Cisco IPS

Image

Cisco IPS

This course is designed to provide network security engineers with the knowledge and skills needed to deploy Cisco Intrusion Prevention System (IPS)-based security solutions. Successful delegates will be able to reduce the risk to the IT infrastructure and applications using Cisco IPS features, and provide detailed operations support for the Cisco IPS.

Target Audience

The Cisco ASA Specialist is recognized as the benchmark security product certification for engineers, consultants, and architects who configure advanced Cisco security appliances and VPN solutions, including advanced protocol handling, remote access VPNs, Secure Sockets Layer VPNs, site-to-site VPNs, high-availability VPNs, and failover.

Prerequisites

CCNA CertificationCCNA SecurityWorking knowledge of Microsoft Windows OS is an advantage

Course Objectives

Describe the key features and concepts of NGIPS and firewall securityDescribe the Cisco Firepower system components, features, and high-level implementation stepsNavigate the Cisco Firepower Management Center GUI and understand the role of policies whenconfiguring the Cisco Firepower systemDeploy and manage Cisco Firepower managed devicesPerform an initial Cisco Firepower discovery and basic event analysis to identify hosts, applications, andservicesIdentify and create the objects required as prerequisites to implementing access control policiesIdentify the features and functionality of access control policies and the implementation proceduresDescribe the concepts and implementation procedures of security intelligenceDescribe the concepts and implementation procedures of file control and advanced malware protectionUse Cisco Firepower recommendations to implement IPS policiesExplain the use of network analysis policies and the role of pre-processor technology in processing networkTraffic for NGIPS inspectionDescribe and demonstrate the detailed analysis techniques and reporting features provided by the CiscoFirepower Management CenterDescribe major Cisco Firepower Management Center system administration and user account management  

Course Curriculum

Section 1 : Introduction to IPS , IPS Software, and Supporting Devices
Evaluating Intrusion Prevention and Intrusion Detection Systems.Choosing Cisco IPS Software, Hardware, and Supporting Applications.Evaluating Network IPS Traffic Analysis Methods, Evasion Possibilities, and Anti-Evasive Countermeasures.Choosing a Network IPS and IDS Deployment Architecture.
Section 2 : Installing and Maintaining Cisco IPS Sensors
Integrating the Cisco IPS Sensor into a Network.Performing the Cisco IPS Sensor Initial Setup.Managing Cisco IPS Devices.
Section 3 : Applying Cisco IPS Security Policies
Configuring Basic Traffic Analysis.Implementing Cisco IPS Signatures and Responses.Configuring Cisco IPS Signature Engines and the Signature Database.Deploying Anomaly-Based Operation.
Section 4 : Adapting Traffic Analysis and Response to the Environment
Customizing Traffic Analysis.Managing False Positives and False Negatives.Improving Alarm and Response Quality.
Section 5 : Managing and Analyzing Events
Installing and Integrating Cisco IPS Manager Express with Cisco IPS Sensors.Managing and Investigating Events Using Cisco IPS Manager Express.Using Cisco IME Reporting and Notifications.Integrating Cisco IPS with Cisco Security Manager and Cisco Security MARS.Using the Cisco IntelliShield Database and Services.
Section 6 : Deploying Virtualization, High Availability, and High Performance Solutions
Configuring and Maintaining the Cisco ASA AIP SSM and AIP SSC Modules.Configuring and Maintaining the Cisco ISR IPS AIM and IPS NME Modules.Configuring and Maintaining the Cisco IDSM-2 Module.