Arbor Networks NSI User and Administrator Course

This course focuses on the use of Arbor Networks NSI within the enterprise network and outlines the information that the system collects, processes and stores. Participants will learn how to collect, display and utilize pertinent information required to meet corporate network security objectives.  Additionally, the course provides participants with the knowledge and skills needed to install, configure, operate and perform ongoing NSI administrative functions.

Target Audience

Network operations personnel, security administrators and staff who are responsible for monitoring and reporting on network anomalies, ensuring network availability and optimizing NSI for peak performance.


2 days

Course Topics

  • NSI Technical Overview
  • NSI Hardware and Software Architecture
  • Web User Interface Overview and Terminology
  • Network and Traffic Visibility
  • Rules Creation and Management
  • Workflows
  • Reports
  • Initial Configuration and System Settings
  • Maintenance and Troubleshooting

Upon completion, participants should be able to:

  • Describe how Network Behavior Analysis (NBA) helps to detect abnormal, and possibly malicious, network behavior and provide an added layer of security and visibility for your internal network.
  • Describe how NSI creates events and manages common threats including scans, floods, phishing, pharming, and spyware.
  • Understand how NSI detects and stops unknown and emerging threats such as zero-day attacks.
  • Know how anomalies are presented in the Web user interface and how to interpret anomaly data.
  • Explain different types of malware (i.e., network worms, phishing and botnets) and why they are so destructive in enterprise networks.
  • Describe workflows involved in detecting and protecting against threats.
  • Use NSI for capacity planning and bandwidth recovery.
  • Utilize NSI for incident investigation and analysis.
  • Recognize appropriate traffic levels when detecting and preventing attacks.
  • Know how NSI can segment and harden critical internal network resources against emerging threats through the use of virtual perimeters.
  • Create user rules to detect misuse and violations of various acceptable use policies.
  • Describe Arbor’s Active Threat Feed (ATF) service and how it provides continuous protection through automatic updates.
  • Generate in-depth, easily readable reports for internal and external auditing purposes.
  • Install and configure various components of NSI.
  • Understand the function of various administration settings (e.g., adding and deleting users, setting up services, managing rules/groups, setting up notification groups, creating system settings and defining configuration backup/restoration).
  • Describe the software architecture of NSI and use various “system attributes” to further customize it for a specific application.