(back)
|
|
A comprehensive, interactive training session on the Cisco AMP console and agent, presented by the Office of Cybersecurity.
Agenda:
1. Brief introduction to AMP connector and how it functions (10 minutes)
2. Getting started (5 minutes): a. Requesting AMP console account & endpoint connectors b. Downloading the AMP connector c. Deployment options available through BigFix, SCCM, JAMF, Airwatch, etc.
3. Detailed Threat Analysis in the AMP Console (10-15 minutes) a. Viewing and reviewing events b. Drilling down into the details
4. Tuning for performance (10-15 minutes) a. Whitelisting files b. Setting up exclusions
5. Configuring policy settings and detection engines (15 minutes) a. File, Network, Malicious Activity Protection, System Process Protection detection engines b. Tetra/Clam AV traditional AV scanning (and scheduling scans) c. Enabling/disabling the local GUI
6. Maintenance (5-10 minutes) a. Updating AMP via the console b. What happens with imaging/duplicate endpoints? c. Checking endpoint health & known issues
7. Answer audience questions regarding AMP (remaining time)
Webex Meeting Information (If you cannot attend in person) Meeting link: https://uwmadison.webex.com/uwmadison/j.php?MTID=md2d1ddfa4085b11a866226a7a449dc07 Meeting number: 925 636 487
|
Oakes Dobson (oakes.dobson@wisc.edu)
|
UW–Madison Employees
|
|
No upcoming events.
|