Implementing Cisco Intrusion Prevention System (IPS) v1.0

Request info

Course duration: 5 Days

Associated Certifications: CCSP


Students who attend this advanced course must have experience in configuring Cisco IOS software and have met the following prerequisites: Certification as a CCNA or the equivalent knowledge. Basic knowledge of the Windows operating system Familiarity with the networking and security terms and concepts (the concepts are learned in prerequisite training or by reading industry publications)

Course Content

Given an example of Cisco’s defence in depth, the learner will explain how Cisco IPS protects network devices from attacks. Given an IPS sensor appliance, the learner will install the appliance in the network and initialize it. Use IDM to configure basic sensor settings. The learner will use IDM to configure built-in signatures to meet the requirements of a given security policy. The learner will describe the functions of signature engines and their parameters. The learner will use IDM to tune and create signatures to meet the requirements of a given security policy. Given a scenario, the learner will use IDM to tune a sensor to work optimally in the network. Given a scenario, the learner will use the Monitoring Center for Security and Cisco Threat Response to maximize alarm management efficiency. The learner will explain blocking concepts and use IDM to configure blocking for a given scenario. The learner will install the NM-CIDS in a router and initialize it. The learner will install the module in a Cisco Catalyst 6500 Switch and initialize it. The learner will use a Cisco Catalyst 6500 Switch to capture network traffic for intrusion prevention analysis. The learner will install and recover the sensor software image and perform service pack and signature updates. The learner will use the CLI and IDM to verify system configuration.

Course Outline:

Lesson 1: Course Introduction
Lesson 2: Security Fundamentals
Lesson 3: Intrusion Prevention Overview
Lesson 4: Getting Started with the IDS Command Line Interface
Lesson 5: Using IDM
Lesson 6: Basic Sensor Configuration
Lesson 7: Cisco Intrusion Detection System Alarms and Signatures
Lesson 8: Signature Engines
Lesson 9: Signature Configuration
Lesson 10: Sensor Tuning
Lesson 11: Alarm Monitoring and Management
Lesson 12: Blocking Configuration
Lesson 13: Cisco Intrusion Detection System Network Module
Lesson 14: Intrusion Detection System Module Configuration
Lesson 15: Capturing Network Traffic for Intrusion Detection Systems
Lesson 16: Sensor Maintenance
Lesson 17: Verifying System Configuration

SELECT wp_posts.*, wp_p2p.* FROM wp_posts INNER JOIN wp_postmeta ON ( wp_posts.ID = wp_postmeta.post_id ) INNER JOIN wp_p2p WHERE 1=1 AND ( ( wp_postmeta.meta_key = 'start_date' AND CAST(wp_postmeta.meta_value AS DATE) >= '2022-05-28' ) ) AND ((wp_posts.post_type = 'schedule' AND (wp_posts.post_status = 'publish' OR wp_posts.post_status = 'acf-disabled'))) AND (wp_p2p.p2p_type = 'schedule_to_courses' AND wp_posts.ID = wp_p2p.p2p_from AND wp_p2p.p2p_to IN (SELECT wp_posts.ID FROM wp_posts WHERE 1=1 AND wp_posts.ID IN (560) AND ((wp_posts.post_type = 'courses' AND (wp_posts.post_status = 'publish' OR wp_posts.post_status = 'acf-disabled'))) ORDER BY wp_posts.post_date DESC )) GROUP BY wp_posts.ID ORDER BY CAST(wp_postmeta.meta_value AS DATE) ASC