Got a question? Call 1800 853 276   |   

Securing Cisco Networks with Snort Rule Writing Best Practices (CLS-SSFRULES)

  • Length 3 days
  • Price $4620 inc GST
  • Version 2.1
Course overview
View dates &
book now
  • Register interest

Why study this course

This course shows you how to write rules for Snort, an open-source intrusion detection and prevention system. Through a combination of expert-instruction and hands-on practice, this course provides you with the knowledge and skills to develop and test custom rules, standard and advanced rules-writing techniques, how to integrate OpenAppID into rules, rules filtering, rules tuning, and more. The hands-on labs give you practice in creating and testing Snort rules.

This course will help you:

  • Gain an understanding of characteristics of a typical Snort rule development environment

  • Gain hands-on practices on creating rules for Snort

  • Gain knowledge in Snort rule development, Snort rule language, standard and advanced rule options

Request Course Information

By submitting an enquiry, you agree to our privacy policy and receiving email and other forms of communication from us. You can opt-out at any time.


What you’ll learn

Upon completion of this course, you should be able to:

  • Describe the Snort rule development process

  • Describe the Snort basic rule syntax and usage

  • Describe how traffic is processed by Snort

  • Describe several advanced rule options used by Snort

  • Describe OpenAppID features and functionality

  • Describe how to monitor the performance of Snort and how to tune rules


Cisco at DDLS

DDLS is a Platinum Learning Partner and we are the largest provider of authorised Cisco training in Australia, offering a wider range of Cisco courses, run more often than any of our competitors. DDLS has won awards such as ANZ Learning Partner of the Year (twice!) and APJC Top Quality Learning Partner of the Year.


Stay ahead of the technology curve

Don’t let your tech outpace the skills of your people

Quality instructors and content

Expert instructors with real world experience and the latest vendor- approved in-depth course content.

Partner-Preferred Supplier

Chosen and awarded by the world’s leading vendors as preferred training partner.

Ahead of the technology curve

No matter your chosen technologies or platforms, we can help you stay one step ahead.

Who is the course for?

  • Security administrators

  • Security consultants

  • Network administrators

  • System engineers

  • Technical support personnel using open source IDS and IPS

  • Channel partners and resellers


Course subjects

  • Introduction to Snort Rule Development

  • Snort Rule Syntax and Usage

  • Traffic Flow Through Snort Rules

  • Advanced Rule Options

  • OpenAppID Detection

  • Tuning Snort

Lab outline

  • Connecting to the Lab Environment

  • Introducing Snort Rule Development

  • Basic Rule Syntax and Usage

  • Advanced Rule Options

  • OpenAppID

  • Tuning Snort


Prerequisites

To fully benefit from this course, you should have:

  • Basic understanding of networking and network protocols

  • Basic knowledge of Linux command-line utilities

  • Basic knowledge of text editing utilities commonly found in Linux

  • Basic knowledge of network security concepts

  • Basic knowledge of a Snort-based IDS/IPS system



PRE-COURSE PREPARATION

This course has pre-reading or other preparation requirements which should be completed before you commence your course with us.

Please click here to view.


Terms & Conditions

The supply of this course by DDLS is governed by the booking terms and conditions. Please read the terms and conditions carefully before enrolling in this course, as enrolment in the course is conditional on acceptance of these terms and conditions.



Request Course Information

By submitting an enquiry, you agree to our privacy policy and receiving email and other forms of communication from us. You can opt-out at any time.