Presented by: McClain Marchman, Cisco Stealthwatch Advanced Services Network Consulting Engineer, Cisco Security Business Group
Reduce operator overhead, advance Stealthwatch optimization, and receive more accurate alarming on meaningful events? Yes, you can!
The Stealthwatch Host Group Automation (HGA) Service gives you a logical means of categorizing network assets for improved visibility and control. It enables the classification of your host groups from third-party data feeds so you can keep them synchronized with your network infrastructure.
McClain Marchman shows how you can use HGA to:
Tackle dynamic server behavior that consistently changes IP addresses and configure Stealthwatch to apply policies to these automated, dynamic, host groups.
Reduce excess consumption of your team’s resources by decreasing overall cost to operate Stealthwatch and by decreasing false positive alarms.
Manage integrations proactively with authoritative IP data sources such as IPAMs, CMDBs, and threat feeds.
McClain Marchman is a Cisco Stealthwatch Advanced Services Network Consulting Engineer in the Security Business Group. He is a part of the team that creates new and exciting custom integration solutions for customers such as the SIEM integration, HGA integration, and the Proxy integration service. McClain joined Cisco via Lancope in 2015 as a Technical Support Engineer. He holds a B.S. in Computer Science from Kennesaw State University, Georgia.
Hello Everyone, I am trying to configure a IPsec remote access VPN on a Cisco CSR 1000v on aws cloud but I'm unable to find any proper configurations for Cisco CSR 1000v Router. I have tried standard Cisco IOS Router configuration but nothing works.&...
Hello!I have ASA with FirePOWER (no AMP and URL). And have many (over 10) zones.yesterday my SIP server sometimes loss registration and vice also have poor quality.I try to PING 22.214.171.124 and get floating delay from 25 to 500! ms.i exclude sip server ...
Hello We are planning the migration of an ASA5540 to a Firepower 2110.The new implementation will use AnyConnect for remote access and ISE will be used as RADIUS server.The module NAM in anyconnect is compatible with Firepower versión 6.2.x? Accordin...
I'm using an ACL to limit access for one of my anyconnect users. The ACL does it's job and restricts the user from being able to connect to anything but the permitted IPs. However, once the user connects to a permitted server, they can then ssh to other s...
Hi Everyone, I would like to know if any of you have experience on deploying FTD or ASA in Google Cloud Platform or eventually what is Cisco's offer in terms of Firewall in cloud infrastructure. In case I would appreciate any suggestion on the d...