title
Please take a moment to fill out this form. We will get back to you as soon as possible.
All fields marked with an asterisk (*) are mandatory.
Securing Cisco Networks with Open Source Snort (SSFSNORT)
Course Description
Overview
The Securing Cisco Networks with Open Source Snort (SSFSNORT) training shows you how to deploy a network intrusion detection system based on Snort. Through a combination of expert instruction and hands-on practice, you will learn how to install, configure, operate, and manage a Snort system. You will also explore rules writing with an overview of basic options, advanced rules writing, how to configure PulledPork, and how to use OpenAppID to provide protection of your network from malware. You will learn techniques of tuning and performance monitoring, traffic flow through Snort rules, and more.This training also earns you 32 Continuing Education (CE) credits toward recertification.
Objectives
- Learn how to implement Snort, an open-source, rule-based, intrusion detection and prevention system
- Gain leading-edge skills for high-demand responsibilities focused on security
- Earn 32 CE credits towards recertification
- Describe Snort technology and identify the resources available for maintaining a Snort deployment
- Install and configure a Snort deployment
- Configure the command-line options for starting a Snort as a sniffer, a logger, and an intrusion detector, and create a script to start Snort automatically
- Identify and configure available Snort intrusion detection outputs
- Describe rule sources, updates, and utilities for managing rules and updates
- Detail the components of the snort.lua file and determine how to configure it for your deployment
- Configure Snort for inline operation using the inline-only features
- Configure rules for Snort using basic rule syntax
- Describe how traffic flows through Snort and how to optimize rules for better performance
- Configure advanced-rule options for Snort rules
- Configure OpenAppID features and functionality
- Tune Snort for efficient operation and profile system performance
Audience
- Security Administrators
- Security Consultants
- Network Administrators
- System Engineers
- Technical Support Personnel
- Channel Partners and Resellers
Prerequisites
-
There are no prerequisites for this training. However, the knowledge and skills you are recommended to have before attending this training are:
- Technical understanding of transmission control protocol/internet protocol (TCP/IP) networking and network architecture
- Proficiency with Linux and UNIX text editing tools, such as vi editor
- Implementing and Administering Cisco Solutions (CCNA)
Topics
- Snort Technology Introduction
- Snort Installation
- Snort Operation Introduction
- Snort Intrusion Detection Output
- Rule Management
- Snort Configuration
- Inline Configuration and Operation
- Snort Rule Syntax and Usage
- Snort Rule Traffic Processing Flow
- Advanced Rule Options
- OpenAppID Detection Configuration
- Snort Tuning
- Connecting to the Lab Environment
- Snort Installation
- Snort Operation
- Snort Intrusion Detection Output
- PulledPork Installation
- Configuring Variables
- Reviewing Preprocessor Configurations
- Inline Operations
- Basic Rule Syntax and Usage
- Advanced Rule Options
- OpenAppID Configuration
- Tuning Snort
Related Courses
-
Implementing Automation for Cisco Security Solutions (SAUI)
CSC-SAUI- Duration: 3 Days
- Delivery Format: Classroom Training, Online Training
- Price: 2,895.00 USD
-
Implementing and Operating Cisco Security Core Technologies (SCOR)
CSC-SCOR- Duration: 5 Days
- Delivery Format: Classroom Training, Online Training
- Price: 4,295.00 USD
Self-Paced Training Info
Learn at your own pace with anytime, anywhere training
- Same in-demand topics as instructor-led public and private classes.
- Standalone learning or supplemental reinforcement.
- e-Learning content varies by course and technology.
- View the Self-Paced version of this outline and what is included in the SPVC course.
- Learn more about e-Learning
Course Added To Shopping Cart
bla
bla
bla
bla
bla
bla
Self-Paced Training Terms & Conditions
ONCE YOU ARE ENROLLED IN THIS COURSE YOU WILL NOT BE ABLE TO CANCEL YOUR ENROLLMENT. You are billed for the course when you submit the enrollment form. Self-Paced Virtual Classes are non-refundable. Once you purchase a Self-Paced Virtual Class, you will be charged the full price.
This is a Cisco Self-Paced virtual class; it is intended for students who do not need the support of a classroom instructor. If you feel you would better benefit from having access to a Subject Matter Expert, please check to see if an Instructor-Led version is available.
- Students will receive an access code within 1-3 business days.
- If purchasing a self-paced course for multiple students, the purchaser will receive the access codes and must distribute them individually to the students.
- Students have access to the course 24/7 and will need to read and follow all instructions carefully to complete the course successfully within their allotted time.
Q: How long do I have access to the course and the Labs within the course?
A: Labs are available for the length of your course subscription.
Q: Can I reset the course and start over?
A: No.
Q: Is there a time limit for the Trial (Demo)?
A: There is no expiration on registration to the trial versions. Access is capped not in time, but by the fact that only a select number of sections are unlocked within the content.'
Exam Terms & Conditions
Sorry, there are no classes that meet your criteria.
Please contact us to schedule a class.
STOP! Before You Leave
Save 0% on this course!
Take advantage of our online-only offer & save 0% on any course !
Promo Code skip0 will be applied to your registration
Purchase Information
title
Please take a moment to fill out this form. We will get back to you as soon as possible.
All fields marked with an asterisk (*) are mandatory.