Securing Cisco Networks with Open Source Snort (SSFSNORT) v3.0
Securing Cisco Networks with Open Source Snort (SSFSNORT) v3.0 is a 4-day course that shows you how to deploy Snort® in small to enterprise-scale implementations. You will learn how to install, configure, and operate Snort in Intrusion Detection System (IDS) and Intrusion Prevention System (IPS) modes. You’ll practice installing and configuring Snort, utilize additional software tools and define rules to configure and improve the Snort environment, and more. The course qualifies for 32 Cisco Continuing Education credits (CE) towards recertification. This course will help you: Learning how to implement Snort, an open-source, rule-based, intrusion detection and prevention system. Gain leading-edge skills for high-demand responsibilities focused on security.
Course Objectives
Upon completing this course, the learner will be able to meet these overall objectives:
- Define the use and placement IDS/IPS components. Identify Snort features and requirements. Compile and install Snort. Define and use different modes of Snort. Install and utilize Snort supporting software.
Agenda
- History of Snort
- IDS
- IPS
- IDS vs. IPS
- Examining Attack Vectors
- Application vs. Service Recognition
- Protocol Analyzers
- Configuring Global Preferences
- Capture and Display Filters
- Capturing Packets
- Decrypting Secure Sockets Layer (SSL) Encrypted Packets
- Snort 3.0 Design
- Modular Design Support
- Plug Holes with Plugins
- Process Packets
- Detect Interesting Traffic with Rules
- Output Data
- Provisioning and Placing Snort
- Installing Snort on Linux
- Start Snort
- Monitor the System for Intrusion Attempts
- Define Traffic to Monitor
- Log Intrusion Attempts
- Actions to Take When Snort Detects an Intrusion Attempt
- License Snort and Subscriptions
- Introducing Key Features
- Configure Sensors
- Lua Configuration Wizard
- Pulled Pork
- Barnyard2
- Elasticsearch, Logstash, and Kibana (ELK)
- Anatomy of Snort Rules
- Understand Rule Headers
- Apply Rule Options
- Shared Object Rules
- Optimize Rules
- Analyze Statistics
- Design a Distributed Snort System
- Sensor Placement
- Sensor Hardware Requirements
- Necessary Software
- Snort Configuration
- Monitor with Snort
- Introduction to Lua
- Get Started with Lua
FREE
Interested in course?
Course Type: Instructor Led