IPS v6.0 - Implementing Cisco Intrusion Prevention System Course Outline

IPS v6.0 - Implementing Cisco Intrusion Prevention System

Revision: TE5504_20100304

(5.34 KB) View, Download, or Print Course as a PDF.

Course Length:

4 Days

Course Description:

Implementing Cisco Intrusion Prevention Systems (IPS) v6.0 provides the knowledge and skills needed to design, install, configure, and maintain a Cisco IPS sensor for small, medium, and enterprise networks. The course also describes the procedures for managing intrusion prevention system (IPS) alarms.

Who Should Attend:

The primary audience for this course are network designers and network security administrators.

Benefits of Attendance:

Upon completion of this course, students will be able to:

Explain how the Cisco IPS protects network devices from attacks
Install and configure the basic settings on a Cisco IPS 4200 Series Sensor
Use the Cisco IDM to configure built-in signatures to meet the requirements of a given security policy
Configure some of the more advanced features of the Cisco IPS product line
Initialize and install into your environment the rest of the Cisco IPS family of products
Use the CLI and the Cisco IDM to obtain system information, and configure the Cisco IPS sensor to allow an SNMP NMS to monitor the Cisco IPS sensor

Prerequisites:

Students must have familiarity with networking and security terms and concepts, including completion of the Securing Cisco Network Devices (SND) course. Students must also have strong user-level experience with Microsoft Windows operating systems.

Course Outline:

Course Introduction
1. Overview
2. Course Goal and Objectives
3. Course Flow
4. Additional References
5. Your Training Curriculum
Module 1: Intrusion Prevention Overview
1. Explaining Intrusion Prevention
2. Examining Cisco IPS Products
3. Examining Cisco IPS Sensor Software Solutions
4. Examining Evasive Techniques
Module 2: Installation of a Cisco IPS 4200 Series Sensor
1. Installing a Cisco IPS Sensor Using the CLI
2. Using the Cisco IDM
3. Configuring Basic Sensor Settings
4. Lab 2-1: Install and Configure a Cisco IPS Sensor from the CLI
5. Lab 2-2: Use the Cisco IDM to Perform a Basic Sensor Configuration
Module 3: Cisco IPS Signatures
1. Configuring Cisco IPS Signatures and Alerts
2. Examining the Signature Engines
3. Customizing Signatures
4. Lab 3-1: Working with Signatures and Alerts
5. Lab 3-2: Customizing Signatures
Module 4: Advanced Cisco IPS Configuration
1. Performing Advanced Tuning of Cisco IPS Sensors
2. Monitoring and Managing Alarms
3. Configuring a Virtual Sensor
4. Configuring Advanced Features
5. Configuring Blocking
6. Lab 4-1: Tune a Cisco IPS Sensor Using the Cisco IDM
7. Lab 4-2: Monitor and Manage Alarms
8. Lab 4-3: Configure a Virtual Sensor (Optional)
9. Lab 4-4: Configure Anomaly Detection and POSFP
Module 5: Additional Cisco IPS Devices
1. Installing the Cisco Catalyst 6500 Series IDSM-2
2. Initializing the Cisco ASA AIP-SSM
Module 6: Cisco IPS Sensor Maintenance
1. Maintaining Cisco IPS Sensors
2. Managing Cisco IPS Sensors
3. Lab 6-1: Maintain Sensors and Verify System Configuration