Loading Course Schedule...
PT15391
Training Summary
Securing Cisco Networks with Sourcefire Intrusion Prevention System (IPS) is an instructor-led, lab-intensive course that introduces students to the powerful features of the Cisco Sourcefire System, including FireSIGHT technology, in-depth event analysis, IPS tuning and configuration, and the Snort rules language.
Students will learn how to use and configure next-generation Sourcefire technology, including application control, firewall, and routing and switching capabilities. Students will also learn to properly tune your system for better performance and greater network intelligence while taking full advantage of powerful tools for more efficient event analysis, including file type and network-based malware detection.
This course combines lecture materials and hands-on labs throughout to make sure that students are able to successfully deploy and manage the Sourcefire System.
Prerequisites
It is recommended that prior to enrollment, students have the following:
- Technical understanding of TCP/IP networking and network architecture
- Basic familiarity with the concepts of intrusion detection systems (IDS) and IPS
Duration
5 Days/Lecture & Lab
Audience
This course is designed for technical professionals who need to know how to deploy and/or manage a Sourcefire System in their work environment. The primary audience for this course includes:
- Security administrators
- Security consultants
- Network administrators
- System engineers
- Technical support personnel
- Channel partners and resellers
Course Topics
Sourcefire System Overview and Classroom Setup
- Device Management
- Object Management
- Access Control Policy
- Network-based Malware Detection
- FireSIGHT Technology
- Correlation Policies
- IPS Policy Basics
- Advanced IPS Policy Configurations
- User Account Management
- Event Analyis
- Reporting
- Basic Rule Syntax and Usage
- Case Studies in Rule Writing and Packet Analysis