SSFIPS - Securing Networks with Cisco Firepower Next-Generation IPS
Introdução
The Securing Networks with Cisco Firepower Next-Generation IPS (SSFIPS) v4.0 course shows you how to deploy and use Cisco Firepower Next-Generation Intrusion Prevention System (NGIPS).
This hands-on course gives you the knowledge and skills to use the platform features:
• Firewall security concepts, platform architecture and key features
• In-depth event analysis including detection of network-based malware and file type, NGIPS tuning and configuration including application control, security intelligence, firewall, and network-based malware and file controls;
• Snort rules language; file and malware inspection, security intelligence, and network analysis policy configuration designed to detect traffic patterns;
• Configuration and deployment of correlation policies to take action based on events detected; troubleshooting; system and user administration tasks, and more.
This course helps you prepare to take the exam, Securing Networks with Cisco Firepower (300-710 SNCF), which leads to CCNP Security and Cisco Certified Specialist – Network Security Firepower certifications.
The 300-710 SNCF exam has a second preparation course as well, Securing Networks with Cisco Firepower Next Generation Firewall (SSNGFW). You can take these courses in any order.
This hands-on course gives you the knowledge and skills to use the platform features:
• Firewall security concepts, platform architecture and key features
• In-depth event analysis including detection of network-based malware and file type, NGIPS tuning and configuration including application control, security intelligence, firewall, and network-based malware and file controls;
• Snort rules language; file and malware inspection, security intelligence, and network analysis policy configuration designed to detect traffic patterns;
• Configuration and deployment of correlation policies to take action based on events detected; troubleshooting; system and user administration tasks, and more.
This course helps you prepare to take the exam, Securing Networks with Cisco Firepower (300-710 SNCF), which leads to CCNP Security and Cisco Certified Specialist – Network Security Firepower certifications.
The 300-710 SNCF exam has a second preparation course as well, Securing Networks with Cisco Firepower Next Generation Firewall (SSNGFW). You can take these courses in any order.
Calendário
Próximas Datas
| Data | ||
| Solicitar mais informaçõess | ||
Baixar PDF
Carga Horária:
40 horas
Investimento:
Preço sob consulta
Solicitar Cotação
Formatos de Entrega
Público Alvo
This course is designed for technical professionals who need to know how to deploy and manage a Cisco Firepower NGIPS in their network environment.
Objetivo
After taking this course, you should be able to:
• Describe the components of Cisco Firepower Threat Defense and the managed device registration process Detail Next-Generation Firewalls (NGFW) traffic control and configure the Cisco Firepower system for network discovery;
• Implement access control policies and describe access control policy advanced features Configure security intelligences features and the Advanced Malware Protection (AMP) for Networks implementation procedure for file control and advanced malware protection;
• Implement and manage intrusion and network analysis policies for NGIPS inspection
Describe and demonstrate the detailed analysis techniques and reporting features provided by the Cisco Firepower Management Center;
• Integrate the Cisco Firepower Management Center with an external logging destination;
• Describe and demonstrate the external alerting options available to Cisco Firepower Management Center and configure a correlation policy;
• Describe key Cisco Firepower Management Center software update and user account management features;
• Identify commonly misconfigured settings within the Cisco Firepower Management Center and use basic commands to troubleshoot a Cisco Firepower Threat Defense device.
• Describe the components of Cisco Firepower Threat Defense and the managed device registration process Detail Next-Generation Firewalls (NGFW) traffic control and configure the Cisco Firepower system for network discovery;
• Implement access control policies and describe access control policy advanced features Configure security intelligences features and the Advanced Malware Protection (AMP) for Networks implementation procedure for file control and advanced malware protection;
• Implement and manage intrusion and network analysis policies for NGIPS inspection
Describe and demonstrate the detailed analysis techniques and reporting features provided by the Cisco Firepower Management Center;
• Integrate the Cisco Firepower Management Center with an external logging destination;
• Describe and demonstrate the external alerting options available to Cisco Firepower Management Center and configure a correlation policy;
• Describe key Cisco Firepower Management Center software update and user account management features;
• Identify commonly misconfigured settings within the Cisco Firepower Management Center and use basic commands to troubleshoot a Cisco Firepower Threat Defense device.
Pré Requisitos
To fully benefit from this course, you should have the following knowledge and skills:
• Technical understanding of TCP/IP networking and network architecture.
• Basic familiarity with the concepts of Intrusion Detection Systems (IDS) and IPS.
• Technical understanding of TCP/IP networking and network architecture.
• Basic familiarity with the concepts of Intrusion Detection Systems (IDS) and IPS.
Conteúdo Programatico
Course Introduction
Course Outline
Course Goals
Cisco Firepower Threat Defense Overview
Examining Firewall & IPS Technologyu
Cisco FTD Features & Components
Examining Firepower Platforms
Examining Cisco FTD Licensing
Cisco Firepower Implementation Use Cases
Cisco Firepower NGFW Device Configuration
Firepower FTD Registration
FXOS & Firepower Device Manager (FDM)
Managing NGFW Devices
Examining Firepower Management Center (FMC)
Examining System Configuration & Health Monitoring
Cisco Firepower NGFW Traffic Control
Cisco FTD Packet Processing
Bypassing Traffic
Cisco Firepower Discovery
Configuring Firepower Network Discovery
Interpreting Host Profile Information
Examining User Identity Information
Implementing Access Control Policies
Examining Access Control Policies (ACP)
Examining ACP Rules & Default Action
Introducing Further Inspection
Examing Connection Events
ACP (Access Control Policy) Advanced Settings
ACP (Access Control Policy) Considerations
Security Intelligence
Examining Security Intelligence
Examing Security Intelligence Objects
Security Intelligence Deployment & Logging
File Control and Advanced Malware Protection
Examining Malware & File Policy
Examining Advanced Malware Protection
Next-Generation Intrusion Prevention Systems
Examining Variables & Variables Sets
Examining Intrusion Policies
Creating Intrusion Policies
Managing Intrusion Policies
Network Analysis Policies
Examining Preprocessor Technologies
Examining Netowrk Analysis Policies
Examining Adaptive Profiles
Detailed Analysis Techniques
Examining Events Analysis
Examining Event Types
Examining Contextual Data
Examining Analysis Tools
Tuning IPS Using Intrusion Events
Cisco Firepower Platform Integration
Examining Cisco Threat Intelligence Director
Examining Integration with ISE (Identity Services Engine)
Configuring Firepower Integration with Splunk
Alerting and Correlation Policies
Examining External Auditing Alerting
Configuring Correlation Policies
System Administration
Manual Updates
Examining User Account Management Features
Configuring User Accounts
Cisco Firepower Troubleshooting
Examining Common Misconfigurations
Examining Troubleshooting Commands
Examining Packet Capture
Lab Outline
Lab 1: Initial Device Setup
Lab 2: Device Management
Lab 3: Configuring Network Discovery
Lab 4: Implementing and Access Control Policy
Lab 5: Implementing Security Intelligence
Lab 6: File Control and Advanced Malware Protection
Lab 7: Implementing NGIPS
Lab 8: Customizing a Network Analysis Policy
Lab 9: Detailed Analysis
Lan 11: Configuring Cisco Firepower Platform Integration with Splunk
Lab 12: Configuring Alerting and Event Correlation
Lab 13: System Administration
Lab 14: Cisco Firepower Troubleshooting
Course Outline
Course Goals
Cisco Firepower Threat Defense Overview
Examining Firewall & IPS Technologyu
Cisco FTD Features & Components
Examining Firepower Platforms
Examining Cisco FTD Licensing
Cisco Firepower Implementation Use Cases
Cisco Firepower NGFW Device Configuration
Firepower FTD Registration
FXOS & Firepower Device Manager (FDM)
Managing NGFW Devices
Examining Firepower Management Center (FMC)
Examining System Configuration & Health Monitoring
Cisco Firepower NGFW Traffic Control
Cisco FTD Packet Processing
Bypassing Traffic
Cisco Firepower Discovery
Configuring Firepower Network Discovery
Interpreting Host Profile Information
Examining User Identity Information
Implementing Access Control Policies
Examining Access Control Policies (ACP)
Examining ACP Rules & Default Action
Introducing Further Inspection
Examing Connection Events
ACP (Access Control Policy) Advanced Settings
ACP (Access Control Policy) Considerations
Security Intelligence
Examining Security Intelligence
Examing Security Intelligence Objects
Security Intelligence Deployment & Logging
File Control and Advanced Malware Protection
Examining Malware & File Policy
Examining Advanced Malware Protection
Next-Generation Intrusion Prevention Systems
Examining Variables & Variables Sets
Examining Intrusion Policies
Creating Intrusion Policies
Managing Intrusion Policies
Network Analysis Policies
Examining Preprocessor Technologies
Examining Netowrk Analysis Policies
Examining Adaptive Profiles
Detailed Analysis Techniques
Examining Events Analysis
Examining Event Types
Examining Contextual Data
Examining Analysis Tools
Tuning IPS Using Intrusion Events
Cisco Firepower Platform Integration
Examining Cisco Threat Intelligence Director
Examining Integration with ISE (Identity Services Engine)
Configuring Firepower Integration with Splunk
Alerting and Correlation Policies
Examining External Auditing Alerting
Configuring Correlation Policies
System Administration
Manual Updates
Examining User Account Management Features
Configuring User Accounts
Cisco Firepower Troubleshooting
Examining Common Misconfigurations
Examining Troubleshooting Commands
Examining Packet Capture
Lab Outline
Lab 1: Initial Device Setup
Lab 2: Device Management
Lab 3: Configuring Network Discovery
Lab 4: Implementing and Access Control Policy
Lab 5: Implementing Security Intelligence
Lab 6: File Control and Advanced Malware Protection
Lab 7: Implementing NGIPS
Lab 8: Customizing a Network Analysis Policy
Lab 9: Detailed Analysis
Lan 11: Configuring Cisco Firepower Platform Integration with Splunk
Lab 12: Configuring Alerting and Event Correlation
Lab 13: System Administration
Lab 14: Cisco Firepower Troubleshooting