Sourcefire Classroom Training
Sourcefire 3D System II
Overview
This one-day class covers the functionality and configuration of event data streaming and remediation capabilities built into the Sourcefire 3D System. Learn good rule writing and tuning practices by demonstrating the use of important rule language options and how to analyze events to assist security administrators in making tuning decisions. Students taking this course will learn a deeper understanding of how to best leverage the power of Sourcefire products to secure their network environments.
Target Audience
This is a must course for Network administrators, security administrators, security consultants and other security professionals that are responsible for deploying and supporting Sourcefire’s products.
Prerequisites
This course assumes that students have a technical understanding of TCP/IP networking and network architecture. Proficiency with Linux and UNIX text editing tools (vi editor) is suggested, not required.
Course Outline:
- Understanding and Configuring eStreamer
- Creating and using Remediation Modules
- Creating High-Precision Rules with the Flowbits Rule Option
- Analyzing Events and Packet Inspection
|
