Sourcefire Classroom Training
Sourcefire 3D System I
Overview
This three-day class covers the features and functionality of the Sourcefire3D System® including Sourcefire Real-time Network Awareness®, Sourcefire Intrusion Sensors®, Sourcefire Defense Center® and an overview of the SNORT® rules language. Users of Sourcefire products will learn to operate the Sourcefire 3D System, tune the installation, troubleshoot, and write optimized rules with high performance while providing the highest levels of security.
Target Audience
This is a must course for Network administrators, security administrators, security consultants and other security professionals that are responsible for deploying and supporting Sourcefire’s products.
Prerequisites
This course assumes that students have a technical understanding of TCP/IP networking and network architecture.
Course Outline:
- Sourcefire 3D System Sensor Deployment and Network Architecture
- Sourcefire 3D System Overview & Product Installation
- Basic Interface Navigation
- Sensor Configuration and Management with the Defense Center
- Configuring Interface Sets and Engine Instances
- System Administration and Maintenance and Policy
- System Health Monitoring and Alerting
- Real-time User Awareness™ (RUA) Netflow
- Policy Management: Intrusion Sensor, RNA, and Compliance Including White List Policy
|
- Event Analysis & Reporting
- End-Point Intelligence
- Flow Data Analysis
- Nessus Scans
- Rules and Rule Optimization
- Rule Option Overview
- Advanced Rule Options: Byte_Test/Byte_Jump & PCRE
- Rule Writing Best Practices and Troubleshooting
|
|
