GBP

EN_GB

Shaping the future of IT skills

Maximising IT performance through learning

Securing Cisco Networks with Snort Rule Writing Best Practices - SSFRULES

WGAC-CSC-SSFRULES

Schedule

See all events for this course

Currently there are no events for this course. Please contact us.

Description

Show Tabs

Introduction

Securing Cisco® Networks with Snort Rule Writing Best Practices (SSFRULES) is an instructor-led course offered by Learning Services High-Touch Delivery. It is a lab-intensive course that introduces students to the open source Snort community and rule-writing best practices.

Users focus exclusively on the Snort rules language and rule writing. Starting from rule syntax and structure to advanced rule-option usage, you will analyze exploit packet captures and put the rule writing theories learned to work—implementing rule-language features to trigger alerts on the offending network traffic.

This course also provides instruction and lab exercises on how to detect certain types of attacks, such as buffer overflows, utilizing various rule-writing techniques. You will test your rule-writing skills in two challenges: a theoretical challenge that tests knowledge of rule syntax and usage, and a practical challenge in which we present an exploit for you to analyze and research so you can defend your installations against the attack.

This course combines lecture materials and hands-on labs throughout to make sure that you are able to successfully understand and implement open source rules

Prerequisites & Audience

Technical understanding of TCP/IP networking and network architecture
Working knowledge of how to use and operate Cisco Sourcefire® Systems or open source Snort
Working knowledge of command-line text editing tools, such as the vi editor
Basic rule-writing experience is suggested

This course is designed for technical professionals who need to know how to write rules and understand open source Snort language. The primary audience for this course includes:

Security administrators
Security consultants
Network administrators
System engineers
Technical support personnel
Channel partners and resellers

Course Benefits

Upon completion of this course, you should be able to:

Understand rule structure, rule syntax, rule options, and their usage
Configure and create Snort rules
Understand the rule optimization process to create efficient rules
Understand preprocessors and how data is presented to the rule engine
Create and implement functional Regular Expressions in Snort rules
Design and apply rules using byte_jump/test/extract rule options
Understand the concepts behind protocol modeling to write rules that perform better

Course Topics

Module 1: Welcome to the Sourcefire Virtual Network
Module 2: Basic Rule Syntax and Usage
Module 3: Rule Optimization
Module 4: Using PCRE in Rules
Module 5: Using Byte_Jump/Test/Extract Rule Options
Module 6: Protocol Modeling Concepts and Using Flowbits in Rule Writing
Module 7: Case Sudies in Rule Writing and Packet Analysis
Module 8: Rule Performance Monitoring
Module 9: Rule Writing Practiceal Labs, Exercises, and Challenges

Certification

Firepower

Cisco courses

Filter courses

Implementing and Configuring Cisco Identity Services Engine - SISE

CODE: WGAC-CSC-SISE

Cisco NSO Administration and DevOps - NSO303

CODE: WGAC-CSC-NSO303

Cisco IOS XR System Administration - IOSXR200

CODE: WGAC-CSC-IOSXR200

Cisco IOS XR Layer 3 VPN Implementation and Verification - IOSXR301

CODE: WGAC-CSC-IOSXR301

Managing Enterprise Networks with Cisco Prime Infrastructure - MENPI

CODE: WGAC-CSC-MENPI

Cisco Digital Network Architecture Implementation Essentials - DNAIE

CODE: WGAC-CSC-DNAIE

Bespoke Introduction to Customizing Reports with Cisco Unified Intelligence Center - BICRCUIC

CODE: WGAC-CSC-BICRCUIC

Implementing Cisco Enterprise Wireless Networks - ENWLSI

CODE: WGAC-CSC-ENWLSI

Cisco IOS XR Basic Troubleshooting - IOSXR201

CODE: WGAC-CSC-IOSXR201

Deploying Basic and Advanced Cisco Wireless LANs Bootcamp - WDBWL-WDAWL

CODE: WGAC-CSC-WDBWL-WDAWL

Implementing Cisco Collaboration Conferencing - CLCNF

CODE: WGAC-CSC-CLCNF

Bespoke Cisco SD Access Technical Training - BCSDATT

CODE: WGAC-CSC-BCSDATT

Implementing DevOps Solutions and Practices using Cisco Platforms - DEVOPS

CODE: WGAC-CSC-DEVOPS

Developing Applications and Automating Workflows using Cisco Core Platforms - DEVASC

CODE: WGAC-CSC-DEVASC

Cisco BE6K CUCM CMS and Expressway Video Solutions - BCCEV

CODE: WGAC-CSC-BCCEV

Configuring Cisco NXOS Switches and Fabrics in the Data Center - DCCNX

CODE: WGAC-CSC-DCCNX

Implementing Segment Routing on Cisco IOS XR - SEGRTE201

CODE: WGAC-CSC-SEGRTE201

Engineering Cisco Meraki Solutions Part 2 - ECMS2

CODE: WGAC-CSC-ECMS2

Implementing Cisco SDWAN Solutions - SDWAN300

CODE: WGAC-CSC-SDWAN300

Introducing Cisco MDS 9000 Series Switches - DCIMDS

CODE: WGAC-CSC-DCIMDS

Implementing Cisco Advanced Call Control and Mobility Services - CLACCM

CODE: WGAC-CSC-CLACCM

Implementing Cisco Collaboration Applications - CLICA

CODE: WGAC-CSC-CLICA

Kubernetes Integration with Cisco CloudCenter Suite v1.0 - CLDKUB

CODE: WGAC-CSC-CLDKUB

Implementing Cisco Catalyst 9000 Switches - ENC9K

CODE: WGAC-CSC-ENC9K

Planning and Deploying SD-Access Fundamentals (for Customers) v1.0 - CUST-SDA-FUND

CODE: WGAC-CSC-CUST-SDA-FUND

Cisco Stealthwatch Network - SNO

CODE: WGAC-CSC-SNO

Cisco NCS 2000 Series Deploying 96Channel - OPT201

CODE: WGAC-CSC-OPT201

Cisco Unified Communications Manager Advanced Administration with Jabber - UCMAAJ

CODE: WGAC-CSC-UCMAAJ

Configuring Cisco Unified Computing System - DCCUCS

CODE: WGAC-CSC-DCCUCS

Introduction to Cisco Finesse Agent Desktop - CIFAD

CODE: WGAC-CSC-CIFAD

Implementing Automation for Cisco Service Provider Solutions - SPAUI

CODE: WGAC-CSC-SPAUI

Cisco Unified Attendant Console Standard End User - CUACSEU

CODE: WGAC-CSC-CUACSEU

Cisco Optical Technology Advanced - OPT300

CODE: WGAC-CSC-OPT300

Cisco Small Business Technical Overview Exam Accelerated Bootcamp - SMBPPTO

CODE: WGAC-CSC-SMBPPTO

Operating Cisco IP Fabric for Media Solution - IPFMSN

CODE: WGAC-CSC-IPFMSN

Securing Email with Cisco Email Security Appliance - SESA

CODE: WGAC-CSC-SESA

Developing Applications Using Cisco Platforms and APIs - DEVCOR

CODE: WGAC-CSC-DEVCOR

Cisco Aggregation Services Router 9000 Series Essentials - ASR9KE

CODE: WGAC-CSC-ASR9KE

Cisco Stealthwatch Security - SSO

CODE: WGAC-CSC-SSO

Securing the Web with Cisco Web Security Appliance - SWSA

CODE: WGAC-CSC-SWSA

Cisco Network Service Orchestrator NSO Essentials for Programmers and Network Architects v3.0 - NSO201

CODE: WGAC-CSC-NSO201

Cisco SDWAN Operation and Deployment - ENSDW

CODE: WGAC-CSC-ENSDW

Cisco Webex Room Kit Support - CWRKS

CODE: WGAC-CSC-CWRKS

Cisco Service Provider 5G Technologies Foundations - SPMBL100

CODE: WGAC-CSC-SPMBL100

Securing Industrial IoT Networks with Cisco Technologies - ISECIN

CODE: WGAC-CSC-ISECIN

Administering Cisco Unified Contact Center Enterprise Part 2 - AUCCE2

CODE: WGAC-CSC-AUCCE2

Cisco Unified Communications Manager Intermediate Administration - CUCMIA

CODE: WGAC-CSC-CUCMIA

Developing Solutions using Cisco IoT and Edge Platforms - DEVIOT

CODE: WGAC-CSC-DEVIOT

Cisco Optical Technology Intermediate - OPT200

CODE: WGAC-CSC-OPT200

Implementing Cisco Enterprise Advanced Routing and Services - ENARSI

CODE: WGAC-CSC-ENARSI

Cisco IOS XR Broadband Network Gateway Implementation and Verification - IOSXR304

CODE: WGAC-CSC-IOSXR304

Leveraging Cisco Intent-Based Networking DNA Assurance v1.0 - DNAAS

CODE: WGAC-CSC-DNAAS

Wireshark Basic Principles - WBP

CODE: WGAC-CSC-WBP

Cisco IPv6 Fundamentals, Design & Deployment - IP6FD

CODE: WGAC-CSC-IP6FD

Introduction to Cisco Sales Express Security - ESICS

CODE: WGAC-CSC-ESICS

Implementing and Operating Cisco Service Provider Network Core Technologies - SPCOR

CODE: WGAC-CSC-SPCOR

Implementing Cisco Application Centric Infrastructure - DCACI

CODE: WGAC-CSC-DCACI

Applying Cisco Business Architecture Discipline - DTBAS

CODE: WGAC-CSC-DTBAS

Securing Networks with Cisco Firepower Next Generation Firewall - SSNGFW

CODE: WGAC-CSC-SSNGFW

Cisco Meeting Server Intermediate - COLLAB250

CODE: WGAC-CSC-COLLAB250

Managing Enterprise Security with Cisco Security Manager - SSECMGT

CODE: WGAC-CSC-SSECMGT

Designing Cisco Enterprise Networks - ENSLD

CODE: WGAC-CSC-ENSLD

Implementing Automation for Cisco Security Solutions - SAUI

CODE: WGAC-CSC-SAUI

Engineering Cisco Meraki Solutions Bundle - ECMSBC

CODE: WGAC-CSC-ECMSBC

Implementing Cisco - MPLS

CODE: WGAC-CSC-MPLS

Cisco Meeting Server Support - SMSS

CODE: WGAC-CSC-SMSS

Implementing Automation for Cisco Collaboration Solutions - CLAUI

CODE: WGAC-CSC-CLAUI

Engineering Cisco Meraki Solutions Part 1 - ECMS1

CODE: WGAC-CSC-ECMS1

Developing Applications for Cisco Webex and Webex Devices - DEVWBX

CODE: WGAC-CSC-DEVWBX

Cisco Meeting Server Implementation - CMSI

CODE: WGAC-CSC-CMSI

Deploying Advanced Cisco Wireless LANs - WDAWL

CODE: WGAC-CSC-WDAWL

Implementing Cisco Unified Communications Manager with Jabber - ICUCMJ

CODE: WGAC-CSC-ICUCMJ

Mastering The Cisco Business Architecture Discipline - DTBAD

CODE: WGAC-CSC-DTBAD

Implementing Cisco SD-WAN Solutions v2.0 - ENSDWI

CODE: WGAC-CSC-ENSDWI

Cisco Stealthwatch for System Administrators - SSA

CODE: WGAC-CSC-SSA

Implementing Cisco Nexus 9000 Switches in NX-OS Mode - Advanced v1.0 - DCNXA

CODE: WGAC-CSC-DCNXA

Multicloud Management with Cisco CloudCenter Suite - CLDCCS

CODE: WGAC-CSC-CLDCCS

Introducing Automation for Cisco Solutions - CSAU

CODE: WGAC-CSC-CSAU

Implementing and Administering Cisco Solutions - CCNA

CODE: WGAC-CSC-CCNA

Designing Cisco Enterprise Wireless Network - ENWLSD

CODE: WGAC-CSC-ENWLSD

Implementing Cisco Tetration Analytics - DCITET

CODE: WGAC-CSC-DCITET

Multicloud Automation and Orchestration with Cisco CloudCenter Suite - CLDAO

CODE: WGAC-CSC-CLDAO

Deploying Cisco SDAccess - ENSDA

CODE: WGAC-CSC-ENSDA

Cisco Unified Contact Centre Express UCCX Video Call Centre Implementation with Jabber - UCCXVCCI

CODE: WGAC-CSC-UCCXVCCI

Introduction to Cisco Sales Express Collaboration for Account Managers - ECICS

CODE: WGAC-CSC-ECICS

Securing Cisco Networks with Open Source Snort - SSFSNORT

CODE: WGAC-CSC-SSFSNORT

Cisco WebEx Teams Implementation - CWTI

CODE: WGAC-CSC-CWTI

Troubleshooting Cisco Data Center Infrastructure - DCIT

CODE: WGAC-CSC-DCIT

Implementing Automation for Cisco Data Center Solutions - DCAUI

CODE: WGAC-CSC-DCAUI

Deploying Cisco Unified Contact Center Express - UCCX

CODE: WGAC-CSC-UCCX

Cisco Unified Communications Security Implementation - CUCS

CODE: WGAC-CSC-CUCS

Deploying Cisco Unified Intelligence Center - DUIC

CODE: WGAC-CSC-DUIC

Cisco Unified Communications IPv6 Implementation - CUCIPI

CODE: WGAC-CSC-CUCIPI

Performing CyberOps Using Cisco Security Technologies - CBRCOR

CODE: WGAC-CSC-CBRCOR

Designing Cisco Data Center Infrastructure - DCID

CODE: WGAC-CSC-DCID

Network Convergence System 5500 Series Router v1.0 - NCS5500HW

CODE: WGAC-CSC-NCS5500HW

Implementing Cisco Service Provider VPN Services - SPVI

CODE: WGAC-CSC-SPVI

Implementing Cisco Enterprise SD-Branch v1.0 - ENSDBI

CODE: WGAC-CSC-ENSDBI

Cisco Next Generation Wireless with Catalyst 9800 - CNGW9800

CODE: WGAC-CSC-CNGW9800

Implementing Automation for Cisco Enterprise Solutions - ENAUI

CODE: WGAC-CSC-ENAUI

Introduction to Cisco Sales Express Networking - ENICS

CODE: WGAC-CSC-ENICS

Cisco Express Networking Bootcamp Engineer Track - OCSE

CODE: WGAC-CSC-OCSE

Cisco ASR 9000 Series IOS XR 64Bit Software Migration and Operational Enhancements - IOSXR211

CODE: WGAC-CSC-IOSXR211

Understanding Cisco Wireless Foundations - WLFNDU

CODE: WGAC-CSC-WLFNDU

Implementing Cisco Service Provider Advanced Routing Solutions - SPRI

CODE: WGAC-CSC-SPRI

Implementing an Integrated Threat Defense Solution - SECUR201

CODE: WGAC-CSC-SECUR201

Cisco Unified Contact Centre Express Advanced Administration - CUCCXAA

CODE: WGAC-CSC-CUCCXAA

Configuring VXLANs on Cisco Nexus 9000 Series Switches - DCVX9K

CODE: WGAC-CSC-DCVX9K

Understanding Cisco Cybersecurity Operations Fundamentals - CBROPS

CODE: WGAC-CSC-CBROPS

Deploying Cloud Connect Solutions with Cisco Cloud Services Router 1000V v1.0 - CLDCSR

CODE: WGAC-CSC-CLDCSR

Protecting Against Malware Threats with Cisco AMP for Endpoints - SSFAMP

CODE: WGAC-CSC-SSFAMP

Implementing Cisco Quality of Service - QOS

CODE: WGAC-CSC-QOS

Cisco Stealthwatch Tuning - SWAT

CODE: WGAC-CSC-SWAT

Implementing Cisco HyperFlex - DCIHX

CODE: WGAC-CSC-DCIHX

Cisco MDS 9000 Series Switches Overview - DCMDSO

CODE: WGAC-CSC-DCMDSO

Cisco Virtual WideArea Application Services - VWAAS

CODE: WGAC-CSC-VWAAS

Implementing Cisco Collaboration Devices Express Collaboration for Systems Engineer - ECCICD

CODE: WGAC-CSC-ECCICD

Cisco Video Infrastructure Implementation VII

CODE: WGAC-CLC-VII

Adopting The Cisco Business Architecture Approach - DTBAA

CODE: WGAC-CSC-DTBAA

Implementing and Operating Cisco Data Center Core Technologies - DCCOR

CODE: WGAC-CSC-DCCOR

Implementing and Operating Cisco Collaboration Core Technologies - CLCOR

CODE: WGAC-CSC-CLCOR

Cisco UC Technical Training for Help Desk Engineers - UCTTHD

CODE: WGAC-CSC-UCTTHD

Bespoke Cisco Packaged Contact Centre Enterprise Workshop - BCPCCXW

CODE: WGAC-CSC-BCPCCXW

Introduction to Cisco Sales SMB Account Manager - SMBICS

CODE: WGAC-CSC-SMBICS

Configuring Cisco MDS 9000 Switches - DCMDS

CODE: WGAC-CSC-DCMDS

Cisco Unified Contact Centre Express Bespoke UCCX CUCM CUC - CUCCE

CODE: WGAC-CSC-CUCCE

Cisco Customer Success Manager - DTCSM

CODE: WGAC-CSC-DTCSM

Cisco Meeting Server Advanced - COLLAB350

CODE: WGAC-CSC-COLLAB350

Introducing Cisco Nexus 9000 Switches in NXOS Mode - DCINX9K

CODE: WGAC-CSC-DCINX9K

Introducing Cisco Cloud Consumer Security - SECICC

CODE: WGAC-CSC-SECICC

Implementing Secure Solutions with Virtual Private Networks - SVPN

CODE: WGAC-CSC-SVPN

Securing Cisco Networks with Snort Rule Writing Best Practices - SSFRULES

CODE: WGAC-CSC-SSFRULES

Cisco SD-WAN Operation and Deployment v1.0 - SDWFND

CODE: WGAC-CSC-SDWFND

Networking & TCP/IP Fundamentals - NWF

CODE: WGAC-CSC-NWF

Cisco Application Centric Infrastructure Operations and Troubleshooting - DCACIO

CODE: WGAC-CSC-DCACIO

Operating and Implementing Cisco WAN Automation Engine - WAE200

CODE: WGAC-CSC-WAE200

Transforming to a Cisco Intent-Based Network v1.0 - IBNTRN

CODE: WGAC-CSC-IBNTRN

Deploying Cisco Connected Mobile Experiences - WCMX

CODE: WGAC-CSC-WCMX

Securing Cloud Deployments With Cisco Technologies - SECCLD

CODE: WGAC-CSC-SECCLD

Generating Reports with Cisco Unified Intelligence Center - CGRUIC

CODE: WGAC-CSC-CGRUIC

Implementing and Operating Cisco Security Core Technologies - SCOR

CODE: WGAC-CSC-SCOR

Bespoke Cisco Unified Contact Centre Enterprise Workshop - BUCCXW

CODE: WGAC-CSC-BUCCXW

Cisco Unified Attendant Console Standard Administration - CUACS

CODE: WGAC-CSC-CUACS

Configuring the Cisco Nexus 9000 in NXOS Mode - C9KNX

CODE: WGAC-CSC-C9KNX

Integrated Threat Defense Investigation and Mitigation - SECUR202

CODE: WGAC-CSC-SECUR202

Cisco Big Data Analytics& Architecture and Management - ANDMB

CODE: WGAC-CSC-ANDMB

Administering Cisco Unified Contact Center Enterprise Part 1 - AUCCE1

CODE: WGAC-CSC-AUCCE1

Managing SAN Infrastructure with Cisco Data Center Network Manager v1.0 - DCNMS

CODE: WGAC-CSC-DCNMS

Understanding Cisco Data Center Foundations - DCFNDU

CODE: WGAC-CSC-DCFNDU

Implementing Cisco NX-OS Switches and Fabrics in the Data Center v1.0 - DCNX

CODE: WGAC-CSC-DCNX

Introduction to Cisco Finesse Supervisor Desktop - CIFSD

CODE: WGAC-CSC-CIFSD

Express Security for Systems Engineer Bootcamp - ASAESE

CODE: WGAC-CSC-ASAESE

Cisco BE6K CUCM TelePresence and Expressway Video Solutions - BE6KBC

CODE: WGAC-CSC-BE6KBC

Cisco Certified Technician Supporting Cisco Routing and Switching Network Devices - RSTECH

CODE: WGAC-CSC-RSTECH

DNAC Activation and Assurance - DNACAA

CODE: WGAC-CSC-DNACAA

Implementing Cisco Multicast - MCAST

CODE: WGAC-CSC-MCAST

Introduction to Cisco Sales - ICS

CODE: WGAC-CSC-ICS

Securing Networks with Cisco Firepower NextGeneration IPS - SSFIPS

CODE: WGAC-CSC-SSFIPS

Introducing Cisco Unified Computing System - DCIUCS

CODE: WGAC-CSC-DCIUCS

Cisco Policy Suite Core Technologies for Mobility - CPSCTM

CODE: WGAC-CSC-CPSCTM

Implementing and Operating Cisco Enterprise Network Core Technologies - ENCOR

CODE: WGAC-CSC-ENCOR

Cisco Unified Communications Manager Advanced Admin - CUCMAA

CODE: WGAC-CSC-CUCMAA

Configuring BGP on Cisco Routers - BGP

CODE: WGAC-CSC-BGP

Understanding Cisco Service Provider Network Foundations - SPFNDU

CODE: WGAC-CSC-SPFNDU

Cisco NSO Advanced for Python Programmers - NSO300

CODE: WGAC-CSC-NSO300

Understanding Cisco Collaboration Foundations - CLFNDU

CODE: WGAC-CSC-CLFNDU

Cisco IOS XR Multicast Routing Implementation and Verification - IOSXR302

CODE: WGAC-CSC-IOSXR302

Deploying Cisco Unified Contact Center Enterprise Software - DUCCE

CODE: WGAC-CSC-DUCCE

Introducing Cisco NXOS Switches and Fabrics in the Data Center - DCINX

CODE: WGAC-CSC-DCINX

Deploying Basic Cisco Wireless LANs - WDBWL

CODE: WGAC-CSC-WDBWL

Introduction to Cisco IOS XR - IOSXR100

CODE: WGAC-CSC-IOSXR100

Cisco Webex Teams & BE6K Implementation - WTHI

CODE: WGAC-CSC-WTHI

Implementing Cisco Collaboration Cloud and Edge Solutions - CLCEI

CODE: WGAC-CSC-CLCEI

Introduction to 802.1X Operations for Cisco Security Professionals

CODE: WGAC-CSC-802.1X

Cisco Small Business Technical Overview Bootcamp - SBTO

CODE: WGAC-CSC-SBTO

We use cookies to understand how you use our site and to improve your experience. To learn more, click here. Read our revised Privacy Policy and Terms and Conditions.