Arbor DDOS Protection Training

Day-1:
Module 1: Overview

 Describe NETSCOUT AED/Arbor APS

 Describe how it benefits your network
 Describe how it can be managed
 Differentiate between various end-user roles and responsibilities

Module 2: Navigating the User Interface

 Use Menu, Smart Bar, Help, and About

 View Summary Page

Module 3: Viewing Deployment Mode and Protection Levels

 Identify deployment mode status

 Verify protection level

Module 4: Monitoring Your Network Traffic

 View Summary and Default Protection Group pages

 Describe how “out-of-the-box” protection works

Module 5: Creating Protection Groups

 Describe and create Protection Groups

 Describe Use of a Profile Capture

Module 6: Determining if a Network Service is Under Attack

 View Summary Page Indicators

 View Protection Group Page Indicators

Module 7: Determining if Further Mitigation Steps are Required

 Determine if an attack is mitigated

 Determine if further mitigation steps are required
Module 8: Managing False Positives

 View Blocked Host Log

 Decide when and how to Whitelist

Module 9: Generating Reports

 Generate a Mitigation Summary Report

 Generate an Executive Summary Report
 Generate an ATLAS® Global DDoS Summary Report

Module 10: Initial Installation of Your AED

 Describe AED system characteristics and connectivity features

 Explain AED deployment options
 List the initial installation steps and perform the AED quick installation script

Module 11: Configuring Your AED Deployment

 Complete the general configuration and apply system licensing for your AED
 View and update your AED deployment mode and protection status

Day-2:

Module 12: Upgrading Your AED Software

 Detail the steps involved in upgrading AED system software

 Describe and use file management as it relates to software updates

Module 13: User Account Administration

 Manage user account authentication, group privileges, and user accounts

 Perform user account tasks such as creating a new user account and displaying user account
status

Module 14: Backing Up and Restoring Your AED

 Create a backup schedule for your AED

 Restore your AED from a backup file

Module 15: NETSCOUT Arbor Edge Defense (AED) Overview

 NETSCOUT AED architecture and functional overview
 Establish UI familiarity and workflow
 Verify current AED operational status
 Establish perspective by identifying current traffic characteristics
 Lab: Protection Group Setup and Tuning

Module 16: Configuring NETSCOUT AED For Your Network

 Using blacklists and whitelists

 Filter traffic with FCAP fingerprint expression language
 Lab: Use blacklists and filtering to block unwanted traffic

Module 17: Defend Against Layer 3/4 State-Exhausting Attacks

 Identify characteristics of the Invalid Packet protection and view the traffic types that it
drops
 Describe and configure protections used to drop or block layer 3/4 misuse traffic
 Discuss common layer 3/4 DDoS attack vectors
 Lab: Mitigate state-exhaustion attacks

Module 18: Engage Cloud Signaling Services

 Define Arbor AED cloud signaling

 Describe when to use AED cloud signaling
 Distinguish between different cloud signaling requests
 Configure AED to connect to your provider’s cloud-based services
 Use and monitor your cloud-based mitigation
 Lab: Configuring and engaging cloud signaling

Module 19: Defend Against an Outbound Attack

 Identify the use of and characteristics of the Outbound Threat Filter

 Monitor and view indicators of outbound threats generating from within your network
 Enable and configure the Outbound Threat Filter
 How to use NETSCOUT AED to protect from outbound attacks
 Lab: Blocking outbound traffic on your network
 Lab: Mitigating Protocol Attacks

Module 20: Defend Against an Application-Layer Attack

 Apply application layer protections for common servers and services
 Discuss common application-layer DDoS attack vectors
 Lab: Mitigate Application-layer Attacks
 Lab: Mitigate Multi-vector Attacks