EncartaLabs

Securing Cisco Networks with Open Source Snort (SSFSNORT)

( Duration: 4 Days )

This Securing Cisco Networks with Open Source Snort (SSFSNORT) training course introduces to the open source Snort technology as well as rule writing. You will learn how to build and manage a Snort system using open source tools, plug-ins, and the Snort rule language to help manage, tune, and deliver feedback on suspicious network activity. This course combines lecture materials and hands-on labs throughout to make sure that you are able to construct a solid, secure Snort installation and write Snort rules using proper syntax and structure.

By attending Securing Cisco Networks with Open Source Snort (SSFSNORT) workshop, delegates will learn to:

  • Understand what Snort is and its basic architectural components
  • Understand Snort’s dynamic plug-in capapbilities
  • Understand the different modes of Snort operation
  • Perform installation and configuration of the Snort system
  • Install and configure Snorby
  • Configure and tune the Snort pre-processors
  • Understand rule maintenance and techniques to keep rules current
  • Create Snort rules using both simple and advanced rule-writing techniques
  • Monitor performance of a Snort deployment

  • Technical understanding of TCP/IP networking and network architecture
  • Proficiency with Linux and UNIX text editing tools (vi editor is suggested but not required)

The Securing Cisco Networks with Open Source Snort (SSFSNORT) class is ideal for:

  • Security administrators
  • Security consultants
  • Network administrators
  • System engineers
  • Technical support personnel using open source IDS and IPS

COURSE AGENDA

1

Intrusion Sensing technology, Challenges, and Sensor Deployment

2

Introduction to Snort Technology

3

Snort Installation

4

Cofiguring Snort for Database Output and Graphical Analaysis

5

Operating Snort

6

Snort Configuration

7

Configuring Snort Preprossors

8

Keeping Rules Up to Date

9

Budilidng a Distributed Snort Instalation

10

Basic Rule Syntax and Usage

11

Buildling a Snort IPS Installation

12

Rule Optimization

13

Using PCRE in Rules

14

Basic Snort Tuning

15

Using Byte_Jump/Test/Extract Rule Options

16

Protocol Modeling Concepts and Using Flowbits in Rule Writing

Encarta Labs Advantage

  • One Stop Corporate Training Solution Providers for over 4,000 Modules on a variety of subjects
  • All courses are delivered by Industry Veterans
  • Get jumpstarted from newbie to production ready in a matter of few days
  • Trained more than 50,000 Corporate executives across the Globe
  • All our trainings are conducted in workshop mode with more focus on hands-on sessions

View our other course offerings by visiting http://encartalabs.com/course-catalogue-all.php

Contact us for delivering this course as a public/open-house workshop/online training for a group of 10+ candidates.

Top