Аудиторія
This course is designed for technical professionals who need to know how to deployopen source intrusion detection systems (IDS) and intrusion prevention systems(IPS), as well as write Snort rules.
The primary audience for this course includes:
- Security administrators
- Security consultants
- Network administrators
- System engineers
- Technical support personnel using open source IDS and IPS
- Channel partners and resellers
Попередні вимоги
- Technical understanding of TCP/IP networking and network architecture
- Proficiency with Linux and UNIX text editing tools (vi editor is suggested but not required)
Цілі курсу
Upon completion of this course, you should be able to:
- Understand what Snort is and its basic architectural components
- Understand Snort’s dynamic plug in capapbilities
- Understand the different modes of Snort operation
- Perform installation and configuration of the Snort system
- Install and configure Snorby
- Configure and tune the Snort pre-processors
- Understand rule maintenance and techniques to keep rules current
- Create Snort rules using both simple and advanced rule-writing techniques
- Monitor performance of a Snort deployment
Зміст курсу
Securing Cisco®Networks with Open Source Snort™is aninstructor-ledcourseoffered byLearning ServicesHigh-Touch Delivery. Itis a lab-intensive course that introducesstudentsto the open source Snort technology as well as rule writing. You will learn how to build and manage a Snort systemusing open source tools, plug - ins, and the Snort rule language to help manage, tune, and deliver feedback on suspicious network activity.
This course combines lecture materials and hands-on labs throughout to make sure that you are able to construct a solid, secure Snort installation and write Snort rules using proper syntax and structure.