Description
The Course Name: SSFIPS -Securing Networks with Cisco Firepower Next-Generation IPS
The Duration : 3 Days
The Overview:
Course Content
The purpose of this course is to teach participants the basic next-generation intrusion prevention system (NGIPS) and firewall security concepts and also:
- In-depth event analysis
- NGIPS tuning and configuration
- Snort® rules language
- file and malware inspection, security intelligence, domain awareness
The course begins by introducing the system architecture, the latest major features, and the role of policies in implementing the solution. The participants will learn how to manage deployed devices and perform basic Cisco Firepower discovery by describing how to use and configure Cisco NGIPS technology, including application control, security intelligence, firewall, and network-based malware and file controls. You’ll learn how to take advantage of powerful tools so you can carry out more efficient event analysis, including the detection of file type and network-based malware. And you’ll learn how to properly tune systems for better performance and greater network intelligence. The course finishes with system and user administration tasks.
Course Objectives
- How to describe the key features and concepts of NGIPS and firewall security
- How to describe the Cisco Firepower system components, features, and high-level implementation steps
- How to navigate the Cisco Firepower Management Center GUI and understand the role of policies when configuring the Cisco Firepower system
- How to deploy and manage Cisco Firepower managed devices
- How to perform an initial Cisco Firepower discovery and basic event analysis to identify hosts, applications, and services
- How to identify and create the objects required as prerequisites to implementing access control policies
- How to identify the features and functionality of access control policies and the implementation procedures
- How to describe the concepts and implementation procedures of security intelligence
- How to describe the concepts and implementation procedures of file control and advanced malware protection
- How to use Cisco Firepower recommendations to implement IPS policies
- How to explain the use of network analysis policies and the role of preprocessor technology in processing network traffic for NGIPS inspection
- How to describe and demonstrate the detailed analysis techniques and reporting features provided by the Cisco Firepower Management Center
- How to describe major Cisco Firepower Management Center system administration and user account management features
The Course Index:
- Module 1: Security Technology Overview
- Module 2: Cisco Firepower System Components and Features
- Module 3: Introducing the Cisco Firepower Management Center
- Module 4: Deploying Cisco Firepower Managed Devices
- Module 5: Cisco Firepower Discovery
- Module 6: Access Control Policy Prerequisites
- Module 7: Implementing Access Control Policies
- Module 8: Security Intelligence
- Module 9: File Control and Advanced Malware Protection
- Module 10: Next-Generation Intrusion Prevention Systems
- Module 11: Network Analysis Policies
- Module 12: Detailed Analysis Techniques
- Module 13: System Administration
Labs:
- Lab 1: Connect to the Lab Environment
- Lab 2: Navigate the Cisco Firepower Management Center GUI
- Lab 3: Device Management
- Lab 4: Cisco Firepower Discovery
- Lab 5: Access Control Policy Prerequisites
- Lab 6: Implementing an Access Control Policy
- Lab 7: Security Intelligence
- Lab 8: File Control and Advanced Malware Protection
- Lab 9: Implementing NGIPS
- Lab 10: Detailed Analysis
- Lab 11: System Administration