This Securing Cisco Networks with Open Source Snort (SSFSNORT) training course introduces to the open source Snort technology as well as rule writing. You will learn to build and manage a Snort system using open source tools, plug-ins, and the Snort rule language to help manage, tune, and deliver feedback on suspicious network activity. This course combines lecture materials and hands-on labs throughout to make sure that you are able to construct a solid, secure Snort installation and write Snort rules using proper syntax and structure.
By attending Securing Cisco Networks with Open Source Snort (SSFSNORT) workshop, delegates will learn to:
- Understand what Snort is and its basic architectural components
- Understand Snort’s dynamic plug-in capapbilities
- Understand the different modes of Snort operation
- Perform installation and configuration of the Snort system
- Install and configure Snorby
- Configure and tune the Snort pre-processors
- Understand rule maintenance and techniques to keep rules current
- Create Snort rules using both simple and advanced rule-writing techniques
- Monitor performance of a Snort deployment
- Technical understanding of TCP/IP networking and network architecture
- Proficiency with Linux and UNIX text editing tools (vi editor is suggested but not required)
The Securing Cisco Networks with Open Source Snort (SSFSNORT) class is ideal for:
- Security administrators
- Security consultants
- Network administrators
- System engineers
- Technical support personnel using open source IDS and IPS