Course Overview

The Securing Cisco Networks with Snort Rule Writing Best Practices (SSFRules) v2.0 course shows you how to write rules for Snort, an open-source intrusion detection and prevention system. Through a combination of expert-instruction and hands-on practice, this course provides you with the knowledge and skills to develop and test custom rules, standard and advanced rules-writing techniques, how to integrate OpenAppID into rules, rules filtering, rules tuning, and more. The hands-on labs give you practice in creating and testing Snort rules.

2.0 days
Learning Credits: 
  • This course will help you:

    • Gain an understanding of characteristics of a typical Snort rule development environment
    • Gain hands-on practices on creating rules for Snort
    • Gain knowledge in Snort rule development, Snort rule language, standard and advanced rule options
  • To fully benefit from this course, you should have:

    • Basic understanding of networking and network protocols
    • Basic knowledge of Linux command-line utilities
    • Basic knowledge of text editing utilities commonly found in Linux
    • Basic knowledge of network security concepts
    • Basic knowledge of a Snort-based IDS/IPS system