Securing Cisco Networks with Snort Rule Writing Best Practices v2.0 - SSFRULES (Security) Training Course | Certification Exam
NetCom Learning

Securing Cisco Networks with Snort Rule Writing Best Practices v2.0 - SSFRULES (Security)

Securing Cisco Networks with Snort Rule Writing Best Practices v2.0 - SSFRULES (Security) Course Description

Duration: 3.00 days (24 hours)

Cisco Career Guide

Securing Cisco Networks with Snort Rule Writing Best Practices (SSFRULES) is an instructor-led, lab-intensive, course that introduces users of open source Snort or Sourcefire FireSIGHT1 systems to the Snort rules language and rule-writing best practices.

You will focus exclusively on the Snort rules language and rule writing. Starting from rule syntax and structure to advanced rule option usage, you will analyze exploit packet captures and put the rule writing theories learned to work by implementing rule language features to trigger alerts on the offending network traffic.

This course also provides instruction and lab exercises on how to detect certain types of attacks, such as buffer overflows, using various rule writing techniques. You will test your rule writing skills with two challenges: a theoretical challenge that tests your knowledge of rule syntax and usage, and a practical challenge in which you analyze and research an exploiting event, so you can defend your installations against attacks

This course combines lecture materials and hands-on labs throughout to make sure that you are able to successfully understand and implement open source rules.

Next Class Dates

Contact us to customize this class with your own dates, times and location. You can also call 1-888-563-8266 or chat live with a Learning Consultant.

Back to Top

Intended Audience for this Securing Cisco Networks with Snort Rule Writing Best Practices v2.0 - SSFRULES (Security) Course

  • » Security administrators
  • » Security consultants
  • » Network administrators
  • » System engineers
  • » Technical support personnel using open source IDS and IPS
  • » Channel partners and resellers

Back to Top

Course Prerequisites for Securing Cisco Networks with Snort Rule Writing Best Practices v2.0 - SSFRULES (Security)

  • » Technical understanding of TCP/IP networking and network architecture
  • » Working knowledge of how to use and operate Cisco and Sourcefire systems or open source Snort
  • » Working knowledge of command-line text editing tools, such as the vi editor
  • » Basic rule-writing experience is suggested

Back to Top

Securing Cisco Networks with Snort Rule Writing Best Practices v2.0 - SSFRULES (Security) Course Objectives

  • » Describe the Snort rule development process
  • » Describe the Snort basic rule syntax and usage
  • » Describe how traffic is processed by Snort
  • » Describe several advanced rule options used by Snort
  • » Describe OpenAppID features and functionality
  • » Describe how to monitor the performance of Snort and how to tune rules

Back to Top

Securing Cisco Networks with Snort Rule Writing Best Practices v2.0 - SSFRULES (Security) Course Outline

      1. Introduction to Snort Rule Development
      2. Snort Rule Syntax and Usage
      3. Traffic Flow Through Snort Rules
      4. Advanced Rule Options
      5. OpenAppID Detection
      6. Tuning Snort
      7. Labs
        1. Connecting to the Lab Environment
        2. Introducing Snort Rule Development
        3. Basic Rule Syntax and Usage
        4. Advanced Rule Options
        5. OpenAppID
        6. Tuning Snort

Back to Top

Do you have the right background for Securing Cisco Networks with Snort Rule Writing Best Practices v2.0 - SSFRULES (Security)?

Skills Assessment

We ensure your success by asking all students to take a FREE Skill Assessment test. These short, instructor-written tests are an objective measure of your current skills that help us determine whether or not you will be able to meet your goals by attending this course at your current skill level. If we determine that you need additional preparation or training in order to gain the most value from this course, we will recommend cost-effective solutions that you can use to get ready for the course.

Our required skill-assessments ensure that:

  1. All students in the class are at a comparable skill level, so the class can run smoothly without beginners slowing down the class for everyone else.
  2. NetCom students enjoy one of the industry's highest success rates, and pass rates when a certification exam is involved.
  3. We stay committed to providing you real value. Again, your success is paramount; we will register you only if you have the skills to succeed.
This assessment is for your benefit and best taken without any preparation or reference materials, so your skills can be objectively measured.

Take your FREE Skill Assessment test »

Back to Top

Award winning, world-class Instructors

David M.
- Networking expert with several Cisco certifications, including CCENT, CCNA, CCDA, CCSI, and CCVP. - Has taught over 90 courses at NetCom Learning. - Average rating of 8.75 out of 9 on student evaluation reports.

Bio:

David has been in the Networking field for the past eleven years and holds several Cisco certifications. He has been an instructor since 2005 and has taught over 90 courses at NetCom Learning.

David is an extremely enthusiastic trainer with a raw passion towards teaching and delivering Cisco information and takes great pride in his career as an instructor, which has lead him to develop and deliver the class in his own unique way; very professional and knowledgeable, yet pleasant and enjoyable. His classes have a high passing rate for students taking certification exams, and averages 8.75 out of 9 on evaluation reports.
Michael G.
- Over 22 years of professional experience in the IT field, including more than a decade as a Certified Trainer.
- An expert in Cisco's Routing, Switching, Security, Voice and Wireless areas, as well as select Microsoft, Novell, CompTIA, Sun and CWNP courses.
- High-skilled and acclaimed instructor. Has trained over 900 students at Netcom Learning.

Bio:

Michael has over 22 years of professional experience in the IT field, including more than a decade as a Certified Trainer. An expert in Cisco's Routing, Switching, Security, Voice and Wireless areas, Michael also teaches select Microsoft, Novell, CompTIA, Sun and CWNP courses.

Michael's dedication and passion for teaching is unmatched. He has trained over 900 students at Netcom Learning since 2006 and his evaluation scores average 8.7 out of 9.
William D.
- Bachelors and Masters in Mathematics from University of Pennsylvania, in addition to several IT certifications.
- Over 20 years of experience in the IT industry; background ranges from engineering, administration and escalation support in networks.

Bio:

William is a highly-skilled IT professional with Bachelors and Masters Degree in Mathematics from University of Pennsylvania. He has been working in the IT industry for over 20 years, with experience in engineering, administration and escalation support in networks ranging from small to large scale complex enterprise environments.

As a Cisco and CompTIA Subject Matter Expert, he holds several certifications, including Cisco CCNA, CCNP, and CCIE. William is one of NetCom's top trainers, consistently scoring high marks in student evaluations.

See more...   See more instructors...

Back to Top

Recent Client Testimonials & Reviews

Very knowledgeable instructor. True subject matter expert.

- Dameon R.

Course(s) Taken

» Implementing Cisco Voice Communications and QoS v8.0 - CVOICE

The instructor knows his material very well.

- Hung N.

Course(s) Taken

» Implementing Cisco Voice Communications and QoS v8.0 - CVOICE

Good Training company with whom we have a history.

-Swaminathayer M.
Course(s) Taken

» Deploying Cisco ASA Firewall Solutions v2.0 - FIREWALL

  More testimonials »  

Back to Top