Securing Cisco Networks with Open Source Snort (SSFSNORT) v2.1

4.6 out of 5 rating

Jump to dates

Duration

4 Days

24 CPD hours

About this course

The primary audience for this course is as follows:
Security administrators
Security consultants
Network administrators
System engineers
Technical support personnel
Channel partners and resellers

Overview

Upon completing this course, the learner will be able to meet these overall objectives:
Define the use and placement IDS/IPS components.
Identify Snort features and requirements.
Compile and install Snort.
Define and use different modes of Snort.
Install and utilize Snort supporting software.

Description

Securing Cisco Networks with Open Source Snort (SSFSNORT) v3.0 is a 4-day course that shows you how to deploy Snort© in small to enterprise-scale implementations. You will learn how to install, configure, and operate Snort in Intrusion Detection System (IDS) and Intrusion Prevention System (IPS) modes. You ll practice installing and configuring Snort, utilize additional software tools and define rules to configure and improve the Snort environment, and more. The course qualifies for 32 Cisco Continuing Education credits (CE) towards recertification.This course will help you:Learning how to implement Snort, an open-source, rule-based, intrusion detection and prevention system. Gain leading-edge skills for high-demand responsibilities focused on security.

Module 1: Detecting Intrusions with Snort 3.0
  • History of Snort
  • IDS
  • IPS
  • IDS vs. IPS
  • Examining Attack Vectors
  • Application vs. Service Recognition
Module 2: Sniffing the Network
  • Protocol Analyzers
  • Configuring Global Preferences
  • Capture and Display Filters
  • Capturing Packets
  • Decrypting Secure Sockets Layer (SSL) Encrypted Packets
Module 3: Architecting Nextgen Detection
  • Snort 3.0 Design
  • Modular Design Support
  • Plug Holes with Plugins
  • Process Packets
  • Detect Interesting Traffic with Rules
  • Output Data
Module 4: Choosing a Snort Platform
  • Provisioning and Placing Snort
  • Installing Snort on Linux
Module 5: Operating Snort 3.0
  • Start Snort
  • Monitor the System for Intrusion Attempts
  • Define Traffic to Monitor
  • Log Intrusion Attempts
  • Actions to Take When Snort Detects an Intrusion Attempt
  • License Snort and Subscriptions
Module 6: Examining Snort 3.0 Configuration
  • Introducing Key Features
  • Configure Sensors
  • Lua Configuration Wizard
Module 7: Managing Snort
  • Pulled Pork
  • Barnyard2
  • Elasticsearch, Logstash, and Kibana (ELK)
Module 8: Analyzing Rule Syntax and Usage
  • Anatomy of Snort Rules
  • Understand Rule Headers
  • Apply Rule Options
  • Shared Object Rules
  • Optimize Rules
  • Analyze Statistics
Module 9: Use Distributed Snort 3.0
  • Design a Distributed Snort System
  • Sensor Placement
  • Sensor Hardware Requirements
  • Necessary Software
  • Snort Configuration
  • Monitor with Snort
Module 10: Examining Lua
  • Introduction to Lua
  • Get Started with Lua
Additional course details:

Nexus Humans Securing Cisco Networks with Open Source Snort (SSFSNORT) v2.1 training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward.

This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts.

Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success.

While we feel this is the best course for the Securing Cisco Networks with Open Source Snort (SSFSNORT) v2.1 course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you.

Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Training Insurance Included!

When you organise training, we understand that there is a risk that some people may fall ill, become unavailable. To mitigate the risk we include training insurance for each delegate enrolled on our public schedule, they are welcome to sit on the same Public class within 6 months at no charge, if the case arises.

What people say about us


Find out more about this course

Interested in alternative dates? Would like to book a private session of this course for your company? Or for any other queries please simply fill out the form below.