GBP

Shaping the future of IT skills

Maximising IT performance through learning

Securing Cisco Networks with Snort Rule Writing Best Practices - SSFRULES

WGAC-CSC-SSFRULES

Schedule

See all events for this course

Currently there are no events for this course. Please contact us.

Description

Show Tabs

Introduction

Securing Cisco® Networks with Snort Rule Writing Best Practices (SSFRULES) is an instructor-led course offered by Learning Services High-Touch Delivery. It is a lab-intensive course that introduces students to the open source Snort community and rule-writing best practices.

Users focus exclusively on the Snort rules language and rule writing. Starting from rule syntax and structure to advanced rule-option usage, you will analyze exploit packet captures and put the rule writing theories learned to work—implementing rule-language features to trigger alerts on the offending network traffic.

This course also provides instruction and lab exercises on how to detect certain types of attacks, such as buffer overflows, utilizing various rule-writing techniques. You will test your rule-writing skills in two challenges: a theoretical challenge that tests knowledge of rule syntax and usage, and a practical challenge in which we present an exploit for you to analyze and research so you can defend your installations against the attack.

This course combines lecture materials and hands-on labs throughout to make sure that you are able to successfully understand and implement open source rules

Prerequisites & Audience

Technical understanding of TCP/IP networking and network architecture
Working knowledge of how to use and operate Cisco Sourcefire® Systems or open source Snort
Working knowledge of command-line text editing tools, such as the vi editor
Basic rule-writing experience is suggested

This course is designed for technical professionals who need to know how to write rules and understand open source Snort language. The primary audience for this course includes:

Security administrators
Security consultants
Network administrators
System engineers
Technical support personnel
Channel partners and resellers

Course Benefits

Upon completion of this course, you should be able to:

Understand rule structure, rule syntax, rule options, and their usage
Configure and create Snort rules
Understand the rule optimization process to create efficient rules
Understand preprocessors and how data is presented to the rule engine
Create and implement functional Regular Expressions in Snort rules
Design and apply rules using byte_jump/test/extract rule options
Understand the concepts behind protocol modeling to write rules that perform better

Course Topics

Module 1: Welcome to the Sourcefire Virtual Network
Module 2: Basic Rule Syntax and Usage
Module 3: Rule Optimization
Module 4: Using PCRE in Rules
Module 5: Using Byte_Jump/Test/Extract Rule Options
Module 6: Protocol Modeling Concepts and Using Flowbits in Rule Writing
Module 7: Case Sudies in Rule Writing and Packet Analysis
Module 8: Rule Performance Monitoring
Module 9: Rule Writing Practiceal Labs, Exercises, and Challenges

Certification

Firepower

Cisco courses

Filter courses

Deploying Cisco Connected Mobile Experiences - WCMX

CODE: WGAC-CSC-WCMX

Cisco UC Technical Training for Help Desk Engineers - UCTTHD

CODE: WGAC-CSC-UCTTHD

Implementing Automation for Cisco Security Solutions - SAUI

CODE: WGAC-CSC-SAUI

Cisco Unified Communications Manager Intermediate Administration - CUCMIA

CODE: WGAC-CSC-CUCMIA

Deploying Cisco Unified Intelligence Center - DUIC

CODE: WGAC-CSC-DUIC

Implementing and Administering Cisco Solutions - CCNA

CODE: WGAC-CSC-CCNA

Cisco NSO Advanced for Python Programmers - NSO300

CODE: WGAC-CSC-NSO300

Implementing an Integrated Threat Defense Solution - SECUR201

CODE: WGAC-CSC-SECUR201

Cisco Service Provider 5G Technologies Foundations - SPMBL100

CODE: WGAC-CSC-SPMBL100

Cisco Network Service Orchestrator NSO Essentials for Programmers and Network Architects v3.0 - NSO201

CODE: WGAC-CSC-NSO201

Cisco Unified Communications Manager Advanced Administration with Jabber - UCMAAJ

CODE: WGAC-CSC-UCMAAJ

Developing Applications and Automating Workflows using Cisco Core Platforms - DEVASC

CODE: WGAC-CSC-DEVASC

Cisco Aggregation Services Router 9000 Series Essentials - ASR9KE

CODE: WGAC-CSC-ASR9KE

Cisco NCS 2000 Series Deploying 96Channel - OPT201

CODE: WGAC-CSC-OPT201

Introducing Cisco Unified Computing System - DCIUCS

CODE: WGAC-CSC-DCIUCS

Introduction to Cisco Sales Express Security - ESICS

CODE: WGAC-CSC-ESICS

Implementing Cisco Tetration Analytics - DCITET

CODE: WGAC-CSC-DCITET

Implementing Cisco Enterprise Advanced Routing and Services - ENARSI

CODE: WGAC-CSC-ENARSI

Cisco Stealthwatch Network - SNO

CODE: WGAC-CSC-SNO

Securing Cisco Networks with Open Source Snort - SSFSNORT

CODE: WGAC-CSC-SSFSNORT

Deploying Basic Cisco Wireless LANs - WDBWL

CODE: WGAC-CSC-WDBWL

Securing Industrial IoT Networks with Cisco Technologies - ISECIN

CODE: WGAC-CSC-ISECIN

Implementing Cisco Quality of Service - QOS

CODE: WGAC-CSC-QOS

Implementing Cisco Collaboration Cloud and Edge Solutions - CLCEI

CODE: WGAC-CSC-CLCEI

Cisco Meeting Server Support - SMSS

CODE: WGAC-CSC-SMSS

Cisco Express Networking Bootcamp Engineer Track - OCSE

CODE: WGAC-CSC-OCSE

Cisco IPv6 Fundamentals, Design & Deployment - IP6FD

CODE: WGAC-CSC-IP6FD

Cisco SDWAN Operation and Deployment - ENSDW

CODE: WGAC-CSC-ENSDW

Cisco MDS 9000 Series Switches Overview - DCMDSO

CODE: WGAC-CSC-DCMDSO

Designing Cisco Enterprise Wireless Network - ENWLSD

CODE: WGAC-CSC-ENWLSD

Bespoke Introduction to Customizing Reports with Cisco Unified Intelligence Center - BICRCUIC

CODE: WGAC-CSC-BICRCUIC

Securing Cloud Deployments With Cisco Technologies - SECCLD

CODE: WGAC-CSC-SECCLD

Implementing and Operating Cisco Data Center Core Technologies - DCCOR

CODE: WGAC-CSC-DCCOR

Implementing Automation for Cisco Service Provider Solutions - SPAUI

CODE: WGAC-CSC-SPAUI

Introducing Cisco Nexus 9000 Switches in NXOS Mode - DCINX9K

CODE: WGAC-CSC-DCINX9K

Cisco Optical Technology Intermediate - OPT200

CODE: WGAC-CSC-OPT200

Adopting The Cisco Business Architecture Approach - DTBAA

CODE: WGAC-CSC-DTBAA

Cisco Meeting Server Implementation - CMSI

CODE: WGAC-CSC-CMSI

Cisco Stealthwatch Tuning - SWAT

CODE: WGAC-CSC-SWAT

Deploying Cisco Unified Contact Center Enterprise Software - DUCCE

CODE: WGAC-CSC-DUCCE

Generating Reports with Cisco Unified Intelligence Center - CGRUIC

CODE: WGAC-CSC-CGRUIC

Introduction to Cisco Sales - ICS

CODE: WGAC-CSC-ICS

Implementing and Operating Cisco Security Core Technologies - SCOR

CODE: WGAC-CSC-SCOR

Cisco Stealthwatch Security - SSO

CODE: WGAC-CSC-SSO

Implementing Automation for Cisco Data Center Solutions - DCAUI

CODE: WGAC-CSC-DCAUI

Implementing Cisco Multicast - MCAST

CODE: WGAC-CSC-MCAST

Managing Enterprise Security with Cisco Security Manager - SSECMGT

CODE: WGAC-CSC-SSECMGT

Implementing Cisco HyperFlex - DCIHX

CODE: WGAC-CSC-DCIHX

Administering Cisco Unified Contact Center Enterprise Part 2 - AUCCE2

CODE: WGAC-CSC-AUCCE2

Cisco Unified Contact Centre Express UCCX Video Call Centre Implementation with Jabber - UCCXVCCI

CODE: WGAC-CSC-UCCXVCCI

Deploying Cisco SDAccess - ENSDA

CODE: WGAC-CSC-ENSDA

Cisco Unified Communications Manager Advanced Admin - CUCMAA

CODE: WGAC-CSC-CUCMAA

Cisco Certified Technician Supporting Cisco Routing and Switching Network Devices - RSTECH

CODE: WGAC-CSC-RSTECH

Cisco Digital Network Architecture Implementation Essentials - DNAIE

CODE: WGAC-CSC-DNAIE

Introduction to Cisco Sales Express Collaboration for Account Managers - ECICS

CODE: WGAC-CSC-ECICS

Introduction to Cisco Sales Express Networking - ENICS

CODE: WGAC-CSC-ENICS

Introduction to Cisco Sales SMB Account Manager - SMBICS

CODE: WGAC-CSC-SMBICS

Protecting Against Malware Threats with Cisco AMP for Endpoints - SSFAMP

CODE: WGAC-CSC-SSFAMP

Cisco Webex Teams & BE6K Implementation - WTHI

CODE: WGAC-CSC-WTHI

Introducing Cisco MDS 9000 Series Switches - DCIMDS

CODE: WGAC-CSC-DCIMDS

Implementing Automation for Cisco Collaboration Solutions - CLAUI

CODE: WGAC-CSC-CLAUI

Securing Cisco Networks with Snort Rule Writing Best Practices - SSFRULES

CODE: WGAC-CSC-SSFRULES

Understanding Cisco Service Provider Network Foundations - SPFNDU

CODE: WGAC-CSC-SPFNDU

Introducing Automation for Cisco Solutions - CSAU

CODE: WGAC-CSC-CSAU

Multicloud Automation and Orchestration with Cisco CloudCenter Suite - CLDAO

CODE: WGAC-CSC-CLDAO

Developing Applications for Cisco Webex and Webex Devices - DEVWBX

CODE: WGAC-CSC-DEVWBX

Multicloud Management with Cisco CloudCenter Suite - CLDCCS

CODE: WGAC-CSC-CLDCCS

Cisco Meeting Server Advanced - COLLAB350

CODE: WGAC-CSC-COLLAB350

Applying Cisco Business Architecture Discipline - DTBAS

CODE: WGAC-CSC-DTBAS

Cisco WebEx Teams Implementation - CWTI

CODE: WGAC-CSC-CWTI

Bespoke Cisco Unified Contact Centre Enterprise Workshop - BUCCXW

CODE: WGAC-CSC-BUCCXW

Cisco IOS XR Broadband Network Gateway Implementation and Verification - IOSXR304

CODE: WGAC-CSC-IOSXR304

Cisco Unified Contact Centre Express Advanced Administration - CUCCXAA

CODE: WGAC-CSC-CUCCXAA

Cisco Unified Communications Security Implementation - CUCS

CODE: WGAC-CSC-CUCS

Cisco Policy Suite Core Technologies for Mobility - CPSCTM

CODE: WGAC-CSC-CPSCTM

Networking & TCP/IP Fundamentals - NWF

CODE: WGAC-CSC-NWF

Operating and Implementing Cisco WAN Automation Engine - WAE200

CODE: WGAC-CSC-WAE200

Leveraging Cisco Intent-Based Networking DNA Assurance v1.0 - DNAAS

CODE: WGAC-CSC-DNAAS

Cisco SD-WAN Operation and Deployment v1.0 - SDWFND

CODE: WGAC-CSC-SDWFND

Deploying Advanced Cisco Wireless LANs - WDAWL

CODE: WGAC-CSC-WDAWL

Express Security for Systems Engineer Bootcamp - ASAESE

CODE: WGAC-CSC-ASAESE

Designing Cisco Data Center Infrastructure - DCID

CODE: WGAC-CSC-DCID

Implementing Cisco Advanced Call Control and Mobility Services - CLACCM

CODE: WGAC-CSC-CLACCM

Engineering Cisco Meraki Solutions Part 2 - ECMS2

CODE: WGAC-CSC-ECMS2

Introduction to Cisco Finesse Supervisor Desktop - CIFSD

CODE: WGAC-CSC-CIFSD

Deploying Cisco Unified Contact Center Express - UCCX

CODE: WGAC-CSC-UCCX

DNAC Activation and Assurance - DNACAA

CODE: WGAC-CSC-DNACAA

Performing CyberOps Using Cisco Security Technologies - CBRCOR

CODE: WGAC-CSC-CBRCOR

Implementing Cisco SD-WAN Solutions v2.0 - ENSDWI

CODE: WGAC-CSC-ENSDWI

Understanding Cisco Collaboration Foundations - CLFNDU

CODE: WGAC-CSC-CLFNDU

Engineering Cisco Meraki Solutions Bundle - ECMSBC

CODE: WGAC-CSC-ECMSBC

Implementing Cisco Unified Communications Manager with Jabber - ICUCMJ

CODE: WGAC-CSC-ICUCMJ

Securing Networks with Cisco Firepower Next Generation Firewall - SSNGFW

CODE: WGAC-CSC-SSNGFW

Cisco Small Business Technical Overview Exam Accelerated Bootcamp - SMBPPTO

CODE: WGAC-CSC-SMBPPTO

Cisco BE6K CUCM CMS and Expressway Video Solutions - BCCEV

CODE: WGAC-CSC-BCCEV

Implementing Automation for Cisco Enterprise Solutions - ENAUI

CODE: WGAC-CSC-ENAUI

Introduction to 802.1X Operations for Cisco Security Professionals

CODE: WGAC-CSC-802.1X

Introduction to Cisco Finesse Agent Desktop - CIFAD

CODE: WGAC-CSC-CIFAD

Implementing Segment Routing on Cisco IOS XR - SEGRTE201

CODE: WGAC-CSC-SEGRTE201

Understanding Cisco Data Center Foundations - DCFNDU

CODE: WGAC-CSC-DCFNDU

Cisco Big Data Analytics& Architecture and Management - ANDMB

CODE: WGAC-CSC-ANDMB

Implementing Cisco Service Provider Advanced Routing Solutions - SPRI

CODE: WGAC-CSC-SPRI

Cisco Application Centric Infrastructure Operations and Troubleshooting - DCACIO

CODE: WGAC-CSC-DCACIO

Understanding Cisco Cybersecurity Operations Fundamentals - CBROPS

CODE: WGAC-CSC-CBROPS

Cisco IOS XR Multicast Routing Implementation and Verification - IOSXR302

CODE: WGAC-CSC-IOSXR302

Planning and Deploying SD-Access Fundamentals (for Customers) v1.0 - CUST-SDA-FUND

CODE: WGAC-CSC-CUST-SDA-FUND

Implementing Cisco Catalyst 9000 Switches - ENC9K

CODE: WGAC-CSC-ENC9K

Cisco Video Infrastructure Implementation VII

CODE: WGAC-CLC-VII

Designing Cisco Enterprise Networks - ENSLD

CODE: WGAC-CSC-ENSLD

Implementing DevOps Solutions and Practices using Cisco Platforms - DEVOPS

CODE: WGAC-CSC-DEVOPS

Cisco IOS XR Basic Troubleshooting - IOSXR201

CODE: WGAC-CSC-IOSXR201

Introducing Cisco Cloud Consumer Security - SECICC

CODE: WGAC-CSC-SECICC

Network Convergence System 5500 Series Router v1.0 - NCS5500HW

CODE: WGAC-CSC-NCS5500HW

Cisco Stealthwatch for System Administrators - SSA

CODE: WGAC-CSC-SSA

Implementing Cisco Nexus 9000 Switches in NX-OS Mode - Advanced v1.0 - DCNXA

CODE: WGAC-CSC-DCNXA

Configuring Cisco Unified Computing System - DCCUCS

CODE: WGAC-CSC-DCCUCS

Transforming to a Cisco Intent-Based Network v1.0 - IBNTRN

CODE: WGAC-CSC-IBNTRN

Introducing Cisco NXOS Switches and Fabrics in the Data Center - DCINX

CODE: WGAC-CSC-DCINX

Cisco BE6K CUCM TelePresence and Expressway Video Solutions - BE6KBC

CODE: WGAC-CSC-BE6KBC

Managing SAN Infrastructure with Cisco Data Center Network Manager v1.0 - DCNMS

CODE: WGAC-CSC-DCNMS

Implementing Cisco Enterprise SD-Branch v1.0 - ENSDBI

CODE: WGAC-CSC-ENSDBI

Bespoke Cisco Packaged Contact Centre Enterprise Workshop - BCPCCXW

CODE: WGAC-CSC-BCPCCXW

Implementing Cisco Enterprise Wireless Networks - ENWLSI

CODE: WGAC-CSC-ENWLSI

Securing Email with Cisco Email Security Appliance - SESA

CODE: WGAC-CSC-SESA

Wireshark Basic Principles - WBP

CODE: WGAC-CSC-WBP

Integrated Threat Defense Investigation and Mitigation - SECUR202

CODE: WGAC-CSC-SECUR202

Implementing Cisco Collaboration Applications - CLICA

CODE: WGAC-CSC-CLICA

Cisco NSO Administration and DevOps - NSO303

CODE: WGAC-CSC-NSO303

Cisco Meeting Server Intermediate - COLLAB250

CODE: WGAC-CSC-COLLAB250

Cisco IOS XR System Administration - IOSXR200

CODE: WGAC-CSC-IOSXR200

Cisco Unified Communications IPv6 Implementation - CUCIPI

CODE: WGAC-CSC-CUCIPI

Cisco Unified Attendant Console Standard Administration - CUACS

CODE: WGAC-CSC-CUACS

Developing Applications Using Cisco Platforms and APIs - DEVCOR

CODE: WGAC-CSC-DEVCOR

Implementing Cisco - MPLS

CODE: WGAC-CSC-MPLS

Implementing and Operating Cisco Service Provider Network Core Technologies - SPCOR

CODE: WGAC-CSC-SPCOR

Troubleshooting Cisco Data Center Infrastructure - DCIT

CODE: WGAC-CSC-DCIT

Implementing Cisco NX-OS Switches and Fabrics in the Data Center v1.0 - DCNX

CODE: WGAC-CSC-DCNX

Deploying Cloud Connect Solutions with Cisco Cloud Services Router 1000V v1.0 - CLDCSR

CODE: WGAC-CSC-CLDCSR

Implementing Cisco SDWAN Solutions - SDWAN300

CODE: WGAC-CSC-SDWAN300

Administering Cisco Unified Contact Center Enterprise Part 1 - AUCCE1

CODE: WGAC-CSC-AUCCE1

Developing Solutions using Cisco IoT and Edge Platforms - DEVIOT

CODE: WGAC-CSC-DEVIOT

Implementing and Operating Cisco Enterprise Network Core Technologies - ENCOR

CODE: WGAC-CSC-ENCOR

Configuring Cisco NXOS Switches and Fabrics in the Data Center - DCCNX

CODE: WGAC-CSC-DCCNX

Implementing Cisco Service Provider VPN Services - SPVI

CODE: WGAC-CSC-SPVI

Implementing Secure Solutions with Virtual Private Networks - SVPN

CODE: WGAC-CSC-SVPN

Configuring the Cisco Nexus 9000 in NXOS Mode - C9KNX

CODE: WGAC-CSC-C9KNX

Mastering The Cisco Business Architecture Discipline - DTBAD

CODE: WGAC-CSC-DTBAD

Cisco ASR 9000 Series IOS XR 64Bit Software Migration and Operational Enhancements - IOSXR211

CODE: WGAC-CSC-IOSXR211

Implementing and Operating Cisco Collaboration Core Technologies - CLCOR

CODE: WGAC-CSC-CLCOR

Introduction to Cisco IOS XR - IOSXR100

CODE: WGAC-CSC-IOSXR100

Understanding Cisco Wireless Foundations - WLFNDU

CODE: WGAC-CSC-WLFNDU

Operating Cisco IP Fabric for Media Solution - IPFMSN

CODE: WGAC-CSC-IPFMSN

Configuring Cisco MDS 9000 Switches - DCMDS

CODE: WGAC-CSC-DCMDS

Deploying Basic and Advanced Cisco Wireless LANs Bootcamp - WDBWL-WDAWL

CODE: WGAC-CSC-WDBWL-WDAWL

Cisco Customer Success Manager - DTCSM

CODE: WGAC-CSC-DTCSM

Implementing Cisco Collaboration Conferencing - CLCNF

CODE: WGAC-CSC-CLCNF

Bespoke Cisco SD Access Technical Training - BCSDATT

CODE: WGAC-CSC-BCSDATT

Securing Networks with Cisco Firepower NextGeneration IPS - SSFIPS

CODE: WGAC-CSC-SSFIPS

Managing Enterprise Networks with Cisco Prime Infrastructure - MENPI

CODE: WGAC-CSC-MENPI

Engineering Cisco Meraki Solutions Part 1 - ECMS1

CODE: WGAC-CSC-ECMS1

Deploying Cisco Unified Contact Center Express - UCCXD

CODE: WGAC-CSC-UCCXD

Cisco IOS XR Layer 3 VPN Implementation and Verification - IOSXR301

CODE: WGAC-CSC-IOSXR301

Configuring BGP on Cisco Routers - BGP

CODE: WGAC-CSC-BGP

Kubernetes Integration with Cisco CloudCenter Suite v1.0 - CLDKUB

CODE: WGAC-CSC-CLDKUB

Configuring VXLANs on Cisco Nexus 9000 Series Switches - DCVX9K

CODE: WGAC-CSC-DCVX9K

Cisco Webex Room Kit Support - CWRKS

CODE: WGAC-CSC-CWRKS

Cisco Unified Contact Centre Express Bespoke UCCX CUCM CUC - CUCCE

CODE: WGAC-CSC-CUCCE

Implementing Cisco Application Centric Infrastructure - DCACI

CODE: WGAC-CSC-DCACI

Cisco Virtual WideArea Application Services - VWAAS

CODE: WGAC-CSC-VWAAS

Cisco Optical Technology Advanced - OPT300

CODE: WGAC-CSC-OPT300

Securing the Web with Cisco Web Security Appliance - SWSA

CODE: WGAC-CSC-SWSA

Cisco Unified Attendant Console Standard End User - CUACSEU

CODE: WGAC-CSC-CUACSEU

Cisco Next Generation Wireless with Catalyst 9800 - CNGW9800

CODE: WGAC-CSC-CNGW9800

Implementing Cisco Collaboration Devices Express Collaboration for Systems Engineer - ECCICD

CODE: WGAC-CSC-ECCICD

Implementing and Configuring Cisco Identity Services Engine - SISE

CODE: WGAC-CSC-SISE

We use cookies to understand how you use our site and to improve your experience. To learn more, click here. Read our revised Privacy Policy and Terms and Conditions.