ArcSight ESM 6.5 Advanced Administrator - CSE (ESM310)
This course equips you with techniques of proactive analysis and troubleshooting skills for the ESM 6.5 database and ArcSight ESM 6.5 Manager to provide efficient services to your organization.

Effort and duration

days for ILT


days for VILT

Delivery formats


Training is available as a private session onsite.
ILT - Instructor Led
VILT - Virtual Instructor Led
Audience / Job roles

This course is intended for:

Install, administer, maintain and troubleshoot ArcSight ESM components.
Design and implement integrations between ArcSight ESM and other ArcSight appliances.
Proactively investigate the health of the ArcSight ESM CORRE environment.
Course description
This course equips you with techniques to proactively analyze and troubleshoot the ESM 6.5 database and ArcSight ESM 6.5 Manager to provide efficient services to your organization. This course shows you how to design and deploy hierarchical, fault tolerant manager implementations as well integration strategies between ArcSight ESM and other ArcSight appliances such as Logger, Connector Appliance, and the ArcSight Management Center products.
Course Objectives

Upon successful completion of this course, you should be able to:

Design, deploy and configure an ArcSight ESM multi-manager layout for high-availability and fail-over
Assess and implement integration strategies for ArcSight ESM and ArcSight appliances
Provide credentials for ArcSight ESM including RADIUS and LDAP/AD
Use available ArcSight and Oracle tools to investigate the health of your installation
Implement ArcSight best practices for backup and recovery for an Oracle 10g database
Prerequisites and Recommended Skills

To be successful in this course, you should have the following prerequisites or knowledge:

  • Common security devices such as IDS and firewalls
  • Common network device functions, such as routers, switches, and hubs
  • TCP/IP functions such as CIDR blocks, subnets, addressing, and communications
  • Basic Windows operating system tasks and functions
  • Possible attack activities, such as scans, man in the middle, sniffing, DoS, and possible abnormal activities, such as worms, Trojans, and viruses
  • SIEM terminology, such as threat, vulnerability, risk, asset, exposure, and safeguards
  • Completed the ArcSight ESM Administrator and Analyst ATP course or 6 months experience administering ArcSight ESM

Certification at the Certified Solutions Expert (CSE) level is only available with the ILT version of the course. The certification consists of a hands-on exam the last day of the class. The Accredited Software Professional (ASP) level is an online exam that is purchased separately from the course.

  • ArcSight Admin and Analyst ASP
  • ArcSight Advanced Administrator CSE
  • ArcSight Advanced Analyst CSE
  • ArcSight Logger CSE
Course Topics
Module 1ESM Architecture
Module 2Using CORRE with ArcSight Appliances
Module 3Installing ESM
Module 4Installing and Navigating the ESM Console
Module 5Installing Connectors
Module 6Using Command Center
Module 7Managing the Network Model
Module 8SmartConnector Status and Configuring Destinations
Module 9Configuring ArcSight SmartConnectors
Module 10SmartConnector Advanced Configuration
Module 11Installing FlexConnectors
Module 12Forwarding ArcSight Connectors
Module 13Managing SSL Certificates
Module 14Maintaining CORRE System Health and Patches
Module 15CORRE Daily Archiving
Module 16CORRE Backup and Restore
Contact us.

Your name

Your e-mail

Your message

Or write here