SSFRULES – Securing Cisco Networks with Snortï¿½ Rule Writing Best Practices

SSFRULES - Securing Cisco Networks with Snort Rule Writing Best Practices

COURSE OUTLINE:

Description

In this course, you will learn about the key features and characteristics of a typical Snort rule development environment. You will develop and test custom rules in a preinstalled Snort environment and identify how to use advanced rule-writing techniques. You will investigate how to include OpenAppID in your rules and also identify how to filter rules and monitor their performance.ï¿½

This course combines lecture materials and hands-on labs that give you practice in creating Snort rules.ï¿½

This lab-intensive course introduces you to Snort rule writing. Among other powerful features, you become familiar with:ï¿½

Snort rule development
Snort rule language
Standard and advanced rule options
OpenAppID
Tuning

Audience

Security administrators
Security consultants
Network administrators
System engineers
Technical support personnel
Channel partners and resellers

Prerequisites

Basic understanding of:

Networking and network protocols
Linux command-line utilities
Text-editing utilities commonly found in Linux
Network security concepts
Snort-based IDS/IPS system

Learning Objectives

Snort rule development process
Snort basic rule syntax and usage
How traffic is processed by Snort
Several advanced rule options used by Snort
OpenAppID features and functionality
How to monitor the performance of Snort and how to tune rules

Introduction to Snort Rule Development
Snort Rule Syntax and Usage
Traffic Flow Through Snort Rules
Advanced Rule Options
OpenAppID Detection
Tuning Snort

RELATED COURSES

Technical Training
Cisco

IP6FD – IPv6 Fundamentals, Design, and Deployment v3.0

In this course, you will gain the knowledge and skills needed to configure Cisco IOS software IPv6 features. You will get an overview of IPv6 technologies, design, and implementation. You will also learn about IPv6 operations, addressing, routing, services, and transition. By reviewing case studies, you’ll learn to deploy IPv6 in enterprise and service provider networks.

Technical Training
Cisco

BGP – Configuring BGP on Cisco Routers v4.0

In this comprehensive course, you will gain in-depth knowledge of BGP, the routing protocol that is one of the underlying foundations of the Internet. You will explore the theory of BGP, configuration of BGP on Cisco IOS routers, and detailed troubleshooting information.

Our labs provide you with the skills needed to configure and troubleshoot BGP networks in both enterprise and service provider environments. You’ll also learn BGP network design issues and usage rules for various features as well as how to design and implement efficient, optimal, and trouble-free BGP networks.

Technical Training
Cisco

SENSS – Implementing Cisco Edge Network Security Solutions

This course is part of the curriculum path leading to the Cisco Certified Network Professional Security (CCNP Security) certification. Additionally, it is designed to prepare security engineers with the knowledge and hands-on experience to prepare them to configure Cisco perimeter edge security solutions utilizing Cisco switches, Cisco routers, and Cisco Adaptive Security Appliance (ASA) firewalls. You will acquire the foundational knowledge and capabilities to implement and manage security on Cisco ASA firewalls, Cisco routers with the firewall feature set, and Cisco switches. You will gain hands-on experience with configuring various perimeter security solutions for mitigating outside threats and securing network zones. At the end of the course, you will be able to reduce the risk to your IT infrastructures and applications using Cisco switches, Cisco ASA, and router security appliance feature, as well as provide detailed operations support for these products.

Technical Training
Cisco

Cisco ASA with FirePOWER Services Workshop v2.1

This course provides advanced training on the key Cisco ASA 9.x features including the following:

Install and set up the Cisco SFR (FirePOWER Services) Module