Securing Cisco Networks with Snort Rule Writing Best Practices (SSFRULES)
Description
Securing Cisco Networks with Snort Rule Writing Best Practices (SSFRULES) v2.0 is a 3-day instructor-led or virtual instructor-led, lab-based, hands-on course that introduces you to Snort rule writing. Among other powerful features, you become familiar with:
The price in Cisco Learning Credits (CLC) for the SSFRULES course is 21 CLCs per person.
- Snort rule development
- Snort rule language
- Standard and advanced rule options
- OpenAppID
- Tuning
The price in Cisco Learning Credits (CLC) for the SSFRULES course is 21 CLCs per person.
Choose date
Date
Lang.
Location
Price

Objectives
Upon completion of this course, you should be able to:
- Describe the Snort rule development process
- Describe the Snort basic rule syntax and usage
- Describe how traffic is processed by Snort
- Describe several advanced rule options used by Snort
- Describe OpenAppID features and functionality
- Describe how to monitor the performance of Snort and how to tune rules
Outline
Course Outline
Lab Outline
- Module 1: Introduction to Snort Rule Development
- Module 2: Snort Rule Syntax and Usage
- Module 3: Traffic Flow Through Snort Rules
- Module 4: Advanced Rule Options
- Module 5: OpenAppID Detection
- Module 6 Tuning Snort
Lab Outline
- Lab 1: Connecting to the Lab Environment
- Lab 2: Introducing Snort Rule Development
- Lab 3: Basic Rule Syntax and Usage
- Lab 4: Advanced Rule Options
- Lab 5: OpenAppID
- Lab 6: Tuning Snort
Prerequisite Knowledge
Cisco recommends that you have the following knowledge and skills before taking this course:
- Basic understanding of networking and network protocols
- Basic knowledge of Linux command-line utilities
- Basic knowledge of text editing utilities commonly found in Linux
- Basic knowledge of network security concepts
- Basic knowledge of a Snort-based IDS/IPS system