Live Chat
Monday - Friday 8am - 6pm EST Chat Now
Contact Us
Monday - Friday 8am - 8pm EST 1-866-716-6688 Other Contact Options

Cart () Loading...

    • Quantity:
    • Delivery:
    • Dates:
    • Location:


IPS - Implementing Cisco Intrusion Prevention System v7.0

Cisco Course 7.0 | IPS Sensor Software v7.0

GK# 5744

Course Overview


Part of the curriculum path leading to the CCNP Security certification, this expert-led course is aimed at providing network security engineers with the knowledge and skills needed to deploy Cisco IPS-based security solutions. You will learn to reduce risk to the IT infrastructure and applications using Cisco IPS features and provide detailed operations support for the Cisco IPS.

For self-paced learning, you will have access to this course for 12 months from the purchase date.


  • Delivery Format:
  • Date:
  • Location:
  • Access Period:


What You'll Learn

  • How Cisco IPS protects network devices from attacks
  • Basic intrusion prevention terminology
  • Intrusion prevention technologies and evasive techniques
  • Cisco IPS Sensor platforms and their features
  • Install and configure basic settings on a Cisco IPS 4200 Series Sensor
  • Use the IDM to configure built-in signatures to meet the requirements of a given security policy
  • Create and implement customized intrusion prevention signatures
  • Create alarm filters to reduce alarms and possible false positives
  • Configure the sensor with the command line and IDM
  • Configure IPS protective reactions such as TCP reset and deny attacker inline
  • Configure a Cisco IPS Sensor to perform blocking on IOS routers and Adaptive Security Appliances (ASAs) or PIX firewalls
  • Perform maintenance operations such as signature updates
  • Configure and monitor anomaly detection, passive OS fingerprinting, and virtual sensors
  • Initialize and install remaining Cisco IPS family of products
  • Utilize global correlation to adjust sensor actions based on the reputation of the source IP address
  • Use the CLI and Cisco IDM to obtain system information
  • Internal specifications of different signature engines


Viewing outline for:

Self-Paced Outline

1. Intrusion Prevention and Detection, Cisco IPS Software, and Supporting Devices

  • Evaluating Intrusion Prevention and Intrusion Detection Systems
  • Choosing Cisco IPS Software, Hardware, and Supporting Applications
  • Evaluating Network IPS Traffic Analysis Methods, Evasion Possibilities, and Anti-Evasive Countermeasures
  • Choosing a Network IPS and IDS Deployment Architecture

2. Installing and Maintaining Cisco IPS Sensors

  • Integrating the Cisco IPS Sensor into a Network
  • Performing the Cisco IPS Sensor Initial Setup
  • Managing Cisco IPS Devices

3. Applying Cisco IPS Security Policies

  • Configuring Basic Traffic Analysis
  • Implementing Cisco IPS Signatures and Responses
  • Configuring Cisco IPS Signature Engines and the Signature Database
  • Deploying Anomaly-Based Operation

4. Adapting Traffic Analysis and Response to the Environment

  • Customizing Traffic Analysis
  • Managing False Positives and False Negatives
  • Improving Alarm and Response Quality

5. Managing and Analyzing Events

  • Installing and Integrating Cisco IPS Manager Express with Cisco IPS Sensors
  • Managing and Investigating Events Using Cisco IPS Manager Express
  • Using Cisco IME Reporting and Notifications
  • Integrating Cisco IPS with Cisco Security Manager and Cisco Security MARS

6. Deploying Virtualization, High-Availability, and High-Performance Solutions

  • Using Cisco IPS Virtual Sensors
  • Deploying Cisco IPS for High Availability and High Performance

7. Configuring and Maintaining Specific Cisco IPS Hardware

  • Configuring and Maintaining the Cisco ASA AIP SSM and AIP SSC Modules
  • Configuring and Maintaining the Cisco ISR IPS AIM and IPS NME Modules
  • Configuring and Maintaining the Cisco IDSM-2


Viewing labs for:

Self-Paced Labs

  • Lab 1: IDM Basic Traffic
  • Lab 2: Create User Accounts and Privileges
  • Lab 3: Assign Sensing Interfaces to the Default Virtual Server
  • Lab 4: Manual Configuration to Select Signature Responses
  • Lab 5: Create a Basic Custom Signature
  • Lab 6: Create a Custom Layer 4 Stateful String-Match Signature
  • Lab 7: Create Advanced Application-Layer Signature with Custom Parameters
  • Lab 8: Manually Create and Advanced App-Layer Sig with Custom Parameters
  • Lab 9: Tuning Signatures to Eliminate False Positives
  • Lab 10: Configuring Policy Virtualization by Creating a New Security Policy and Virtual Sensor

Supplemental Assets

Class Notes / Study Guides: Printable study guide and class notes are intended to support your transfer of knowledge and skills from courses to the workplace. Use these to follow along with instruction, review prior to certification exams, or to reference on the job.

Lab Simulations: Task-based multipath scenarios provide realistic practice of technology subjects or applications.

Who Should Attend

  • Cisco customers who implement and maintain Cisco IPS solutions
  • Cisco channel partners who sell, implement, and maintain Cisco IPS solutions
  • Cisco systems engineers who support the sale of Cisco IPS solutions

Vendor Credits


This course can be purchased with Cisco Learning Credits (CLCs).

Follow-On Courses


Master Cisco on your own schedule. This Self-Paced delivered course includes access to these benefits for 12 months:

  • Task-based practice labs
  • Printable class notes
  • Pre- and post-course assessments
Course Delivery

This course is available in the following formats:


On-demand content enables you to train on your own schedule.

Request this course in a different delivery format.