FireEye Network Forensics (PX series) allows you to identify and resolve security incidents faster by capturing and indexing full packets at extremely rapid speeds. With PX, you can detect a broad array of security incidents, improve the quality of your response and precisely quantify the impact of each incident.
This self-paced online course is a primer on PX, covering deployment options, basic administration, and core functionality.
This course is a recommended starting point for anyone who uses a PX.
Upon completion of the course the learner should be able to:
- Describe the purpose and benefits of PX
- Illustrate the deployment of PX in a typical network
- Verify system readiness, post baseline-configuration of PX
- Perform PX administration tasks
- FireEye administrators
- Anyone who needs to familiarize themselves with the purpose and benefits of PX
- Junior forensics analysts and incident responders who plan to take the PX ILT course
- PX Platform Introduction
- Overview: purpose and benefits
- PX in the malware attack lifecycle
- PX Series Deployment Options
- Network core
- Pivot with NX
- With NX inline mode
- With IA
- PX Series System Readiness
- System readiness checks
- Access management interfaces
- CLI and system checks
- The Web UI
- Web UI checks
- Common Administration Tasks
- Administration duties
- Configuring the authentication
- Role assignment
- Managing users
- Restarting PX system and processes
- System and configuration backup and recovery
- Event-based Capture (EBC)
This course is self-paced, so duration may vary. On average, this course should take about 2.5 hours to complete. The course does not need to be completed in a single sitting.
This course was designed to work in all modern desktop browsers (Chrome, Firefox, Safari, Internet Explorer 10+, Microsoft Edge) and tablets (such as iPad). While it may work on mobile phones, we do not officially support phones and suggest using a desktop or tablet to view the course.
Please contact your FireEye account manager for details.