logo


your one source for IT & AV

Training Presentation Systems Services & Consulting Cloud Services Purchase Client Center Computer Museum
Arrow Course Schedule | Classroom Rentals | Student Information | Free Seminars | Client Feedback | Partners | Survey | Standby Discounts

SSFRULES - Securing Cisco Networks with Snort Rule Writing Best Practices v2.1

SS Course: GK5827

Course Overview

TOP

In this course, you will learn about the key features and characteristics of a typical Snort rule development environment. You will develop and test custom rules in a preinstalled Snort environment and identify how to use advanced rule-writing techniques. You will investigate how to include OpenAppID in your rules and also identify how to filter rules and monitor their performance.

This course combines lecture materials and hands-on labs that give you practice in creating Snort rules.

This lab-intensive course introduces you to Snort rule writing. Among other powerful features, you become familiar with:

  • Snort rule development
  • Snort rule language
  • Standard and advanced rule options
  • OpenAppID
  • Tuning

This course is eligible for 24 Continuing Education Credits (ILT & ELT Modality).

                                                                  

Scheduled Classes

TOP
04/22/24 - GVT - Virtual Classroom - Virtual Instructor-Led

Outline

TOP
  1. Introduction to Snort Rule Development
  2. Snort Rule Syntax and Usage
  3. Traffic Flow Through Snort Rules
  4. Advanced Rule Options
  5. OpenAppID Detection
  6. Tuning Snort

    Prerequisites

    TOP

    Basic understanding of:

    • Networking and network protocols
    • Linux command-line utilities
    • Text-editing utilities commonly found in Linux
    • Network security concepts
    • Snort-based IDS/IPS system

      Who Should Attend

      TOP
      • Security administrators
      • Security consultants
      • Network administrators
      • System engineers
      • Technical support personnel
      • Channel partners and resellers