SSFIPS – Securing Cisco Networks with Sourcefire FireSIGHT Intrusion Prevention System v2.0

SSFIPS - Securing Cisco Networks with Sourcefire FireSIGHT Intrusion Prevention System v2.0

COURSE OUTLINE:

Description

This lab-intensive course introduces you to the powerful features of the Cisco Sourcefire System, including FireSIGHT technology, in-depth event analysis, IPS tuning and configuration, and the Snort rules language.

You will learn how to use and configure next-generation Cisco IPS technology, including application control, firewall, and routing and switching capabilities. You will also learn to properly tune systems for better performance and greater network intelligence while taking full advantage of powerful tools for more efficient event analysis, including file type and network-based malware detection.

Audience

Security administrators
Security consultants
Network administrators
System engineers
Technical support personnel
Channel partners and resellers

Prerequisites

Technical understanding of TCP/IP networking and network architecture
Basic familiarity with the concepts of intrusion detection systems (IDS) and IPS

Learning Objectives

FireSIGHT system training infrastructure
Navigate the user interface and administrative features of the FireSIGHT system, including reporting functionality to properly assess threats
How to deploy and manage Cisco FireSIGHT devices
Various detection technologies used in the FireSIGHT system
Create and implement objects for use in Access Control policies
Advanced policy configuration and FireSIGHT system configuration options
Analyze events
Write and configure basic Snort rules

1. FireSIGHT System Overview and Classroom Setup

2. Hardware Overview and Architecture

3. Device Management

4. User Account Management

5. Object Management

6. Access Control Policy

7. FireSIGHT Technology

8. Network-Based Malware Detection

9. Managing SSL Traffic

10. IPS Policy Basics

11. Network Analysis Policy

12. Event Analysis

13. Reporting

14. Correlation Policy

15. Basic Rule Syntax and Usage

RELATED COURSES

Technical Training
Cisco

NPDEV ï¿½ Developing with Cisco Network Programmability v4.0

This course is for software developers looking to automate network infrastructure and utilize APIs and toolkits to interface with SDN controllers and individual devices. You will learn about topics covered by the 300-560 NPDEV exam, leading to the Cisco Network Programmability Developer Specialist Certification.

Technical Training
Cisco

UC-UCS – Installing Cisco UC on UCS in a Virtualized Environment v4.5

In this course, you will cover both the Unified Computing (UCS) System B-series servers and the stand alone C-series servers. You will examine the system preparation (B-series and C-series), ESXi deployment, Unified Communications (UC) applications in ESXi, and the Nexus 1000v virtual Ethernet switch. You will cover the changing Data Center server environment, where the Cisco UCS system fits into the environment, and LAN and SAN considerations. UCS products will be discussed, with emphasis on the advantages the UCS Manager brings to server provisioning, as well as server provisioning through the use of easy-to-configure Service Profiles.

ESXi will be covered along with the features that are supported in current UC applications. You will examine the concepts and methods of virtual Ethernet traffic, VMware vCenter, VMware networking, iSCSI SAN access, and vMotion.

You’ll explore the UC on UCS specific considerations, including design requirements, VMware OVF templates, caveats, and recommendations. Unified Communications installation within ESXi and migration from MCS 7800 series servers to Virtual Machines will be covered and you will troubleshoot UC applications in a virtual environment.

Technical Training
Cisco

Implementing Cisco NAC Appliance

This 3-day course includes Network Access Devices (NADs) Switch (layer 2): NAC Phase 2 Network devices that enforce admission control policy on switches. This device demands host security “credentials” and relay this information to policy servers, where network admission control decisions are made. Based on customer-defined policy, the network will enforce the appropriate admission control decision permit, deny, quarantine, or restrict.

Technical Training
Cisco

MENPI- Managing Enterprise Networks with Cisco Prime Infrastructure v3.0

In this course, you will learn how to design, deploy, operate, and optimize enterprise networks with the Cisco Prime Infrastructure solution (PI). Cisco Prime Infrastructure is part of a Unified Access solution that converges traditional wired and wireless networks into a single network management tool. The labs, which have been recently updated, put you in a realistic customer scenario and let you practice what you learned using Cisco Prime Infrastructure 3.0. This course network management perspective has a heavier lean to the wired side of the network management.

Note: For the classroom version of this course, laptops are provided for your participation in the hands-on labs. If you desire to use your own laptop, please bring a laptop computer with an Ethernet port as well as an internal wireless NIC, 802.11a/b/g/n. Access to the remote labs requires a browser that supports Java(R) and permissions to open RDP or encrypted (RDP443) RDP sessions. If your browser does not support Java, you will need administrator rights to the laptop to install software.