IT TRAINING

Cisco IPS – Implementing Cisco Intrusion Prevention System v7.0

This course is obsolete

 

Part of Cisco’s recent announcement for the CCNP Security certification program includes this new course, IPS 7.0 which replaces IPS 6.0.

Who needs to attend

Who needs to attend?
This course is aimed at:

  • Cisco customers who implement and maintain Cisco IPS solutions
  • Cisco channel partners who sell, implement, and maintain Cisco IPS solutions
  • Cisco systems engineers who support the sale of Cisco IPS solutions
what you will learn

What you will learn

In this course, you will gain the skills required to deploy Cisco’s network-based Intrusion Prevention System (IPS). You will get an introduction to Cisco IPS platforms and managers, including:

  • 4200 Series Sensors
  • Catalyst 6000 Series Intrusion Detection Module 2 (IDSM-2)
  • Advanced Inspection and Prevention Security Services Module (AIP-SSM)
  • IPS Device Manager (IDM) GUI
  • IPS Manager Express (IME)
Prerequisites

Prerequisites
Students need to have:
IINS – Implementing Cisco IOS Network Security

Course outline

Course Outline

1. Introduction

Evaluating Intrusion Prevention and Intrusion Detection Systems
Choosing Cisco IPS Software, Hardware, and Supporting Applications
Evaluating Network IPS Traffic Analysis Methods
Evasion Possibilities and Anti-Evasive Countermeasures
Choosing a Network IPS and IDS Deployment Architecture

2. Installing and Maintaining Cisco IPS Sensors

Integrating into a Network
Performing the Initial Setup
Managing Cisco IPS Devices

3. Applying Cisco IPS Security Policies

Configuring Basic Traffic Analysis
Implementing Cisco IPS Signatures and Responses
Configuring Signature Engines and the Signature Database
Deploying Anomaly-Based Operation

4. Adapting Traffic Analysis and Response to the Environment

Customizing Traffic Analysis
Managing False Positives and False Negatives
Improving Alarm and Response Quality

5. Managing and Analyzing Events

Installing and Integrating IME with IPS Sensors
Managing and Investigating Events
Reporting and Notifications
Integrating IPS with SMN and MARS
Using the Cisco IntelliShield Database and Services

6. Advanced Solutions

Using Cisco IPS Virtual Sensors
Deploying Cisco IPS for High Availability and High Performance

7. Configuring and Maintaining Specific IPS Hardware

ASA AIP SSM and AIP SSC Modules
ISR IPS AIM and IPS NME Modules
IDSM-2 Module

Certification programs
There are no certifications associated with this course.