Intrusion Prevention Systems Specialist Training

We provide specialized training in Intrusion Detection and Prevention.

IPS/IPS/IDS Training Module

Description

This is a three-day interactive course where students will learn advanced functions of IPS/IDS and network intrusion management system.

Objective

The objective of the IPS/IDS training module is to maximize the return on your investment with hands-on and real world training on IPS/IDS network security products and technologies, security best practices and other IPS/IDS security service offerings.

Who should attend

  • IPS/IDS Managers
  • System Engineers, Analysts and Administrators responsible for configuring IPS/IDS sensors
  • IT Operations Managers
  • Network Security Engineers
  • Business Associates

Prerequisites

  • An understanding of TCP/IP and OSI reference Models
  • A basic understanding of networking

 

Cost:  $3999

 

Training Modules

Session 1: Overview

  • General IPS/IDS Component Description
  • General IPS/IDS Architecture
  • Enterprise (High Level) Products Feature List

Session 2: Introduction to Network Security Threats

  • Social Engineering
  • Hacking: Internal vs. External
  • Password Guessing
  • Password Cracking (LC4)
  • Password Policy Enforcement
  • Sniffing & Spoofing
  • Floods & DoS
  • Trojans

Session 3: IPS/IDS Sensor Installation

  • IPS/IDS Systems Requirements
  • IPS/IDS Sensor Hardware Architecture
  • IPS/IDS Topological Placement
  • Console Functions
  • Basic Sensor Connectivity Troubleshooting

Hands-on Lab: Installation of Sensor software

Session 4: IPS/IDS Server Installation

  • IPS/IDS Server Architecture
  • IPS/IDS Systems Requirements
  • IPS/IDS Topological Placement
  • Server's OS Hardening
  • Basic Server Connectivity Troubleshooting

Hands-on Lab: Installation of Sensor software

Session 5: Graphical Interface Usage

  • Architecture
  • Viewing Alerts & Alert Filters
  • Overview of Package vs. Backend (Sourcefire Sigs)
  • Running Queries & Reports
  • Configuring Packages_Backends
  • Running Queries & Reports
  • Configuring Alerts
  • Configuring Space Management
  • Diagnostics

Hands-on Lab: Data Tuning Rules Examples

Session 6: Advanced Server Topics

  • Server File Architecture / Data Structure
  • Failover CMS's
  • Command Line Queries
  • Troubleshooting Tools

Session 7: IPS/IDS Tuning

  • Descriptions of key packages and backends
  • Some Initial Suggested Tuning and Variable Configs

Hands-on Lab: Catch the Hacker (replay Defcon traffic)

Session 8: Enterprise Console Installation

  • System Reqs
  • Preparing the Install Platform
  • Step by step Install
  • Post "install" configuration
  • Connectivity Checks

Session 9: EC Usage

  • Viewing Alerts
  • Filtering Alerts
  • Customizing your view
  • Saving your view
  • Realtime Graphs
  • Creating Correlators
  • EC Administration functions
  • Using Crystal Reports
  • Customizing Crystal Reports