From the course: Cisco CCNP Security SCOR v1.1 (350-701) Cert Prep

Unlock this course with a free trial

Join today to access over 24,800 courses taught by industry experts.

Cisco Stealthwatch

Cisco Stealthwatch

From the course: Cisco CCNP Security SCOR v1.1 (350-701) Cert Prep

Start my 1-month free trial Buy for my team

Cisco Stealthwatch

- [Instructor] In this section, we want to examine a few more Cisco Security solutions. The SCOR blueprint tells us that we need to be familiar with several Cisco Security products and be able to describe the capabilities of those. So we'll start here with Cisco Stealthwatch. This is another great tool that gives us very deep and detailed visibility into our network, allowing us to keep track of everything happening through network telemetry. At the top, we can see several alarm categories, and for each category you can see a number below that. These numbers indicate how many network endpoints are currently exhibiting that particular behavior. So for example, if we click on this Recon section, to take a look at that, you can see there are currently four endpoints listed under Recon and clicking that category is going to bring us to a list of these affected hosts. With the Recon category specifically, hosts would trigger this alarm if they are performing unauthorized scans, using TCP…

Contents