In this video, we’re going to be configuring AMP for Endpoints and Duo integration. The goal is to have Duo restrict access to applications after a endpoint is detected as compromised by AMP for Endpoints.

In this video, we’ll be configuration RA VPN on the ASA through the command line.

In this video, we’ll be configuring PAT on the ASA.

In this video, we’ll go over how to license the ASAv from the command line.

In this video, we’re going to configure basic SSH and ASDM access on the ASA

In this video, we’ll go over the basic interface elements on an ASA and how to configure them.

Deploying ASAv on vCenter

In previous videos, we walked through the configuration of Stealthwatch Cloud’s sensors and integrations. In this video, we’ll be walking through the Stealthwatch Cloud Console to see where to find information and reports.

In this video, we’re going to configure Stealthwatch Cloud integration with AWS. Stealthwatch Cloud is a security analytics tool that provide visibility, threat identification, and compliance. It works seamlessly across AWS, GCP, Azure and even your private LAN. After we're done configuring, Stealthwatch Cloud will be able to read the AWS VPC flow logs that contain all the network flow metadata. Stealthwatch Cloud then uses these VPC logs to perform entity modeling which essentially uses machine learning to create a models or simulation for every network entity. Based on observations, Stealthwatch Cloud can see if there are sudden changes in behavior or anomalous behavior in how the entity is acting and how it's being accessed.

In this short video, we’re going to be integrating Umbrella with Stealthwatch Cloud. By integrating the two, this provides additional information about external entity IP addresses including geolocation-related information, whether the domain name was detected, and associated malicious domain names.

In this video, we’re going to be integrating Meraki with Stealthwatch Cloud. It’s a pretty simple configuration and gives you a little more context on the endpoints by provides ip-to-hostname binding if Meraki has that information.

This video is a little different than the previous ones that I’ve created. I’m starting it out by saying that you should NOT do this in production and this is only for a lab environment. This method is not supported by Cisco and we’re pretty much using a hack to create these profiles. If you call TAC because this doesn’t work or you break something, you’re not going to get support with it. That being said: It still has a very good use. Let’s say you do an endpoint dump from your production environment* of your production environment and you need to create a large number of custom profiles. In that situation, you can still spin up a lab virtual machine, create the profiles there using this method without risking your production environment, and then export the profiles as one bulk file from that lab system using the Export in Policy>Profiling.

In this video, we're going to walk through the installation of a Stealthwatch Cloud sensor on a Raspberry Pi 3 running Raspbian.