so you can keep them synchronized with your network infrastructure.
McClain Marchman shows how you can use HGA to:
Tackle dynamic server behavior that consistently changes IP addresses and configure Stealthwatch to apply policies to these automated, dynamic, host groups.
Reduce excess consumption of your team’s resources by decreasing overall cost to operate Stealthwatch and by decreasing false positive alarms.
Manage integrations proactively with authoritative IP data sources such as IPAMs, CMDBs, and threat feeds.
McClain Marchman is a Cisco Stealthwatch Advanced Services Network Consulting Engineer in the Security Business Group. He is a part of the team that creates new and exciting custom integration solutions for customers such as the SIEM integration, HGA integration, and the Proxy integration service. McClain joined Cisco via Lancope in 2015 as a Technical Support Engineer. He holds a B.S. in Computer Science from Kennesaw State University, Georgia.
I have a Cisco 5506-x (5 VLAN limit) and a Catalyst 2960-CG. I want to create about 15 VLANS. I was wondering if i could just create these on the Catalyst 2960-CG and not create them on the ASA or would I need to create them on both and have m...
Hi, I edited the default policy for ikev2 ( it is done for ipsec site to site vpn policy )The below is before editing crypto ikev2 policy 1encryption aes-256integrity shagroup 5prf shalifetime seconds 86400 and the below is afte...
This article is intended to be a simple example of configuring AnyConnect relevant syslog messages to be sent from the ASA to a Syslog server. The syslog server in this example is Spunk but almost any syslog server should be do the job. The ...
Dear all, I've configured authentication Using Ldap server but Failed.After save the configuration and logout to test, I can't access to my FMC with both Local and External User :( Please help me procedure to rollback my FMC configuration from C...