logo

Cisco Security Course

course overview

Click to View dates & book now

Overview

Securing Cisco Networks with Snort Rule Writing Best Practices is a lab-intensive course that introduces users of open source Snort or Sourcegire FIRESIGHT systems to the Snort rules language and rule-writing best practices. Users focus exclusively on the Snort rules language and rule writing. Starting from rule syntax and structure to advanced rule-option usage, you will analyze exploit packet captures and put the rule writing theories learned to work—implementing rule-language features to trigger alerts on the offending network traffic.This course also provides instruction and lab exercises on how to detect certain types of attacks, such as buffer overflows, utilizing various rule-writing techniques. You will test your rule-writing skills in two challenges: a theoretical challenge that tests knowledge of rule syntax and usage, and a practical challenge in which we present an exploit for you to analyze and research so you can defend your installations against the attack.This course combines lecture materials and hands-on labs throughout to make sure that you are able to successfully understand and implement open source rules.

Audience

This course is designed for security professionals who need to know how to write rules and understand open source Snort language.

Skills Gained

After completing this course, you should be able to:

  • Describe rule structure, rule syntax, rule options and their usage.
  • Configure and create Snort rules
  • Describe the rule optimization process to create efficient rules
  • Describe preprocessors and how data is presented to the rule engine
  • Create and implement functional Regular Expressions in Snort rules
  • Design and apply rules using byte_jump/test/extract rule options
  • Understand the concepts behind protocol modeling to write rules that perform better

Prerequisites

Attendees should meet the following prerequisites:

  • Technical understanding of TCP/IP networking and network architecture - ICND1 Recommended
  • Working knowledge of how to use and operate Cisco Sourcefire Systems or open source Snort
  • Working knowledge of command-line text editing tools, such as the vi editor
  • Basic rule-writing experience is suggested

Outline

Cisco develops, manufactures and sells networking hardware, telecommunications equipment and other high-technology services and products. Through its numerous subsidiaries, such as OpenDNS, Webex, Jabber and Jasper, Cisco specialises into specific tech markets, such as the Internet of Things (IoT), domain security and energy management.

Cisco pioneered the concept of a local area network (LAN) being used to connect geographically disparate computers over a multiprotocol router system.

Cisco's products and services focus upon three market segments—enterprise, service provider, midsize and small business.

Cisco provides IT products and services across five major technology areas: Networking (including Ethernet, optical, wireless and mobility), Security, Collaboration (including voice, video, and data), Data Center, and the Internet of Things.

Cisco is the dominant vendor in the Australian market with leadership across all market segments. It uses its Australian office as one of the main headquarters for the Asia-Pacific region.

Cisco sponsors a line of IT professional certifications for Cisco products. 

It has been shown that Cisco certified professionals complete network related IT projects more quickly than non-certified professionals. They show more effectiveness in resolving network-related IT projects and resolving technical problems. The overall efficiency of a Cisco certified professional is far better than an uncertified professional. So, it makes a lot of sense to have Cisco certified professionals in a company.

Cisco Certifications

Cisco Certifications provide learning paths and qualifications for IT professionals working with Routing & Switching, Design, Security, Service Provider, Service Provider Operations, Data Centre, Voice, Wireless and Video.

Levels of Cisco Network Certifications

There are five levels of network certifications. They are Entry, Associate, Professional, Expert and Architect. Architect is the highest level of accreditation within the Cisco Career Certification Program.

  •  Entry There are two certifications in this category, CCENT and CCT. Both of these certifications serve as a starting point for those who want to start a career in networking.
  • Associate The associate level certification is considered as the foundation level for network certification. The different programs under this level include CCDA, CCNA collaboration, CCNA Data Center, CCNA Routing and Switching, CCNA Security, CCNA Service Provider, CCNA Service Provider Operations, CCNA Video, CCNA Voice and CCNA Wireless.
  • Professional The professional level is an advanced level of certification. Individuals who go for this certification are equipped with more networking skills. Each certification under this level covers a different technology catering to the specific needs of varying jobs. Cisco professional certifications include CCDP, CCNP Collaboration, CCNP Data Center, CCNP Routing and Switching, CCNP Security, CCNP Service Provider, CCNP Service Provider Operations, CCNP Voice and CCNP Wireless.
  • Expert The expert level certification is again an advance level of certification. The certification programs include CCDE, CCIE Collaboration, CCIE Data Center, CCIE Routing and Switching, CCIE Security, CCIE Service Provider, CCIE Service Provider Operations and CCIE Wireless. These certifications are the most prestigious networking certifications with worldwide acceptance.
  • Architect The architect level is the highest level of certification from Cisco. Individuals with CCAr certification have the expertise to support the increasingly complex networks of global companies, and effectively decode business strategies into evolutionary technical strategies.


Contact us now to learn how Cisco certification and training courses can benefit you and your enterprise.

Talk to an expert

Thinking about Onsite?

If you need training for 3 or more people, you should ask us about onsite training. Putting aside the obvious location benefit, content can be customised to better meet your business objectives and more can be covered than in a public classroom. Its a cost effective option. One on one training can be delivered too, at reasonable rates.

Submit an enquiry from any page on this site and let us know you are interested in the requirements box, or simply mention it when we contact you.

All $ prices are in USD unless it’s a NZ or AU date

SPVC = Self Paced Virtual Class

LVC = Live Virtual Class

Please Note: All courses are availaible as Live Virtual Classes

Trusted by over 1/2 million students in 15 countries

Our clients have included prestigious national organisations such as Oxford University Press, multi-national private corporations such as JP Morgan and HSBC, as well as public sector institutions such as the Department of Defence and the Department of Health.