Securing Cisco Networks with Open Source Snort Training (SSFSNORT)

Print Friendly, PDF & Email
Introduction

Securing Cisco Networks with Open Source Snort Training (SSFSNORT) Course with Hands-on Labs

Learn how to build and manage a Snort® system using open source tools, plug-ins, as well as the Snort rule language to help manage, tune, and deliver feedback on suspicious network activity.

Securing Cisco Networks with Open Source Snort Training (SSFSNORT) is an instructor-led course offered by ENO. It is a lab-intensive course that introduces students to the open source Snort technology as well as rule writing. With Securing Cisco Networks with Open Source Snort Training (SSFSNORT), you will also learn how to build and manage a Snort system using open source tools, plug-ins, and the Snort rule language to help manage, tune, and deliver feedback on suspicious network activity.

This Securing Cisco Networks with Open Source Snort Training (SSFSNORT) course combines lecture materials and hands-on labs throughout to make sure that you are able to construct a solid, secure Snort installation and write Snort rules using proper syntax and structure.

Duration: 4 days

Securing Cisco Networks with Open Source Snort Training (SSFSNORT) Related Courses

Customize It

• We can adapt this Securing Cisco Networks with Open Source Snort Training (SSFSNORT) course to your group’s background and work requirements at little to no added cost.
• If you are familiar with some aspects of this Securing Cisco Networks with Open Source Snort Training (SSFSNORT) course, we can omit or shorten their discussion.
• We can adjust the emphasis placed on the various topics or build the Securing Cisco Networks with Open Source Snort Training (SSFSNORT) course around the mix of technologies of interest to you (including technologies other than those included in this outline).
• If your background is nontechnical, we can exclude the more technical topics, include the topics that may be of special interest to you (e.g., as a manager or policy-maker), and present the Securing Cisco Networks with Open Source Snort Training (SSFSNORT) course in manner understandable to lay audiences.

Audience / Target Group

This course is designed for technical professionals who need to know how to deploy open source intrusion detection systems (IDS) and intrusion prevention systems (IPS), as well as write Snort rules. The primary audience for this course includes:

• Security administrators
• Security consultants
• Network administrators
• System engineers
• Technical support personnel using open source IDS and IPS
• Channel partners and resellers

Objectives:

• Basic understanding of:
• Networking and network protocols
• Linux command line utilities
• Text-editing utilities commonly found in Linux
• Network security concepts

Objectives:

After completing this Securing Cisco Networks with Open Source Snort Training (SSFSNORT) course, attendees will be able to:

• Snort technology and identify the resources that are available for maintaining a Snort deployment
• Install Snort on a Linux-based operating system
• Snort operation modes and their command-line options
• Snort intrusion detection output options
• Download and deploy a new rule set to Snort
• Configure the snort.conf file
• Configure Snort for inline operation and configure the inline-only features
• Snort basic rule syntax and usage
• How traffic is processed by the Snort engine
• Several advanced rule options used by Snort
• OpenAppID features and functionality
• How to monitor of Snort performance and how to tune rules

Course Content:

• Module 1: Intrusion Sensing technology, Challenges, and Sensor Deployment
• Module 2: Introduction to Snort Technology
• Module 3: Snort Installation
• Module 4: Configuring Snort for Database Output and Graphical Analysis
• Module 5: Operating Snort
• Module 6: Snort Configuration
• Module 7: Configuring Snort Preprossors
• Module 8: Keeping Rules Up to Date
• Module 9: Building a Distributed Snort Installation
• Module 10: Basic Rule Syntax and Usage
• Module 11: Building a Snort IPS Installation
• Module 12: Rule Optimization
• Module 13: Using PCRE in Rules
• Module 14: Basic Snort Tuning
• Module 15: Using Byte_Jump/Test/Extract Rule Options
• Module 16: Protocol Modeling Concepts and Using Flowbits in Rule Writing
• Module 17: Case Studies in Rule Writing and Packet Analysis

Request More Information

Time Frame: 0-3 Months4-12 Months

No Comments Yet.

Leave a comment

0