Securing Cisco Networks with Open Source SNORT

Session Detail:    Virtual 5 Day

Securing Cisco® Networks with Open Source Snort™ is an instructor-led course offered by Learning Services High-Touch Delivery. It is a lab-intensive course that introduces students to the open source Snort technology as well as rule writing. You will learn how to build and manage a Snort system using open source tools, plug-ins, and the Snort rule language to help manage, tune, and deliver feedback on suspicious network activity. This course combines lecture materials and hands-on labs throughout to make sure that you are able to construct a solid, secure Snort installation and write Snort rules using proper syntax and structure.

About this Course

Securing Cisco® Networks with Open Source Snort™ is an instructor-led course offered by Learning Services High-Touch Delivery. It is a lab-intensive course that introduces students to the open source Snort technology as well as rule writing. You will learn how to build and manage a Snort system using open source tools, plug-ins, and the Snort rule language to help manage, tune, and deliver feedback on suspicious network activity.

This course combines lecture materials and hands-on labs throughout to make sure that you are able to construct a solid, secure Snort installation and write Snort rules using proper syntax and structure.

Audience Profile

Primary audience for this course are:

  • Security Administrators
  • Security Consultants
  • Network Administrators
  • System Engineers
  • Technical Support Personnel using Open Source IDS and IPS
  • Resellers

At Course Completion

Upon course completion, students should be able to:

  • Understand what Snort is and its basic architectural components
  • Understand Snort’s dynamic plug-in capapbilities
  • Understand the different modes of Snort operation
  • Perform installation and configuration of the Snort system
  • Install and configure Snorby
  • Configure and tune the Snort pre-processors
  • Understand rule maintenance and techniques to keep rules current
  • Create Snort rules using both simple and advanced rule-writing techniques
  • Monitor performance of a Snort deployment

Prerequisites

Before attending this course, students should have the following:

  • Technical understanding of TCP/IP networking and network architecture
  • Proficiency with Linux and UNIX text editing tools (vi editor is suggested but not required)

Session Outline

Class Outline

Module 1: Intrusion Sensing technology, Challenges, and Sensor Deployment

Module 2: Introduction to Snort Technology

Module 3: Snort Installation

Module 4: Configuring Snort for Database Output and Graphical Analysis

Module 5: Operating Snort

Module 6: Snort Configuration

Module 7: Configuring Snort Preprocessors

Module 8: Keeping Rules Up-to-date

Module 9: Building a Distributed Snort Installation

Module 10: Basic Rule Syntax and Usage

Module 11: Building a Snort IPS Installation

Module 12: Rule Optimization

Module 13: Using Perl Compatible Regular Expressions (PCRE) in Rules

Module 14: Basic Snort Tuning

Module 15: Using Byte_Jump, Byte_Test and Byte_Extract Rule Options

Module 16: Protocol Modeling Concepts and Using Flowbits in Rule Writing

Module 17: Case Studies in Rule Writing and Packet Analysis

Need to train your team?

All of our sessions can be customized to meet your team’s specific need. Build the perfect program by picking and choosing topics from any of the courses in our catalog. A personalized private session gives you the ultimate flexibility and helps maximize your team’s valuable time!

Requesting Team Training
DateTimeTypePriceAdd To Cart

Securing Cisco Networks with Open Source SNORT

5 Day
Virtual

$4,995.00

Chat with a Coach

Chat with a Coach

Have a more immediate need? Why spend the next hour searching online for answers when you can spend just 15 minutes with one of our experts and get accurate and personalized answers to all of your questions. 

$9.99 | 15 Minutes

Book Now