Securing Cisco Networks with Open Source Snort® (SSFSNORT)

In this four-day course, Securing Cisco Networks with Open Source Snort®, students will learn how to build and manage a Snort® system using open source tools, plug-ins, as well as the Snort® rule language to help manage, tune, and deliver feedback on suspicious network activity.
$4,000.00
In this four-day course, Securing Cisco Networks with Open Source Snort®, students will learn how to build and manage a Snort® system using open source tools, plug-ins, as well as the Snort® rule language to help manage, tune, and deliver feedback on suspicious network activity.

More Information:

  • Modality: Virtual
  • Provider: Cisco
  • Difficulty: Intermediate
  • Duration: 4 Days
  • CLC: 40 Units
  • Course Info: Download PDF
  • Certificate: See Sample

Course Information

About this course:

In this four-day course, Securing Cisco Networks with Open Source Snort®, students will learn how to build and manage a Snort® system using open source tools, plug-ins, as well as the Snort® rule language to help manage, tune, and deliver feedback on suspicious network activity.

This lab-intensive course introduces you to the open source Snort® technology, as well as rule writing. Among other powerful features, you become familiar with:

  • How to build and manage a Snort® system
  • How to update rules
  • Snort® rules language
  • The capabilities of Snort® when deployed passively and inline

The course begins by introducing the Snort® technology and progresses through the installation and operation of Snort®. You will discover the various output types that Snort® provides and learn about automated rule management including how to deploy and configure Pulled Pork, inline operations, and how to create custom Snort® rules, including advanced rule-writing techniques and OpenAppID.

This course combines lecture materials and hands-on labs that give you practice in deploying and managing Snort®.

Course Objective:

Upon completing this course, the learner will be able to meet these overall objectives:   

  • Snort technology and identify the resources that are available for maintaining a Snort deployment
  • Install Snort on a Linux-based operating system
  • Snort operation modes and their command-line options
  • Snort intrusion detection output options
  • Download and deploy a new rule set to Snort
  • Configure the snort.conf file
  • Configure Snort for inline operation and configure the inline-only features
  • Snort basic rule syntax and usage
  • How traffic is processed by the Snort engine
  • Several advanced rule options used by Snort
  • OpenAppID features and functionality
  • How to monitor of Snort performance and how to tune rules

Audience:

The primary audience for this course is as follows:

  • Security administrators
  • Security consultants
  • Network administrators
  • System engineers
  • Technical support personnel using open source IDS and IPS
  • Channel partners and resellers

Prerequisite:

The knowledge and skills that the learner should have before attending this course are as follows:

  • Networking and network protocols
  • Linux command line utilities
  • Text-editing utilities commonly found in Linux
  • Network security concepts

Career & Salary Insight

Outline

Hit button to validate captcha