Securing Cisco® Networks with Snort Rule Writing Best Practices (SSFRULES) is an instructor-led, lab-based, hands-on course offered by Cisco Learning Services. This course is part of a portfolio of security courses designed to help businesses support and maintain their Snort-based systems.
This lab-intensive course introduces you to Snort rule writing. Among other powerful features, you become familiar with:
- Snort rule development
- Snort rule language
- Standard and advanced rule options
The course begins by identifying the key features and characteristics of a typical Snort rule development environment. You will develop and test custom rules in a preinstalled Snort environment and identify how to use advanced rule-writing techniques. You will investigate how to include OpenAppID in your rules and also identify how to filter rules and monitor their performance.
This course combines lecture materials and hands-on labs that give you practice in creating Snort rules.