You are here
SEC0390 - Firepower 7.0 Event Correlation and Remediation (Part 3)
Difficulty Level:
Lab Document:
<Please login to see the content>
Category:
Security
The video demonstrates capabilities to correlate system events and generate appropriate remediation responses on Cisco Firepower 7.0. We will go through three sample scenarios; first with a basic event matching and responding, second with connection tracking, and third using Malware event. The responses that will be configured are NMAP scan, ISE ANC and SGT assignment
Part 3 of this video covers the third scenario to quarantine user that attempt to download a malware using ISE SGT
Topic:
- Correlation Policy and Rules
- Correlation Rule Event Conditions
- Connection Tracking
- Remediation Response and Response Group
- Remediation with NMAP Scan, ISE ANC, and SGT
- ISE Integration