Cisco Securing Cisco Networks with Snort Rule Writing Best Practices v2.1 (SSFRULES)

Skip to Scheduled Dates

Course Overview

The Securing Cisco Networks with Snort Rule Writing Best Practices (SSFRules) v2.1 course shows you how to write rules for Snort, an open-source intrusion detection and prevention system. Through a combination of expert-instruction and hands-on practice, this course provides you with the knowledge and skills to develop and test custom rules, standard and advanced rules-writing techniques, how to integrate OpenAppID into rules, rules filtering, rules tuning, and more. The hands-on labs give you practice in creating and testing Snort rules.

Who Should Attend

  • Security administrators
  • Security consultants
  • Network administrators
  • System engineers
  • Technical support personnel using open source IDS and IPS
  • Channel partners and resellers

Course Objectives

    • Describe the Snort rule development process
    • Describe the Snort basic rule syntax and usage
    • Describe how traffic is processed by Snort
    • Describe several advanced rule options used by Snort
    • Describe OpenAppID features and functionality
    • Describe how to monitor the performance of Snort and how to tune rules

Course Outline

  • Introduction to Snort Rule Development
  • Snort Rule Syntax and Usage
  • Traffic Flow Through Snort Rules
  • Advanced Rule Options
  • OpenAppID Detection
  • Tuning Snort

 Back to Course Search

Class Dates & Times

Class times are listed Central time

This is a 3-day class

Price: $2,795.00

Class dates not listed.
Please contact us for available dates and times.