Vendor: Cisco
Mode: Classroom or Virtual Classroom with Instructor
Level: Professional
Exam: NA
Exam at your place: NA
Duration: 4 days
Language: German, French, Italian, English

SKU: SSFSNORT-ILT Categories: , ,

Course Price

CHF 3'500.00

(excl. VAT)

Discount available for multiple students and dedicated classes.

Course Schedule
Ask for more dates, other languages or a different delivery mode as needed and we will do our best to meet your needs.
LanguageModeStart Date
GermanVirtual Class or ClassroomOn request
FrenchVirtual Class or ClassroomOn request
ItalianVirtual Class or ClassroomOn request
EnglishVirtual Class or ClassroomOn request

What you’ll learn

The Securing Cisco Networks with Open Source Snort (SSFSNORT) course guides participants in deploying Snort® across a range of scales, from small setups to enterprise-level implementations. The course covers the installation, configuration, and operation of Snort in both Intrusion Detection System (IDS) and Intrusion Prevention System (IPS) modes. Participants will gain hands-on experience with tasks such as installing and configuring Snort, employing supplementary software tools, defining rules to enhance the Snort environment, and more.

Who should enroll

  • Security administrators
  • Security consultants
  • Network administrators
  • System engineers
  • Technical support personnel
  • Channel partners and resellers

Technology areas

  • Security
  • Cyber Operations

Training overview


After taking this course, you should be able to:

  • Define the use and placement IDS/IPS components.
  • Identify Snort features and requirements.
  • Compile and install Snort.
  • Define and use different modes of Snort.
  • Install and utilize Snort supporting software.


To fully benefit from this course, you should have the following knowledge and skills:

  • Technical understanding of TCP/IP networking and network architecture
  • Basic familiarity with firewall and IPS concepts

This is the recommended Cisco course that may help you meet these prerequisites:


  • Detecting Intrusions with Snort 3.0
    • History of Snort
    • IDS
    • IPS
    • IDS vs. IPS
    • Examining Attack Vectors
    • Application vs. Service Recognition
  • Sniffing the Network
    • Protocol Analyzers
    • Configuring Global Preferences
    • Capture and Display Filters
    • Capturing Packets
    • Decrypting Secure Sockets Layer (SSL) Encrypted Packets
  • Architecting Nextgen Detection
    • Snort 3.0 Design
    • Modular Design Support
    • Plug Holes with Plugins
    • Process Packets
    • Detect Interesting Traffic with Rules
    • Output Data
  • Choosing a Snort Platform
    • Provisioning and Placing Snort
    • Installing Snort on Linux
  • Operating Snort 3.0
    • Topic 1: Start Snort
    • Monitor the System for Intrusion Attempts
    • Define Traffic to Monitor
    • Log Intrusion Attempts
    • Actions to Take When Snort Detects an Intrusion Attempt
    • License Snort and Subscriptions
  • Examining Snort 3.0 Configuration
    • Introducing Key Features
    • Configure Sensors
    • Lua Configuration Wizard
  • Managing Snort
    • Pulled Pork
    • Barnyard2
    • Elasticsearch, Logstash, and Kibana (ELK)
  • Analyzing Rule Syntax and Usage
    • Anatomy of Snort Rules
    • Understand Rule Headers
    • Apply Rule Options
    • Shared Object Rules
    • Optimize Rules
    • Analyze Statistics
  • Use Distributed Snort 3.0
    • Design a Distributed Snort System
    • Sensor Placement
    • Sensor Hardware Requirements
    • Necessary Software
    • Snort Configuration
    • Monitor with Snort
  • Examining Lua
    • Introduction to Lua
    • Get Started with Lua

Lab outline

  • Capture and Analyze Packets
  • Initiate the Snort Installation
  • Complete an Installation of Snort
  • Configure and Run Snort
  • Tweak the Installation
  • Rapid Deployment with Lua
  • Integrate Snort Optimizers
  • Analyze Rule Syntax
  • Hello World Lua Style

Information request
Please enable JavaScript in your browser to complete this form.
Your Name
How did you find us?
This site uses cookies to offer you a better browsing experience. By browsing this website, you agree to our use of cookies.