Product Image

Securing Cisco Networks with Open Source Snort® (SSFSNORT)

In this four-day course, Securing Cisco Networks with Open Source Snort®, students will learn how to build and manage a Snort® system using open source tools, plug-ins, as well as the Snort® rule language to help manage, tune, and deliver feedback on suspicious network activity.

Virtual

Learning Style

Cisco

Provider

Intermediate

Difficulty

4 Days

Course Duration

40 Units

CLC

Course Info

Download PDF

Certificate

See Sample

Timezone
tab
About Individual Course:
  • Individual course plan gives you access to this course
New
$4,000.00
/ Seat

You have already taken demo for this course.

If you want to get access to demo again, feel free to contact our support at (855) 800-8240
In this four-day course, Securing Cisco Networks with Open Source Snort®, students will learn how to build and manage a Snort® system using open source tools, plug-ins, as well as the Snort® rule language to help manage, tune, and deliver feedback on suspicious network activity.

Course Information

About this course:

In this four-day course, Securing Cisco Networks with Open Source Snort®, students will learn how to build and manage a Snort® system using open source tools, plug-ins, as well as the Snort® rule language to help manage, tune, and deliver feedback on suspicious network activity.

This lab-intensive course introduces you to the open source Snort® technology, as well as rule writing. Among other powerful features, you become familiar with:

  • How to build and manage a Snort® system
  • How to update rules
  • Snort® rules language
  • The capabilities of Snort® when deployed passively and inline

The course begins by introducing the Snort® technology and progresses through the installation and operation of Snort®. You will discover the various output types that Snort® provides and learn about automated rule management including how to deploy and configure Pulled Pork, inline operations, and how to create custom Snort® rules, including advanced rule-writing techniques and OpenAppID.

This course combines lecture materials and hands-on labs that give you practice in deploying and managing Snort®.

Course Objective:

Upon completing this course, the learner will be able to meet these overall objectives:   

  • Snort technology and identify the resources that are available for maintaining a Snort deployment
  • Install Snort on a Linux-based operating system
  • Snort operation modes and their command-line options
  • Snort intrusion detection output options
  • Download and deploy a new rule set to Snort
  • Configure the snort.conf file
  • Configure Snort for inline operation and configure the inline-only features
  • Snort basic rule syntax and usage
  • How traffic is processed by the Snort engine
  • Several advanced rule options used by Snort
  • OpenAppID features and functionality
  • How to monitor of Snort performance and how to tune rules

Audience:

The primary audience for this course is as follows:

  • Security administrators
  • Security consultants
  • Network administrators
  • System engineers
  • Technical support personnel using open source IDS and IPS
  • Channel partners and resellers

Prerequisite:

The knowledge and skills that the learner should have before attending this course are as follows:

  • Networking and network protocols
  • Linux command line utilities
  • Text-editing utilities commonly found in Linux
  • Network security concepts

Outline

More Information

More Information
Brand Cisco
Subjects Information Security
Lab Access No
Technology Cisco
Learning Style Virtual Classroom
Learning Type Course
Difficulty Intermediate
Course Duration 4 Days
Language English
CLC 40 Units

Reviews

Write Your Own Review
Only registered users can write reviews. Please Sign in or create an account

click here