Catalog > All Topics

Securing Cisco Networks with Snort Rule Writing Best Practices (SSFRULES)

Cisco
180 Days
Download Course Outline
$1,000.00
Request a Quote
10 Learning Credits
Share
Schedule
Export to CSV
      • DL
        Digital Learning
        eLearning solutions you can access anytime and anywhere at your own pace.
    Email to Enroll
  • DLDigital Learning
    Digital Learning
    eLearning solutions you can access anytime and anywhere at your own pace.
Course Summary
Show All

Description

The Securing Cisco Networks with Snort Rule Writing Best Practices (SSFRules) v2.1 course shows you how to write rules for Snort, an open-source intrusion detection and prevention system.

Through a combination of expert-instruction and hands-on practice, this course provides you with the knowledge and skills to develop and test custom rules, standard and advanced rule-writing techniques, how to integrate OpenAppID into rules, rules filtering, rules tuning, and more. The hands-on labs give you practice in creating and testing Snort rules.

Course Objectives

After taking this course, you should be able to:

  • Describe the Snort rule development process
  • Describe the Snort basic rule syntax and usage
  • Describe how traffic is processed by Snort
  • Describe several advanced rule options used by Snort
  • Describe OpenAppID features and functionality
  • Describe how to monitor the performance of Snort and how to tune rules

Course Prerequisites

To fully benefit from this course, you should have:

  • Basic understanding of networking and network protocols
  • Basic knowledge of Linux command-line utilities
  • Basic knowledge of text editing utilities commonly found in Linux
  • Basic knowledge of network security concepts
  • Basic knowledge of a Snort-based IDS/IPS system