top of page
SSFSNORT | Securing Cisco Networks with Open Source Snort

SSFSNORT | Securing Cisco Networks with Open Source Snort

 

The Securing Cisco Networks with Open Source Snort (SSFSNORT) course shows you how to deploy Snort® in small to enterprise-scale implementations. You will learn how to install, configure, and operate Snort in Intrusion Detection System (IDS) and Intrusion Prevention System (IPS) modes. You’ll practice installing and configuring Snort, utilize additional software tools and define rules to configure and improve the Snort environment, and more.

 

Objectives

After taking this course, you should be able to:

  • Define the use and placement IDS/IPS components.
  • Identify Snort features and requirements.
  • Compile and install Snort.
  • Define and use different modes of Snort.
  • Install and utilize Snort supporting software.

 

How you'll benefit

This course will help you:

  • Learning how to implement Snort, an open-source, rule-based, intrusion detection and prevention system
  • Gain leading-edge skills for high-demand responsibilities focused on security

 

Who should enroll

  • Security administrators
  • Security consultants
  • Network administrators
  • System engineers
  • Technical support personnel
  • Channel partners and resellers

 

Technology areas

  • Security
  • Cyber Operations

 

Prerequisites

To fully benefit from this course, you should have the following knowledge and skills:

  • Technical understanding of TCP/IP networking and network architecture
  • Basic familiarity with firewall and IPS concepts

This is the recommended Cisco course that may help you meet these prerequisites:

  • Implementing and Administering Cisco Solutions (CCNA)

 

Course Outline

  • Detecting Intrusions with Snort 3.0
    • History of Snort
    • IDS
    • IPS
    • IDS vs. IPS
    • Examining Attack Vectors
    • Application vs. Service Recognition
  • Sniffing the Network
    • Protocol Analyzers
    • Configuring Global Preferences
    • Capture and Display Filters
    • Capturing Packets
    • Decrypting Secure Sockets Layer (SSL) Encrypted Packets
  • Architecting Nextgen Detection
    • Snort 3.0 Design
    • Modular Design Support
    • Plug Holes with Plugins
    • Process Packets
    • Detect Interesting Traffic with Rules
    • Output Data
  • Choosing a Snort Platform
    • Provisioning and Placing Snort
    • Installing Snort on Linux
  • Operating Snort 3.0
    • Topic 1: Start Snort
    • Monitor the System for Intrusion Attempts
    • Define Traffic to Monitor
    • Log Intrusion Attempts
    • Actions to Take When Snort Detects an Intrusion Attempt
    • License Snort and Subscriptions
  • Examining Snort 3.0 Configuration
    • Introducing Key Features
    • Configure Sensors
    • Lua Configuration Wizard
  • Managing Snort
    • Pulled Pork
    • Barnyard2
    • Elasticsearch, Logstash, and Kibana (ELK)
  • Analyzing Rule Syntax and Usage
    • Anatomy of Snort Rules
    • Understand Rule Headers
    • Apply Rule Options
    • Shared Object Rules
    • Optimize Rules
    • Analyze Statistics
  • Use Distributed Snort 3.0
    • Design a Distributed Snort System
    • Sensor Placement
    • Sensor Hardware Requirements
    • Necessary Software
    • Snort Configuration
    • Monitor with Snort
  • Examining Lua
    • Introduction to Lua
    • Get Started with Lua

Lab outline

  • Capture and Analyze Packets
  • Initiate the Snort Installation
  • Complete an Installation of Snort
  • Configure and Run Snort
  • Tweak the Installation
  • Rapid Deployment with Lua
  • Integrate Snort Optimizers
  • Analyze Rule Syntax
  • Hello World Lua Style

 

Descargue el temario para conocer el detalle completo de los contenidos

 

Debido a las constantes actualizaciones de los contenidos de los cursos por parte del fabricante, el contenido de este temario puede variar con respecto al publicado en el sitio oficial, sin embargo, Netec siempre entregará la versión actualizada de éste

SSFSNORT | Securing Cisco Networks with Open Source Snort

SKU: CISCO-SSFSNORT
  • Métodos de entrega 👤      💻      @
    Duración Virtual en vivo: 4 días
    Digital: 180 días
    Versión

    Virtual en vivo: 3.1

    Digital: 3

    Temario Descarga aquí ⇩
    Fechas Cisco Consultar
    El curso digital incluye:

    - Laboratorios
    - Videos HD subtitulados y dirigidos por un instructor

    - Herramientas para evaluación, anotaciones, marcadores

    - Diploma oficial de Cisco

    - Continuing Education Credits

bottom of page