SSFIPS – Securing Cisco Networks with Sourcefire FireSIGHT Intrusion Prevention System v2.0

SSFIPS - Securing Cisco Networks with Sourcefire FireSIGHT Intrusion Prevention System v2.0

COURSE OUTLINE:

Description

This lab-intensive course introduces you to the powerful features of the Cisco Sourcefire System, including FireSIGHT technology, in-depth event analysis, IPS tuning and configuration, and the Snort rules language.

You will learn how to use and configure next-generation Cisco IPS technology, including application control, firewall, and routing and switching capabilities. You will also learn to properly tune systems for better performance and greater network intelligence while taking full advantage of powerful tools for more efficient event analysis, including file type and network-based malware detection.

Audience

Security administrators
Security consultants
Network administrators
System engineers
Technical support personnel
Channel partners and resellers

Prerequisites

Technical understanding of TCP/IP networking and network architecture
Basic familiarity with the concepts of intrusion detection systems (IDS) and IPS

Learning Objectives

FireSIGHT system training infrastructure
Navigate the user interface and administrative features of the FireSIGHT system, including reporting functionality to properly assess threats
How to deploy and manage Cisco FireSIGHT devices
Various detection technologies used in the FireSIGHT system
Create and implement objects for use in Access Control policies
Advanced policy configuration and FireSIGHT system configuration options
Analyze events
Write and configure basic Snort rules

1. FireSIGHT System Overview and Classroom Setup

2. Hardware Overview and Architecture

3. Device Management

4. User Account Management

5. Object Management

6. Access Control Policy

7. FireSIGHT Technology

8. Network-Based Malware Detection

9. Managing SSL Traffic

10. IPS Policy Basics

11. Network Analysis Policy

12. Event Analysis

13. Reporting

14. Correlation Policy

15. Basic Rule Syntax and Usage

RELATED COURSES

Technical Training
Cisco

SITCS – Implementing Cisco Threat Control Solutions

This course is part of the curriculum path leading to the Cisco Certified Network Professional Security (CCNP Security) certification. Additionally, it is designed to prepare security engineers with the knowledge and hands-on experience so that they can deploy Cisco’s Next Generation Firewall (NGFW) as well as web security, email security and cloud web security. You will acquire the foundational knowledge and capabilities to implement and manage security on Cisco ASA firewalls utilizing Cisco Next Generation product solution, which integrates Cisco Prime Security Manager for managing identity policies. You will gain hands-on experience with configuring various advance Cisco security solutions for mitigating outside threats and securing traffic traversing the firewall. At the end of the course, you will be able to reduce the risk to your IT infrastructures and applications using Cisco’s Next Generation Firewall security appliance feature and provide operational support for intrusion prevention systems, email security, and web-based security appliances.

Technical Training
Cisco

802.1X – Introduction to 802.1X Operations for Cisco Security Professionals

In this course, you will discover the capabilities and functions of the IEEE 802.1X protocol and learn to configure the Cisco Identity Services Engine (ISE) for 802.1X operation. You will be introduced to the architecture, components, and features of an identity-based network designed around the IEEE 802.1X and RADIUS protocols. You will receive hands-on training configuring a network for 802.1X-based network services using the Cisco ISE, Cisco Catalyst switches, and Cisco wireless products.

Technical Training
Cisco

Implementing Cisco Storage Networking Solutions

ICSNS enables the student to describe and configure the hardware and software components of the Cisco MDS 9000 product family, focusing on key technologies and features that apply to departmental, mid-range, and enterprise SANs. The ICSNS course combines MDSCT and CMSE into a single course, updated for SAN-O 2.1, 3.0, and with basic networking content added.

Technical Training
Cisco

Cisco Unified Intelligence Center for Advanced Users v1.1

The Cisco Unified Intelligence Center for Advanced Users v1.1 (CUICAU v1.1) course is a four-day instructor-led training (ILT) course. Cisco Unified Intelligence Center 8.0.4 is a comprehensive, end-to-end reporting solution, designed to simplify the task of creating and modifying reports. It also can manage disparate data sources and, at the same time, to present a consistent user interface and a common tool to access varied data across multiple Cisco product families.

NOTE: If you are intending to take CUICAU, you do not need to take CUICEU, as CUICAU includes the content from CUICEU