SSFRULES – Securing Cisco Networks with Snortï¿½ Rule Writing Best Practices

SSFRULES - Securing Cisco Networks with Snort Rule Writing Best Practices

COURSE OUTLINE:

Description

In this course, you will learn about the key features and characteristics of a typical Snort rule development environment. You will develop and test custom rules in a preinstalled Snort environment and identify how to use advanced rule-writing techniques. You will investigate how to include OpenAppID in your rules and also identify how to filter rules and monitor their performance.ï¿½

This course combines lecture materials and hands-on labs that give you practice in creating Snort rules.ï¿½

This lab-intensive course introduces you to Snort rule writing. Among other powerful features, you become familiar with:ï¿½

Snort rule development
Snort rule language
Standard and advanced rule options
OpenAppID
Tuning

Audience

Security administrators
Security consultants
Network administrators
System engineers
Technical support personnel
Channel partners and resellers

Prerequisites

Basic understanding of:

Networking and network protocols
Linux command-line utilities
Text-editing utilities commonly found in Linux
Network security concepts
Snort-based IDS/IPS system

Learning Objectives

Snort rule development process
Snort basic rule syntax and usage
How traffic is processed by Snort
Several advanced rule options used by Snort
OpenAppID features and functionality
How to monitor the performance of Snort and how to tune rules

Introduction to Snort Rule Development
Snort Rule Syntax and Usage
Traffic Flow Through Snort Rules
Advanced Rule Options
OpenAppID Detection
Tuning Snort

RELATED COURSES

Technical Training
Cisco

UCCXD – Deploying Cisco Unified Contact Center Express v6.0

In this course, you’ll gain an understanding of Ciscoï¿½s Unified Contact Center Express (Unified CCX) product and all of its associated client applications and scripting tools. You will learn about all of the Unified CCX components, servers, deployment options, and clients. You will learn how to perform capacity planning, choose the correct product features, and install the product.

Our instructors place major emphasis on the Unified CCX script editing tool, Unified CCX Editor, which allows administrators to script the contact centerï¿½s caller experience through the system, including queries, recordings, menu input, digit string input, and database operations. You will cover the Cisco Finesse Agent and Supervisor Desktops as well as the Finesse Desktop Administration tool to optimize the call agentï¿½s desktop display and options, supervisor optimization of the call center, and reporting options and customizations. You will explore Automatic Speech Recognition (ASR) and Text-to-Speech (TTS) technologies, Social Miner, and Outbound Dialing technologies and youï¿½ll examine options for troubleshooting, reporting, and maintaining the system.

Our voice network labs use the latest hardware and software and all of our IP telephony courses provide a simulated public switched telephone network (PSTN).

ï¿½

Technical Training
Cisco

SISE – Implementing and Configuring Cisco Identity Services Engine v2.1

In this course, you will learn about the Cisco Identity Services Engine (ISE)ï¿½a next-generation identity and access control policy platform that provides a single policy plane across the entire organization combining multiple services, including authentication, authorization, and accounting (AAA) using 802.1x, MAB, web authentication, posture, profiling, device on-boarding, guest services, and VPN access into a single context-aware identity-based platform. The training provides learners with the knowledge and skills to enforce security compliance for wired and wireless endpoints and enhance infrastructure security using the Cisco ISE.

This course is an intensive hands-on experience. With enhanced hands-on labs, you will cover all facets of Cisco ISE version 2.1. You will learn how to configure fundamental elements of ISE and how to secure identity-based networks using 802.1X for both wired and wireless clients, using Windows 8 and Apple iPad endpoints. You will integrate the Cisco Virtual Wireless LAN Controller (vWLC) with advanced ISE features. You will also learn to use the following advanced features of Cisco ISE: Active Directory Integration, Policy Sets, EasyConnect, EAP-FAST with EAP Chaining, BYOD, AnyConnect 4.x Posture Module for LAN and VPN compliance, Threat Centric NAC using AMP, PxGrid, TACACS+ Device Management, and TrustSec Security Group Access.

Technical Training
Cisco

WIFUND – Implementing Cisco Wireless Network Fundamentals v1.0

This course helps prepare you for the associate-level CCNA Wireless certification, a prerequisite to CCNP Wireless certification.

You will learn how to design, install, configure, monitor, and conduct basic troubleshooting tasks of a Cisco Wireless LAN (WLAN) in SMB and enterprise installations.

Note: Please bring a laptop computer with an Ethernet port as well as an internal wireless NIC, 802.11a/b/g/n. Access to the remote labs requires a browser that supports Java and permissions to open RDP or encrypted RDP (RDP443) sessions. If your browser does not support Java, you will need administrator rights to the laptop to install software.

Technical Training
Cisco

Cisco Application Control Engine Appliance

ACEAP is a 4-day, instructor-led, lecture / lab course that teaches you how to design, deploy, and optimize intelligent network services using the Cisco Application Control Engine (ACE) Appliance. This course covers all of the key features of the ACE 2.0 software, including resource virtualization and management, server load balancing (Layer 2-4 and Layer 7), SSL termination and offload, and security features like application-layer inspection and fixups.