Implementing Cisco Intrusion Systems Protection

General information Code: SD-CIPS Duration: 5 days Present: 10 Maximum Price: 2 930 € HT Public concerned Engineers, Consultants. Prérequis To have followed course SND Securing Cisco Network Devices To have basic knowledge on Windows. To know the terminology and the concepts of safety network Objectives This course makes it possible to acquire knowledge and competences necessary to implement, to install and configure a solution Cisco of prevention against the intrusions. Means Support of official course given to the trainees 1 PC by anybody	Description This course is intended to the engineers and to consultants who wish to acquire knowledge and competences necessary to implement, to install and configure a solution Cisco of prevention against the intrusions. IT is recommended to the trainees to have followed course SND Securing Cisco Network Devices. To have basic knowledge on Windows. To know the terminology and the concepts of safety network. Tests and Certifications: This course prepares with test 642-532 within the framework of certification CCSP (Cisco Certified Security Professional) as well as certification CQS IPS (Cisco Qualified Specialist).
	Modulate 1 The fundamental ones of safety - needs for safety networks - the policy of safety network - Identification and classification of the attacks - protocols of administration and safety Modulate 2 Presentation of the detection of intrusion and technologies of protection against the intrusions - Terminology and technologies of the detection of intrusion - Protection counters the intrusion on the level of the host and the level of the network - Deployment of IDS - Presentation of the platforms of probes network Modulate 3 Structure of system IDS Cisco - software Architecture - Communication of elements IDS - Accounts users and roles - the line modes of order - Parameter setting of the clock - Creation of accounts users - the account of service - roles of the users - preventive Maintenance and troubleshooting Modulate 4 Ids Manager and Viewer Vent - Presentation of Device Manager - Presentation of the Viewer Vent - Installation of the Viewer Vent - postings and filters - Data base safety Modulate 5 Configuration via IDM - Configuration of the basic parameters - Configuration of communications SSH, TLS and SSL - IConfiguration of the monitoring - Posting of the diagnoses and information of the system Modulate 6 Development of the probes - Techniques of detection of intrusion - Options of gathering - Variables systems - Filtering of the signatures Modulate 7 Alarms and signatures - Signatures and alarms of IDS - Process of analysis	Modulate 8 Configuration in real time of the filters on PIX and IOS - Considerations ACL - Configuration of the probes for the filters - Configuration SSH Known Hosts Key Modulate 9 Maintenance of the probes - Pack Service and update of the signatures - Recovery of images - Restoration of the configuration by defect - Parameters of time Modulate 10 The tool of administration IDS MC - Installation of IDS MC on Windows and Solaris - Architectur - Installation of the probes and the groups of probes - Configuration of the probes - Management of the logs - Work Flow Ids MC - Update of IDS MC - Reports/ratios Modulate 11 VMS, monitoring and reports/ratios - Installation - Configuration of Security Monitor - Solutions Cisco to answer the attacks - Presentation of the Viewer Vent - Administration and reports/ratios Modulate 12 Modulate NM-IDS - Presentation Modulate 13 Initialization and configuration of the tasks Module 14 Configuration of the IDSM 2 - Architecture - Initialization of the IDSM - Troubleshooting Modulate 15 Capture of a flow for the detection of intrusion - Configuration of the SPAN, the RSPAN and VACLs for the capture of flow on CatOS and IOS - Use of the order mls IP ids for the capture of flow for Catalyst 6500 Modulate 16 Capture advanced flow for Catalyst 6500