Securing Networks with Cisco Firepower Next-Generation IPS


Course Description

The Securing Networks with Cisco Firepower Next-Generation IPS (SSFIPS) version 3.1 Cisco® Training on Demand course provides you with technical training to deploy the Cisco Firepower® system. Among other powerful features, you learn in-depth event analysis, Next-Generation Intrusion Prevention System (NGIPS) tuning and configuration, and the Snort rules language. You also become familiar with the concepts and practices of file and malware inspection, domain awareness, and security management, and learn to describe the difference between firewall and NGIPS technologies.

In addition, you learn the relationship between Cisco, Sourcefire® , and Snort. You’re able to detail a Cisco Firepower system and describe the role and relationships of policies in configuring the system. You also learn how to perform the device setup tasks for the Cisco Firepower architecture and configure both passive and advanced deployment options. You gain knowledge of how to interpret host profiles and create fingerprints along with managing user identities, and how to configure and access control policies and object types within the Cisco Firepower system, together with security intelligence, whitelists, blacklists, and logging. Finally, you learn how to examine malware and file dispositions, examine Snort rules and variable sets, create intrusion sets, and understand the role of Snort in the administrative flow, together with detailed analysis techniques.

Prerequisites

  • Technical understanding of TCP/IP networking and network architecture
  • Basic familiarity with the concepts of Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS)

Who Should Attend

This course is designed for security administrators and consultants, network administrators, systems engineers, and technical support personnel who need to know how to deploy and manage a Cisco Firepower NGIPS in their network environment and how to write Snort rules.

Course Information


Length: 4 day

Format: Lecture and Lab

Delivery Method: Onsite

Max. Capacity: 12



Learning Objectives

  • Describe the key features and concepts of next-generation IPS and firewall security
  • Identify the components of the Cisco Firepower system
  • Communicate the role and relationships of policies in the Cisco Firepower system
  • Identify the various Cisco Firepower system deployment architectures
  • Interpret host profile information
  • Explain the object types, their uses within the Cisco Firepower system, and implementation procedures for security intelligence
  • Describe and identify considerations for access control policy rules
  • Understand file visibility and control, malware and file policies, and the principles of AMP for Firepower
  • Implement and manage intrusion policies and variables
  • Understand Cisco Firepower management system administration and user account management

Labs

  1. Connecting to the Lab Environment
  2. Navigating the Firepower Management Center GUI
  3. Device Management
  4. Implementing Network Discovery
  5. Access Control Policy Prerequisites
  6. Implementing an Access Control Policy
  7. Implementing Security Intelligence
  8. File Control and Advanced Malware Protection
  9. Implementing NGIPS
  10. Detailed Analysis
  11. System Administration