SSFIPS - Securing Cisco Networks with Sourcefire FireSIGHT Intrusion Prevention System v2.0
COURSE OUTLINE:
This lab-intensive course introduces you to the powerful features of the Cisco Sourcefire System, including FireSIGHT technology, in-depth event analysis, IPS tuning and configuration, and the Snort rules language.
You will learn how to use and configure next-generation Cisco IPS technology, including application control, firewall, and routing and switching capabilities. You will also learn to properly tune systems for better performance and greater network intelligence while taking full advantage of powerful tools for more efficient event analysis, including file type and network-based malware detection.
Audience
- Security administrators
- Security consultants
- Network administrators
- System engineers
- Technical support personnel
- Channel partners and resellers
Prerequisites
- Technical understanding of TCP/IP networking and network architecture
- Basic familiarity with the concepts of intrusion detection systems (IDS) and IPS
Learning Objectives
- FireSIGHT system training infrastructure
- Navigate the user interface and administrative features of the FireSIGHT system, including reporting functionality to properly assess threats
- How to deploy and manage Cisco FireSIGHT devices
- Various detection technologies used in the FireSIGHT system
- Create and implement objects for use in Access Control policies
- Advanced policy configuration and FireSIGHT system configuration options
- Analyze events
- Write and configure basic Snort rules