O'Reilly logo

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Cisco NetFlow for Cyber Security Big Data Analytics

Video Description

More than 6 hours of video training covering everything you need to know to deploy, configure, and troubleshoot NetFlow in many different Cisco platforms and learn big data analytics technologies for cyber security.

Description

Cisco NetFlow for Cyber Security Big Data Analytics walks you through the steps for deploying, configuring, and troubleshooting NetFlow and learning big data analytics technologies for cyber security. Cisco NetFlow creates an environment where network administrators and security professionals have the tools to understand who, what, when, where, and how network traffic is flowing. Cisco NetFlow LiveLessons is a key resource for understanding the power behind the Cisco NetFlow solution.

Omar Santos, a Cisco Product Security Incident Response Team (PSIRT) technical leader and author of Network Security with NetFlow and IPFIX, the CCNA Security 210-260 Official Cert Guide, and other key security video and book titles by Cisco Press demonstrates how NetFlow can be used by large enterprises and small-to-medium-sized businesses to meet critical network challenges. This video courseexplores everything you need to understand and implement the Cisco Cyber Threat Defense Solution, while also providing configuration and troubleshooting walk-throughs.

Skill Level

  • Intermediate

What You Will Learn

  • NetFlow and IPFIX basics
  • NetFlow Deployment Scenarios
  • Cisco Flexible NetFlow
  • NetFlow Commercial and Open Source Monitoring and Analysis Software Packages
  • Big Data Analytics Tools
  • The Cisco Cyber Threat Defense Solution
  • Troubleshooting NetFlow
  • NetFlow for Anomaly Detection and Identifying DoS Attacks
  • NetFlow for Incident Response and Forensics

Who Should Take This Course

  • Network and security professionals interested in learning about the Cisco NetFlow solution; anyone wishing to build Cisco security

About LiveLessons Video Training

LiveLessons Video Training series publishes hundreds of hands-on, expert-led video tutorials covering a wide selection of technology topics designed to teach you the skills you need to succeed. This professional and personal technology video series features world-leading author instructors published by your trusted technology brands: Addison-Wesley, Cisco Press, IBM Press, Pearson IT Certification, Prentice Hall, Sams, and Que. Topics include: IT Certification, Programming, Web Development, Mobile Development, Home and Office Technologies, Business and Management, and more. View all LiveLessons on InformIT at http://www.informit.com/livelessons.

Table of Contents

  1. Introduction
    1. Cisco NetFlow: Introduction 00:01:43
  2. Lesson 1: Introduction to NetFlow and IPFIX
    1. Learning objectives 00:00:44
    2. 1.1 Introduction to NetFlow 00:04:43
    3. 1.2 The Attack Continuum 00:03:30
    4. 1.3 The Network as a Sensor and as an Enforcer 00:02:27
    5. 1.4 What Is a Flow? 00:04:36
    6. 1.5 NetFlow Versus IP Accounting and Billing 00:01:50
    7. 1.6 NetFlow for Network Security 00:12:43
    8. 1.7 Traffic Engineering and Network Planning 00:01:40
    9. 1.8 Introduction to IP Flow Information Export (IPFIX) 00:10:25
    10. 1.9 Cisco Supported Platforms for NetFlow 00:02:04
    11. 1.10 NetFlow Versions and History 00:03:57
  3. Lesson 2: NetFlow Deployment Scenarios
    1. Learning objectives 00:00:42
    2. 2.1 Introduction to Cisco Cyber Threat Defense 00:08:51
    3. 2.2 Deployment Scenario: User Access Layer 00:01:32
    4. 2.3 Deployment Scenario: Wireless LAN 00:00:57
    5. 2.4 Deployment Scenario: Internet Edge 00:01:07
    6. 2.5 Deployment Scenario: Data Center 00:03:37
    7. 2.6 Deployment Scenario: NetFlow in Site-to-Site and Remote VPNs 00:04:04
    8. 2.7 NetFlow Collection Considerations and Best Practices 00:04:06
    9. 2.8 Determining the Flows per Second and Scalability 00:02:54
  4. Lesson 3: Cisco Flexible NetFlow
    1. Learning objectives 00:00:30
    2. 3.1 Introduction to Cisco Flexible NetFlow 00:01:54
    3. 3.2 Flexible NetFlow Records 00:02:06
    4. 3.3 Flow Monitors, Exporters, and Samplers 00:03:02
    5. 3.4 Flexible NetFlow Configuration 00:04:40
    6. 3.5 Flexible NetFlow IPFIX Export Format 00:01:11
  5. Lesson 4: NetFlow Commercial and Open Source Monitoring and Analysis Software Packages
    1. Learning objectives 00:00:43
    2. 4.1 Commercial NetFlow Monitoring and Analysis Software Packages 00:05:54
    3. 4.2 NFdump 00:04:06
    4. 4.3 NfSen 00:00:38
    5. 4.4 SiLK 00:04:33
    6. 4.5 Elasticsearch, Logstash, and Kibana Stack (ELK): Overview and Architecture 00:04:10
    7. 4.6 ELK: Installation and Configuration Files 00:08:35
  6. Lesson 5: Big Data Analytics and NetFlow
    1. Learning objectives 00:00:44
    2. 5.1 Introduction to Big Data Analytics for Cyber Security 00:02:06
    3. 5.2 NetFlow and Other Telemetry Sources for Big Data Analytics for Cyber Security 00:04:31
    4. 5.3 OpenSOC: Overview, Architecture, and Capabilities 00:06:36
    5. 5.4 OpenSOC: Operation and Enrichments 00:06:37
    6. 5.5 Hadoop 00:05:49
    7. 5.6 Flume, Kafka, Storm, and Hive 00:06:58
    8. 5.7 HBase 00:01:12
    9. 5.8 Third-Party Analytic Tools and Other Big Data Software 00:04:02
    10. 5.9 Understanding Big Data Scalability: Big Data Analytics in the Internet of Everything 00:08:30
  7. Lesson 6: Cisco Cyber Threat Defense and NetFlow
    1. Learning objectives 00:00:41
    2. 6.1 Cisco Cyber Threat Defense Solution: Overview 00:04:49
    3. 6.2 Cisco Cyber Threat Defense Solution: AMP 00:02:54
    4. 6.3 Cisco Cyber Threat Defense Solution: Threat Grid, Email Security, and Web Security 00:05:16
    5. 6.4 Cisco Cyber Threat Defense Solution: ISE 00:04:26
    6. 6.5 Deploying the Lancope StealthWatch System 00:08:54
    7. 6.6 Deploying NetFlow Secure Event Logging in the Cisco ASA 00:02:18
    8. 6.7 Deploying NSEL in Cisco ASA Configured for Clustering 00:04:01
    9. 6.8 Configuring NSEL in the Cisco ASA 00:06:01
    10. 6.9 Configuring NetFlow in the Cisco Nexus 1000V 00:04:30
    11. 6.10 Configuring NetFlow in the Cisco Nexus 7000 Series 00:06:01
  8. Lesson 7: Troubleshooting NetFlow
    1. Learning objectives 00:00:28
    2. 7.1 Troubleshooting NetFlow in Cisco IOS and Cisco IOS XE Devices 00:09:03
    3. 7.2 Troubleshooting NetFlow in Cisco NX-OS Software 00:02:19
    4. 7.3 Troubleshooting NetFlow in Cisco IOS-XR Software 00:05:27
    5. 7.4 Troubleshooting NetFlow in the Cisco ASA 00:09:39
  9. Lesson 8: Using NetFlow for Anomaly Detection and Identifying DoS Attacks
    1. Learning objectives 00:00:32
    2. 8.1 The Different Types of DDoS Attacks 00:04:41
    3. 8.2 Using NetFlow in Enterprise Networks to Detect DDoS Attacks 00:03:29
    4. 8.3 Using NetFlow in Service Provider Networks to Detect DDoS Attacks 00:03:49
  10. Lesson 9: Using NetFlow for Incident Response and Forensics
    1. Learning objectives 00:00:41
    2. 9.1 Using NetFlow for the Identification of Credit Card Theft 00:09:11
    3. 9.2 Using NetFlow for the Identification of Theft of Intellectual Property 00:05:14
    4. 9.3 Using NetFlow for Monitoring Guest Users and Contractors 00:03:03
    5. 9.4 Using NetFlow for Capacity Planning 00:02:08
    6. 9.5 Using NetFlow to Monitor Cloud Usage 00:01:55
  11. Summary
    1. Cisco NetFlow: Summary 00:01:12