Cisco Securing Cisco Networks with Snort Rule Writing Best Practices v2.1 (SSFRULES)
Duration
3 Days
Price
$2,450.00
The Securing Cisco Networks with Snort Rule Writing Best Practices (SSFRules) v2.1 course shows you how to write rules for Snort, an open-source intrusion detection and prevention system. Through a combination of expert-instruction and hands-on practice, this course provides you with the knowledge and skills to develop and test custom rules, standard and advanced rules-writing techniques, how to integrate OpenAppID into rules, rules filtering, rules tuning, and more. The hands-on labs give you practice in creating and testing Snort rules.
Learning Objectives
After taking this course, you should be able to:
- Describe the Snort rule development process
- Describe the Snort basic rule syntax and usage
- Describe how traffic is processed by Snort
- Describe several advanced rule options used by Snort
- Describe OpenAppID features and functionality
- Describe how to monitor the performance of Snort and how to tune rules
-
-
-
Course Outline
1 - Course Outline
- Introduction to Snort Rule Development
- Snort Rule Syntax and Usage
- Traffic Flow Through Snort Rules
- Advanced Rule Options
- OpenAppID Detection
- Tuning Snort
Target Audience
This course is for technical professionals to gain skills in writing rules for Snort-based Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS). The primary audience includes:
Security administrators
Security consultants
Network administrators
System engineers
Technical support personnel using open source IDS and IPS
Channel partners and resellers