Implementing Cisco Intrusion Prevention System
Short course
In London
Description
-
Type
Short course
-
Location
London
Implementing Cisco Intrusion Prevention Systems (IPS) 6.0 is a nstructor-led, lab-intensive course delivered by Cisco Learning Partners (CLPs). This task-oriented course teaches the knowledge and skills needed to design, install, and configure a Cisco intrusion prevention solution for small, medium, and enterprise networks. The course covers Cisco intrusion prevention system (IPS) platforms, including the Cisco 4200 Series sensors, and the Catalyst 6500 Series Intrusion Detection System (IDS).
Facilities
Location
Start date
Start date
Reviews
Course programme
- Need for Network Security
- Network Security Policy
- Primary Network Threats and Attacks
- Reconnaissance Attacks and Mitigation
- Access Attacks and Mitigation
- Denial of Service Attacks and Mitigation
- Worm, Virus and Trojan Horse Attacks and Mitigation
- Management Protocols and Functions
- Intrusion Detection versus Intrusion Prevention
- Intrusion Detection Technologies
- Cisco Network Sensors
- Sensor Appliances
- Cisco Defence-in-Depth
- Sensor Deployment
- IPSTerminology
- CiscoIPSSoftware Architecture
- Command Line Overview
- Sensor Software Installation
- Sensor Initialisation
- Administrative Task
- Basic Troubleshooting Commands
- IPSDevice Manager Overview
- Getting started with theIDM
- Configuring Certificates
- ConfiguringSSH
- Rebooting and Shutting down the Sensor
- Viewing Events in theIDM
- Configuring Allowed Hosts
- Setting the time
- Configuring User Accounts
- Configuring the Interfaces
- Configuring Software Bypass
- CiscoIPSSignatures, Engines, and Alerts
- Locating Signature Information
- Basic Signature Configuration
- Special Considerations fro Signature Actions.
- ConfiguringSNMP
- CiscoIPSSignature Engines
- Atomic Signature Engines
- Flood Signature engines
- Meta Signature Engines
- Multi String Signature Engine
- Normalizer Engine
- OTHERSignature Engine
- Service Signature Engines
- State Signature Engines
- String Signature Engines
- Sweep Signature Engines
- Traffic Signature Engine
- Trojan Signature Engine
- AICSignature Engines
- Parameters Common to All Signature Engines
- Signature Tuning
- Custom Signatures
- Intrusion Detection Evasive Techniques
- Tuning the Sensor
- Logging
- Reassembly Options
- Event Action Rules
- Event Variables
- Target Value Rating
- Event action Overrides
- Event Action Filters
- General Settings
- Introduction
- ACLConsiderations
- Automatic Blocks
- Manual Blocks
- Master Blocking Sensors
- Upgrading and Recovering the Sensor Image
- Service Pack and Signature Updates
- Resetting, Powering Down, and Restoring the Default Configuration
- UsingCLIto Monitor the Sensor
- Using theIDMto Monitor the Sensor
- NM-CIDS Overview
- How the NM-CIDS Works
- Design Considerations
- Installation and Configuration Tasks
- Image Upgrade and Recovery
- Maintenance Tasks Unique to the NM-CIDS
- Introduction
- Ports, Traffic and Time
- Installation and Configuration Tasks
- VerifyingIDSM-2 Status
- Upgrade and Recovery
Implementing Cisco Intrusion Prevention System