Sourcefire 3D Solution
Revision: TE3405_20061102
(4.22 KB) View, Download, or Print Catalog as a PDF.
Course Length:
3 Days
Course Description:
This three-day class covers the features and functionality of Sourcefire’s 3D System including RNA, Intrusion Sensors, Defense Center and an overview of the Snort rules language. Users of Sourcefire products will learn to customize rules, troubleshoot, and write optimized rules with high performance while providing the highest levels of security.
Who Should Attend:
Network administrators, security administrators, security consultants and others that are responsible for deploying and supporting Sourcefire’s products are a must for this class.
Benefits of Attendance:
Upon completion of this course, students will be able to:
- Customize rules
- Understand the Snort rules language
- Troubleshoot
- Write optimized rules with high performance
Prerequisites:
This course assumes that students have a technical understanding of TCP/IP networking and network architecture.
Course Outline:
- Introduction
- IDS/IPS & RNA Technology Overview
- Policy Management: Intrusion Sensor, RNA, and Compliance
- Event Analysis & Reporting
- End-Point Intelligence
- Flow Data Analysis
- Nessus Scans
- Rules and Rule Optimization
- Rule Option Overview
- Advanced Rule Options: Byte_Test/Byte_Jump & PCRE
- Rule Writing Best Practices and Troubleshooting
- IDS/IPS & RNA Technology Overview
- 3D Sensor Deployment and Network Architecture
- Sourcefire 3D System Overview & Product Installation
- Basic Interface Navigation
- Sensor Configuration and Management with the Defense Center
- Configuring Interface Sets and Engine Instances
- System Administration and Maintenance and Policy