Embrace the Microsoft hype! Get 50% off on Microsoft Instructor-led Training courses!

MyGK
Support
USA USA - English
Checkout

Cart () Loading...

    • Quantity:
    • Delivery:
    • Dates:
    • Location:

    $

Subtotal

$

Checkout

or Continue Shopping

Course  
Contact Sales
Support
Checkout

Cart () Loading...

    • Quantity:
    • Delivery:
    • Dates:
    • Location:

    $

Subtotal

$

Checkout

or Continue Shopping

Request Group Training

SSFRULES - Securing Cisco Networks with Snort Rule Writing Best Practices v2.1

Learn to analyze, exploit packet captures, and put the rule writing theories learned to work by implementing rule-language features for triggering alerts on the offending network traffic.

In this course, you will learn about the key features and characteristics of a typical Snort rule development environment. You will develop and test custom rules in a preinstalled Snort environment and identify how to use advanced rule-writing techniques. You will investigate how to include OpenAppID in your rules and also identify how to filter rules and monitor their performance. 

This course combines lecture materials and hands-on labs that give you practice in creating Snort rules. 

This lab-intensive course introduces you to Snort rule writing. Among other powerful features, you become familiar with: 

  • Snort rule development
  • Snort rule language
  • Standard and advanced rule options
  • OpenAppID
  • Tuning

This course is eligible for 24 Continuing Education Credits (ILT & ELT Modality).

GK# 5827 Vendor# SSFRULES 2.1
Vendor Credits:
No matching courses available.
Start learning as soon as today! Click Add To Cart to continue shopping or Buy Now to check out immediately.
Access Period:
Scheduling a custom training event for your team is fast and easy! Click here to get started.
$
Your Selections:
Location:
Access Period:
No available dates
Add To Cart

BUY NOW

Request a quote

Who Should Attend?

  • Security administrators
  • Security consultants
  • Network administrators
  • System engineers
  • Technical support personnel
  • Channel partners and resellers

What You'll Learn
  • Snort rule development process
  • Snort basic rule syntax and usage
  • How traffic is processed by Snort
  • Several advanced rule options used by Snort
  • OpenAppID features and functionality
  • How to monitor the performance of Snort and how to tune rules

Course Outline
  1. Introduction to Snort Rule Development
  2. Snort Rule Syntax and Usage
  3. Traffic Flow Through Snort Rules
  4. Advanced Rule Options
  5. OpenAppID Detection
  6. Tuning Snort
BUY NOW

Labs Outline

Lab 1: Connecting to the Lab Environment

Lab 2: Introducing Snort Rule Development

Lab 3: Basic Rule Syntax and Usage

Lab 4: Advanced Rule Options

Lab 5: OpenAppID

Lab 6: Tuning Snort

BUY NOW

Prerequisites

Basic understanding of:

  • Networking and network protocols
  • Linux command-line utilities
  • Text-editing utilities commonly found in Linux
  • Network security concepts
  • Snort-based IDS/IPS system

Vendor Credits

Cisco's learning credit program has changed.

To help you redeem CLCs, please complete our CLC redemption request form and a Global Knowledge account manager will contact you.

BUY NOW