Sessions

The following Professional Services Course will run for 3.5 days.

The following Pre-Sales courses will run on Tuesday and Wednesday.

The following Pre-Sales courses will run on Thursday
(Ultimate Endpoint Demo and POC and SIEM Troubleshooting will also run on Friday morning).

The following SIA Sessions will run on Friday.

McAfee Data Loss Prevention

Instructors:
Professional Services Team

Course duration (days):
3.5

Target Audience:
Intermediate

Course Description:
The McAfee Data Loss Prevention Endpoint Administration course from McAfee Education Services provides in-depth training on the tools you need to design, implement, configure, and use McAfee Data Loss Prevention Endpoint to safeguard intellectual property and ensure compliance.

The course details how this solution uses McAfee ePolicy Orchestrator (McAfee ePO) software for centralized management. It also explains how to monitor and address risky, day-to-day end-user actions such as emailing, web posting, printing, clipboards, screen captures, device control, uploading to the cloud, and more.

Course content is inclusive of, but not limited to;

  • Data Loss Prevention Solution Overview
  • Planning the deployment
  • Installing Data Loss Prevention Endpoint software
  • Deploying client endpoints and how to initiate pilot deployment and phased deployment
  • Configuring permission sets
  • Data Loss Prevention Policy Manager overview
  • Device control and examples of policies and processes
  • Classifying sensitive content
  • Track and control sensitive information
  • Monitoring and reporting
  • Examples on monitor data for GDPR
  • Examples of Discover for GDPR
  • Troubleshooting
Back to top

Data Loss Prevention

Instructors:
Daniel Clarkson and Rolf Haas

Course duration (days):
2

Target Audience:
Beginner / Intermediate

Course Description:
The McAfee Data Loss Prevention 11 training will provide attendees with a thorough deep dive into the latest version of McAfee's industry-leading DLP offering. This course will provide attendees with hands-on lab environments to work through various aspects of the product, create their own lab environment, and deliver a winning Proof of Concept.

Lab exercises will include building policies for:

  • DLP Endpoint
  • NDLP Network Discover
  • NDLP Prevent
  • NDLP Monitor

Upon completion of the course, attendees will have a solid understanding of McAfee DLP's value in a customer environment and how to sell it in competitive situations.

Back to top

Web Gateway

Instructors:
Christopher Page and Mohammed Guermellou

Course duration (days):
2

Target Audience:
Intermediate / Expert

Course Description:
Learn how the Web Security solution rated #1 in Malware Protection delivers comprehensive security for all aspects of web traffic no matter where your customers are.

This 2 day course gives security specialist the information and tools to deliver a POC of the McAfee Web Gateway.

Topics and hands-on labs include:

  • Architecture overview - On premise, physical, virtual, cloud, hybrid.
  • Architecture overview - McAfee product integrations, TIE/DXL/DLP/ePO.
  • Market overview / competitive intelligence / industry reports.
  • MWG solution Positioning / Objection handling
  • MWG Rules, Policies, Engines
Back to top

MVISION Cloud 201

Instructors:
Allan Hansen and Federico Cavallari

Course duration (days):
2

Target Audience:
Intermediate / Expert

Course Description:
McAfee MVISION Cloud is a cloud access security broker (CASB) that protects data where it lives today, with a solution that was built natively in the cloud, for the cloud. It’s cloud-native data security.

The MVISION Cloud (MVC) workshop requires to complete the (MVC) Workshop (101). Please contact your local Channel Account Manager or Channel Technical Manager to have more information how to do it.

The workshop will provide a Partner organization with their own provisioned (MVC) Tenant. The tenant will be a clean SaaS-delivered product that the Engineer will have to build out for their use. This provides a hands-on approach with best practices of a simplified proof of concept for your customers, as the steps for POC and deployment are the same as you will go through for all of your customer interactions. During the course, engineers will go through a full deployment within their perspective tenant, encompassing Shadow IT, Office 365 and AWS that allows the engineer to build out the tenant.

Products Covered
MVISION Cloud - Shadow IT, O365, AWS

Requirements

  1. Completion of the (MVC) Workshop (101). Ask to your local Channel Technical Manager for more information. On-line workshop available here.
  2. Bring a Windows machine (Virtual) in order to install the Enterprise Connector. Minimum requirements: 4 core, 8GB RAM, 130GB HDD, connection Internet to HTTPS and HTTPS, Administrator rights to install software. More details are available here.
  3. Must be registered for the course at least 1 week before starting to be accepted.
  4. Must be able to complete the full installation and have tenant working by completion of course, and understand the below costs that the Partner organization will have to incur for creating the services that the tenant will work with.

Costs to Partner:
Note: The below costs are rough estimates as of April 2019 and subject to change at anytime as the service providers deem, McAfee has no control of this.

Example option 2: 5 SE's attend would need 1 Domain ($20), 1 AWS account ($20/month), and O365 admin account ($96/year) with 5 additional user accounts ($480/Year) for a total of 6 accounts.
Option 2 Total for 5 SE's Sharing 1 Tenant: $830/Year.

Example option 1: Same 5 SE's each with their own tenants. 5 domains ($20/domain), 5 AWS admin accounts ($20/month/user), and 10 O365 Email accounts.($96/year/user)
Option 1 Total for 5 SE's with their own tenants: $2,260/Year

These options are left to each Partner organization.

If using a shared account, please communicate to trainers (Allan and Federico) the Tenant admin email so the tenant admin can add them to the tenant before class.

Otherwise it is also possible to use a free developer subscription
https://docs.microsoft.com/en-us/office/developer-program/office-365-developer-program
For information about expiring subscriptions, see Subscription expiration and renewal.
For frequently asked questions about the Office 365 Developer Program, see the FAQ.

More details are available here.

Note: Once tenants are created, it is expected that attendees will acquire all necessary services to attend and complete the course. This will enable the attendees to not only attend class, but also participate in labs, and will provide a long-term environment that can be used for future learning and used for relevant sales activities.

Back to top

Cloud Security for IAAS and PAAS

Instructors:
Ehab Abualdyouk, Tamas Barna, David Aloy

Course duration (days):
2

Target Audience:
Beginner / Intermediate / Expert

Course Description:
Cloud Security for IaaS/PaaS will help to prepare students to deploy McAfee technologies into customer environments that use increasing amounts of cloud infrastructure. Attendees will learn how to secure IaaS environments using a mixture of technologies to secure environments such as workloads, network traffic and databases.

This course will include hands-on labs to reinforce learning these essential cloud technologies and gain an understanding of:

  • Cloud security concerns
  • Challenges and issues customers face in migrating to the cloud
  • How McAfee technologies help to provide complete visibility, control and remediation in different cloud environments
Back to top

Cloud Security Architecture

Instructors:
Boubker Elmouttahid, Martin Ohl, Mo Cashman

Course duration (days):
2

Target Audience:
Beginner/Intermediate

Course Description:
The class introduces partner Pre-Sales and service design architects to McAfee’s Cloud Security platform architecture. The goal of the course is to convey key skills to allow the partner architect to discover customer needs, present the cloud platform reference architecture components and demonstrate several platform security use cases. The course teaches some architecture fundamentals including Stakeholder understanding, Environment Discovery, Design and Business Value alignment. Specifically, the student learns:

  • customer pain and capability discovery techniques
  • building customer journeys based on maturity models
  • aligning solution to business and stakeholder value
  • design skills using NIST industry frameworks
  • platform demonstrations of security capability
  • Extending the architecture with SIA partners
Back to top

Ultimate Endpoint Demo and POC

Instructors:
Michiel De Lepper and Jason Brown

Course duration (days):
1.5

Target Audience:
Intermediate / Expert

Course Description:
Learn how to create and deliver the Ultimate McAfee Endpoint Demo and Proof of Concept, using a variety of Endpoint Solutions.

This 1.5 day course provides security specialists with the knowledge and tools to create, deliver and explain Demo and POC use cases for McAfee’s Endpoint Portfolio. This course will be, for the most part, hands on work. You will observe and investigate attacks to understand how they operate, and then go on to enable detection & protection to mitigate these attacks yourself, starting from a pre-defined framework, guided by the instructors.

McAfee Solutions used:

  • McAfee ePO / MVISION ePO
  • MVISION Endpoint
  • Endpoint Security (ENS)

Requirements: Students will need to have a good understanding of how to navigate ePO to manage endpoints, configure and enforce policies, and use reporting capabilities. In addition, students should understand the basic capabilities provided by each of the ENS modules and understand what MVISION Endpoint provides, and how it is used.

Back to top

SIEM Troubleshooting

Instructors:
Christoph Kiechle and Jonas Müller

Course duration (days):
1.5

Target Audience:
Expert

Course Description:
The McAfee SIEM troubleshooting course will be delivered by McAfee's SIEM experts and will take you through the common troubleshooting scenarios and the key differences between ESM version 10 and ESM version 11.

This course will include hand-on labs to reinforce learning these advanced troubleshooting topics and gain an understanding of:

  • Review of McAfee ESM 10.x and 11.x architectures
  • Sizing guidelines using the latest SIEM spec sheet
  • Product roadmap
  • Performance assessment using McAfee ESM tech check
  • Troubleshooting guidelines and labs
  • Correlations and Custom Parsers

This course is meant for Partner SE's who have a good working knowledge of SIEM and want to know more about troubleshooting complex situations and about ESM version 11.x.

A good general knowledge of McAfee's SIEM solution is required to be able to attend this course.

Back to top

MVISION Mobile

Instructors:
Claudio Ferrara, Richard Hibberd

Course duration (days):
1

Target Audience:
Beginner

Course Description:
The McAfee MVISION Mobile training is designed to empower partners by giving them the tools needed to start and drive conversations about why Mobile Threat Defense is needed and how to secure mobile endpoints across all attack vectors. This course will include also hands-on labs, videos and MVISION Mobile starter kits.

Topics include:

  • Foundation: MDM vs MTD and Mobile OS Platforms
  • Positioning: Why MTD?
  • Solution overview: MVISION Mobile Platform
  • Landscape: MTD overview
  • Console Walkthrough
  • Practice 1: ARP MITM, SSL Strip, Fake SSL Certificate
  • Practice 2: MITM, Malicious APP, C&C, Device Exploit
  • Practice 3: Rogue Wifi Access Point
  • Practice 4: Malicious charger, Airplane Mode
  • Practice 5: Show Forensic in MVISION Mobile console & On-Device Threat Logs
Back to top

MVISION EDR

Instructors:
Gareth Rhys and Marcus Viertel

Course duration (days):
1

Target Audience:
Beginner / Intermediate

Course Description:
McAfee’s MVISION Endpoint Detection and Response (EDR) allows customers to gain visibility into emerging threats with continuous monitoring of endpoint activity, detect of suspicious behavior, and understand the context of the gathered data.

MVISION EDR course is fast-paced with hands-on labs utilizing a live environment with Advanced Persistent (APT) simulator.

Topics include:

  • McAfee MVISION EDR - What it is and what security problems it solves
  • MVISION EDR Architecture
  • Onboarding Demo
  • Threat Hunting Demo
  • Hands-on - Live MVISION EDR environment with Advanced Persistent Threats (APT) Simulator
Back to top

Endpoint Security Architecture

Instructors:
Boubker Elmouttahid, Martin Ohl, Mo Cashman

Course duration (days):
1

Target Audience:
Beginner / Intermediate

Course Description:
The class introduces partner Pre-Sales and service design architects to McAfee’s Device Security platform architecture. The goal of the course is to convey key skills to allow the partner architect to discover customer needs, present the endpoint platform reference architecture components and demonstrate several platform security use cases. The course teaches some architecture fundamentals including Stakeholder understanding, Environment Discovery, Design and Business Value alignment. Specifically, the student learns:

  • customer pain and capability discovery techniques
  • building customer journeys based on maturity models
  • aligning solution to business and stakeholder value
  • design skills using NIST industry frameworks
  • platform demonstrations of security capability
  • Extending the architecture with SIA partners
Back to top

SIA Sessions

SIA sessions are hosted by several of McAfee’s top Security Innovation Alliance partners. These sessions will not only demonstrate the capabilities and benefits of each vendors solutions, they will also show their integration with McAfee and how you can bring additional security and features to your customers. True examples of the 'Stronger Together' message.

Titus

TITUS solutions enable organizations to classify, protect, and confidently share information, and meet regulatory compliance requirements by identifying and securing unstructured data. TITUS products enhance data loss prevention by classifying and protecting sensitive information in emails, documents and other file types — on desktops, mobile devices, and in the cloud.

The integration of TITUS Classification solutions with McAfee Data Loss Prevention reduces the risk of data loss by capturing users’ knowledge about the sensitivity and context of the data being transmitted, so organizations don’t have to solely rely on automated content scans.

McAfee Enterprise Security Manager captures and aggregates the activities of both TITUS Classification and McAfee Data Loss Prevention for situational analysis and corresponding actions so-required. McAfee Data Exchange Layer transmits user actions with sensitive information as well as TITUS policy violations to McAfee Enterprise Security Manager in real-time, allowing for analysis and immediate policy modification to prevent insider threats.

With McAfee ePolicy Orchestrator organizations can easily manage deployments of TITUS Classification to the client.

This session will not only demonstrate the capabilities and benefits of Titus, it will also show the integration with McAfee and how this can bring additional security and value to your customers.

Menlo Security

Menlo Security’s cloud-based Isolation Platform eliminates malware from reaching user devices via compromised or malicious websites, emails, or documents. With a completely seamless user experience, Menlo Security ensures that only safe, malware-free visual components are delivered to the user’s web browser on the endpoint for local rendering. The user’s web session and all active content—such as JavaScript and Flash, and whether good or bad—are fully executed and contained in the Isolation Platform. Backed by General Catalyst and Sutter Hill Ventures, Menlo Security is headquartered in Palo Alto, California.

Menlo Security has partnered with McAfee to provide web security that wins against today’s advanced threats. McAfee Web Gateway customers can set up policies to dynamically route web sessions to the Menlo Security Isolation Platform. The enterprise is protected from any potential web threats while the user has a seamless experience with their native browser. The joint solution improves employee productivity by providing safe access to the internet and reduces burden on IT staff who no longer need to maintain restrictive web policies and manage exceptions. The Isolation Platform can also be used to address "air-gap" requirements of certain financial services and government organizations.

This session will not only demonstrate the capabilities and benefits of Menlo Security, it will also show the integration with McAfee and how this can bring additional security and value to your customers.

Swimlane

Swimlane is a security automation and orchestration company with a platform that empowers organizations to manage, respond to, and neutralize cyberthreats with the adaptability, efficiency, and speed necessary to combat today’s rapidly evolving cyberthreats. By automating time-intensive, manual processes and operational workflows and delivering powerful, consolidated analytics, real time dashboards, and reporting from across your security infrastructure, Swimlane maximizes the incident response capabilities of over-burdened and understaffed security operations.

Integration with Swimlane allows McAfee Enterprise Security Manager and McAfee ePolicy Orchestrator customers to automatically initiate and execute incident response workflows in response to any alarm. Importing security event data from McAfee Enterprise Security Manager and McAfee ePolicy Orchestrator into Swimlane delivers consolidated event details from multiple platforms for rapid investigation and alarm triage, helping to ensure a faster incident response and greater return on investment from the entire security infrastructure.

This session will not only demonstrate the capabilities and benefits of Swimlane, it will also show the integration with McAfee and how this can bring additional security and value to your customers.

Back to top