phone  Contact Us  
X
about us

About Us

We are the leading IT training company in EMEAR. Insoft Group provides authorised training and consultancy services for leading IP vendors....
our instructors

Award Winning Instructors

Our elite instructors, who we time and time again rely on to deliver world-class training....
our recognition

Our Recognition

Insoft Services has achieved the International Organization for Standardizationā€™s (ISO) 9001:2008 and ISO 27001:2005 certifications....
contact us

Contact Us

We are located in several location in EMEA. We have head quarters in London....
call us

Call us at +44 (0) 20 7193 0551

email us

Email us at info@insoftservices.uk

SSFRULES v2.1 – Securing Cisco Networks with Snort Rule Writing Best Practices

X

Contact Us

We would love to hear from you. Please complete this form to pre-book or request further information about our delivery options.

Subscribe

I'd like to receive emails with the latest updates and promotions from Insoft.

Data Protection & Privacy

I hereby allow Insoft Ltd. to contact me on this topic. Further, I authorise Insoft Ltd. processing, using collecting and storing my personal data for the purpose of these activities. All your data will be protected and secured as outlined in our privacy policy.


Upcoming Dates

Feb 7 - Feb 9, 2022
09:00 - 17:00
Online
REGISTER
Mar 7 - Mar 9, 2022
09:00 - 17:00
Online
REGISTER
Cisco
SSFRULES v2.1 – Securing Cisco Networks with Snort Rule Writing Best Practices
3 days  (Instructor Led Online)  |  Network Security
Price Upon Request REGISTER

Course Details

TheĀ Securing Cisco Networks with Snort Rule Writing Best PracticesĀ (SSFRules) v2.1 course shows you how to write rules for Snort, an open-source intrusion detection and prevention system. Through a combination of expert-instruction and hands-on practice, this course provides you with the knowledge and skills to develop and test custom rules, standard and advanced rules-writing techniques, how to integrate OpenAppID into rules, rules filtering, rules tuning, and more. The hands-on labs give you practice in creating and testing Snort rules.

This course will help you:

  • Gain an understanding of characteristics of a typical Snort rule development environment
  • Gain hands-on practices on creating rules for Snort
  • Gain knowledge in Snort rule development, Snort rule language, standard and advanced rule options

Objectives

After taking this course, you should be able to:

  • Describe the Snort rule development process
  • Describe the Snort basic rule syntax and usage
  • Describe how traffic is processed by Snort
  • Describe several advanced rule options used by Snort
  • Describe OpenAppID features and functionality
  • Describe how to monitor the performance of Snort and how to tune rules

Outline

  • Introduction to Snort Rule Development
  • Snort Rule Syntax and Usage
  • Traffic Flow Through Snort Rules
  • Advanced Rule Options
  • OpenAppID Detection
  • Tuning Snort

Lab outline

  • Connecting to the Lab Environment
  • Introducing Snort Rule Development
  • Basic Rule Syntax and Usage
  • Advanced Rule Options
  • OpenAppID
  • Tuning Snort

Target Audience

This course is for technical professionals to gain skills in writing rules for Snort-based Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS). The primary audience includes:

  • Security administrators
  • Security consultants
  • Network administrators
  • System engineers
  • Technical support personnel using open source IDS and IPS
  • Channel partners and resellers

Prerequisites

To fully benefit from this course, you should have:

  • Basic understanding of networking and network protocols
  • Basic knowledge of Linux command-line utilities
  • Basic knowledge of text editing utilities commonly found in Linux
  • Basic knowledge of network security concepts
  • Basic knowledge of a Snort-based IDS/IPS system