Implementing Cisco Intrusion Prevention System Training
| Aanbieder | Twice IT Training |
| Kosten | €2.495,00 |
Overzicht
- Explain how Cisco IPS protects network devices from attacks. - Install a sensor appliance in the network and initialise it. - Use the sensor CLI to perform basic sensor configuration. - Describe the management and monitoring capabilities of the IPS Device Manager. - Use the IDM to configure the sensor’s communication parameters - Use the IDM to configure allowed hosts - Use the IDM to set the sensor’s time - Use the IDM to create user accounts - Use the IDM to configure sensor interfaces and interface pairs. - Use the IDM to configure software bypass mode - Describe the functions of signature engines and their parameters. - Use the IDM to tune and create signatures to meet the requirements of a given security policy. - Use the IDM to tune the sensor to work optimally in a network - Explain blocking concepts - Use the IDM to configure blocking for a given scenario - Install the NM-CIDS in a router and initialise it. - Configure communications between the router and the NM-CIDS and initialise the NM-CIDS - Install and IDSM-2 in a Cisco Catalyst 6500 Switch and initialise it. - Use the IDM to upgrade the senor image - Use the IDM to install signature and service pack updates - Use the IDM to configure automatic software updates. - Recover the sensor image - Use the CLI to back up and restore a sensor configuration - Use the CLI and the IDM to monitor the sensorUse preventive maintenance and general troubleshooting commands
Volledige omschrijving
Bestemd voor
This course is intended for: - Cisco customers who implement and maintain IPS solutions.. - Cisco Channel Partners who sell, implement and maintain IPS solutions - Cisco System Engineers who support sales of Cisco IPS and security product solutions.Benodigde kennis
Delegates are required to meet the following prerequisites: - Certification as a CCNA or the equivalent knowledge (optional) - Basic knowledge of Windows Operating System - Familiarity with the networking and security terms and concepts (the concepts are learned in prerequisite training or by reading industry publications) InschrijvenBeschrijving
Security Fundamentals - Need for Network Security - Network Security Policy - Primary Network Threats and Attacks - Reconnaissance Attacks and Mitigation - Access Attacks and Mitigation - Denial of Service Attacks and Mitigation - Worm, Virus and Trojan Horse Attacks and Mitigation - Management Protocols and Functions Intrusion Prevention Overview - Intrusion Detection versus Intrusion Prevention - Intrusion Detection Technologies - Cisco Network Sensors - Sensor Appliances - Cisco Defense-in-Depth - Sensor Deployment - IPS Terminology - Cisco IPS Software Architecture Getting Started with the IPS Command Line Interface - Command Line Overview - Sensor Software Installation - Sensor Initialisation - Administrative Task - Basic Troubleshooting Commands Using the Intrusion Prevention System Device Manager - IPS Device Manager Overview - Getting started with the IDM - Configuring Certificates - Configuring SSH - Rebooting and Shutting down the Sensor - Viewing Events in the IDM Basic Sensor Configuration - Configuring Allowed Hosts - Setting the time - Configuring User Accounts - Configuring the Interfaces Configuring Software Bypass Cisco Intrusion Prevention System - Signatures and Alerts - Cisco IPS Signatures, Engines, and Alerts - Locating Signature Information - Basic Signature Configuration - Special Considerations fro Signature Actions. - Configuring SNMP Signature Engines - Cisco IPS Signature Engines - Atomic Signature Engines - Flood Signature engines - Meta Signature Engines - Multi String Signature Engine - Normalizer Engine - OTHER Signature Engine - Service Signature Engines - State Signature Engines - String Signature Engines - Sweep Signature Engines - Traffic Signature Engine - Trojan Signature Engine - AIC Signature Engines Signature Configuration - Parameters Common to All Signature Engines - Signature Tuning - Custom Signatures Sensor Tuning - Intrusion Detection Evasive Techniques - Tuning the Sensor - Logging - Reassembly Options - Event Action Rules - Event Variables - Target Value Rating - Event action Overrides - Event Action Filters - General Settings Blocking - Introduction - ACL Considerations - Automatic Blocks - Manual Blocks - Master Blocking Sensors Sensor Maintenance - Upgrading and Recovering the Sensor Image - Service Pack and Signature Updates - Resetting, Powering Down, and Restoring the Default Configuration Monitoring the Sensor - Using CLI to Monitor the Sensor - Using the IDM to Monitor the Sensor Cisco Intrusion Detection System Network Module - NM-CIDS Overview - How the NM-CIDS Works - Design Considerations - Installation and Configuration Tasks - Image Upgrade and Recovery - Maintenance Tasks Unique to the NM-CIDS Cisco Intrusion Detection System Module - Introduction - Ports, Traffic and Time - Installation and Configuration Tasks - Verifying IDSM-2 Status - Upgrade and Recovery