ArcSight ESM Advanced Analyst - CSE (ESM320)

Kursbeschreibung Kurstermine


This course provides you with techniques to proactively analyze and troubleshoot the ESM CORR-engine database and ArcSight ESM Manager to provide efficient services to your organization. This course teaches you to design and deploy hierarchical, fault tolerant manager implementations as well integration strategies between ArcSight ESM and other ArcSight appliances such as Logger, Connector Appliance, and the ArcSight Management Center products.


This course is intended for any system administrators who need to:

  • Install, administer, maintain and troubleshoot ArcSight ESM components
  • Design and implement integrations between ArcSight ESM and other ArcSight appliances
  • Proactively investigate the health of the ArcSight ESM CORRE environment


To be successful in this course, you will have:

  • Common security devices such as IDS and firewalls
  • Common network device functions, such as routers, switches, and hubs
  • TCP/IP functions such as CIDR blocks, subnets, addressing, and communications
  • Basic Windows operating system tasks and functions
  • Possible attack activities, such as scans, man in the middle, sniffing, DoS, and possible abnormal activities, such as worms, Trojans, and viruses
  • SIEM terminology, such as threat, vulnerability, risk, asset, exposure, and safeguards
  • Completed the ArcSight ESM Administrator and Analyst ATP course or 6 months experience administering ArcSight ESM


Upon successful completion of this course, you should be able to:

  • Design, deploy and configure an ArcSight ESM multi-manager layout for high-availability and fail-over
  • Assess and implement integration strategies for ArcSight ESM and ArcSight appliances
  • Provide credentials for ArcSight ESM including RADIUS and LDAP/AD
  • Use available ArcSight and Oracle tools to investigate the health of your installation
  • Implement ArcSight best practices for backup and recovery for an Oracle 10g database


  • Module 1: CORRE Architecture
  • Module 2: Using CORRE with ArcSight Appliances
  • Module 3: Installing ESM
  • Module 4: Installing and Navigating the ESM Console
  • Module 5: Installing Connectors
  • Module 6: Event Flow using the ESM Console
  • Module 7: Managing the Network Model
  • Module 8: Administering Users and Groups
  • Module 9: SmartConnector Status and Configuring Destinations
  • Module 10: Configuring ArcSight SmartConnectors
  • Module 11: SmartConnector Advanced Features
  • Module 12: Installing FlexConnectors
  • Module 13: ArcSight Forwarding Connectors
  • Module 14: Managing SSL Certificates
  • Module 15: Using the ArcSight Command Center
  • Module 16: Administrative Dashboards
  • Module 17: Creating Notifications
  • Module 18: ArcSight ESM Admin Authentication
  • Module 19: Maintaining CORRE System Health
  • Module 20: Using the ArcSight Packages
  • Module 21: Content Management
  • Module 22: Patching CORR-Engine
  • Module 23: CORRE Daily Archiving
  • Module 24: ArcSight ESM CORRE Backup and Restore
  • Module 25: Working with HPE ArcSight Support
Classroom Training
Modality: G

Dauer 5 Tage

Preis (exkl. MwSt.)
  • Deutschland: 3.000,- €
Termine und Buchen
Online Training
Modality: U

Dauer 5 Tage

Preis (exkl. MwSt.)
  • Deutschland: 3.000,- €
Termine und Buchen
Zum Buchen bitte auf den Ortsnamen klicken Kurstermine
Dies ist ein Instructor-led Online Training, das über WebEx in einer VoIP Umgebung durchgeführt wird. Sollten Sie Fragen zu einem unserer Online-Kurse haben, können Sie uns jederzeit unter +49 (0)40 25334610 oder per E-Mail an kontaktieren.
17.03. - 21.03.2019 Düsseldorf
19.11. - 22.11.2018 Online Training Zeitzone: Europe/Paris 4 Tage Kurssprache: französisch

Cookies verbessern unsere Services. Durch die Benutzung unserer Website erklären Sie sich mit unserer Verwendung von Cookies einverstanden.   Verstanden.