Presented by: McClain Marchman, Cisco Stealthwatch Advanced Services Network Consulting Engineer, Cisco Security Business Group
Reduce operator overhead, advance Stealthwatch optimization, and receive more accurate alarming on meaningful events? Yes, you can!
The Stealthwatch Host Group Automation (HGA) Service gives you a logical means of categorizing network assets for improved visibility and control. It enables the classification of your host groups from third-party data feeds so you can keep them synchronized with your network infrastructure.
McClain Marchman shows how you can use HGA to:
Tackle dynamic server behavior that consistently changes IP addresses and configure Stealthwatch to apply policies to these automated, dynamic, host groups.
Reduce excess consumption of your team’s resources by decreasing overall cost to operate Stealthwatch and by decreasing false positive alarms.
Manage integrations proactively with authoritative IP data sources such as IPAMs, CMDBs, and threat feeds.
McClain Marchman is a Cisco Stealthwatch Advanced Services Network Consulting Engineer in the Security Business Group. He is a part of the team that creates new and exciting custom integration solutions for customers such as the SIEM integration, HGA integration, and the Proxy integration service. McClain joined Cisco via Lancope in 2015 as a Technical Support Engineer. He holds a B.S. in Computer Science from Kennesaw State University, Georgia.
Using ASDM(7.15(1), I am trying to configure DHCP Relay on my ASA-5506(9.15(1)7, I get:"[ERROR] dhcprelay server 192.168.1.1 inside_1DHCP: Cannot enable DHCP Relay on an interface running DHCP Proxy. Remove VPN DHCP config first."Going to the DHCP Server ...
Hello community ! I have a big problem, i hope you can help me.Im working in a small bussiness, so my boss did want me to make theyr networkI ve done everything good and after a little bit, he bought me a firewall ASA 5505.I did start learning about ...
I have what may seem a like a simple question. I have a Standalone FTD 4110 appliance that is a managed by FMC. I have added a second identical standalone 4110 to FMC(same software version etc.) . The First FTD is completely configured. If I create ...
Anyone know how to renew an expired trustsec PAC on ISE? I'm asking this because we can't SSH into our switches any more. W keep getting "expired PAC" when trying to log in. When we check ISE, we see that the PAC expired for quite a while ago. Check the a...