FortiAnalyzer

Course Overview

In this course, one will learn the fundamentals of utilizing FortiAnalyzer for centralized logging & reporting. One will learn how to configure & deploy FortiAnalyzer, & identify threats and attack patterns via logging, analysis, & reporting. Finally, one will examine the management of events, incidents, playbooks, & some helpful troubleshooting techniques.

 

Prerequisites

  • Familiarity with every topic presented in the NSE 4 FortiGate Security & NSE 4 FortiGate Infrastructure courses
  • Understanding of SQL SELECT syntax is helpful, but not required

Audience Profile

Anyone who is responsible for the day-to-day management of FortiAnalyzer devices and FortiGate security information.

 

Learning Objectives

  • After accomplishment of this course, you should be able to:
  • Explain key features and concepts of FortiAnalyzer
  • Deploy an proper architecture
  • Utilize administrative access controls
  • Observe nitor administrative events and tasks
  • Configure high availability
  • Comprehend and HA synchronization and load balancing
  • Update the firmware of an HA cluster
  • Affirm the normal operation of an HA cluster
  • Handle ADOMs
  • Handle RAID
  • Register supported devices
  • Troubleshoot communication problems 
  • Handle disk quota
  • Handle registered devices
  • Protect log information
  • View, search, Handle, and troubleshoot logs
  • Monitor & manage events
  • Manage & customize event handlers
  • Create & manage incidents
  • Explore tools utilized for threat hunting
  • Create, run, & troubleshoot playbooks
  • Import & export playbooks
  • Generate & customize reports
  • Customize charts & datasets
  • Manage & troubleshoot reports

Content Outline

Introduction and Initial Configuration

Administration and Management

Device Registration and Communication

Logging

FortiSoC—Incidents and Events

FortiSoC—Playbooks

Reports

Certification

This course equips you for the NSE 5 FortiAnalyzer certification exam.

 

FAQs

A: To attend the training session you should have an operational Desktops or Laptops with required specification along with good internet connection to access the labs. 

 

A: We would always recommend you to attend the live session to practice & clarify the doubts instantly and get more value from your investment. However, due to some contingency if you have to skip the class Radiant Techlearning would help you with the recorded session of that particular day. However, those recorded sessions are not meant only for personal consumption and NOT for distribution or any commercial use.

A: Radiant Techlearning has a data center containing the Virtual Training environment for the purpose of participant’s hand-on-practice. 

Participants can easily access these labs over Cloud with the help of remote desktop connection. 

Radiant virtual labs provide you the flexibility to learn from anywhere in the world and in any time zone. 

 

 

A: The learners will be enthralled as we engage them in real world and industry Oriented projects during the training program. These projects will improve your skills and knowledge and you will gain better experience. These real time projects, they will help you a lot in your future tasks and assignments.

 

Send a Message.


  • Enroll