1 © 2005 Cisco Systems, Inc. All rights reserved. Implementing Intrusion Prevention Systems.

Презентация:



Advertisements
Похожие презентации
© 2001, Cisco Systems, Inc. CSIDS Cisco Secure Intrusion Detection System 2.0.
Advertisements

1 © 2005 Cisco Systems, Inc. All rights reserved. Implementing Intrusion Prevention Systems.
1 © 2005 Cisco Systems, Inc. All rights reserved. IP Telephony Express 2.0 Instructor Name.
© 2004, Cisco Systems, Inc. All rights reserved. CSIDS Cisco Secure Intrusion Detection System 4.1.
© 2003, Cisco Systems, Inc. All rights reserved. CSVPN Cisco Secure Virtual Private Networks 4.0.
© 2005 Cisco Systems, Inc. All rights reserved. CVOICE v5.01 Cisco Voice over IP (CVOICE) Version 5.0.
© 2003, Cisco Systems, Inc. All rights reserved. CSPFA Cisco Secure PIX Firewall Advanced 3.1.
© 2004, Cisco Systems, Inc. All rights reserved. CSPFA Cisco Secure PIX Firewall Advanced 3.2.
© 1999, Cisco Systems, Inc. 1-1 Chapter 1 Introduction.
© 2004, Cisco Systems, Inc. All rights reserved. CSIDS Lesson 12 Cisco Intrusion Detection System Maintenance.
© 2006 Cisco Systems, Inc. All rights reserved. SND v2.01 Securing Cisco Network Devices (SND) v2.0.
1 © 2005 Cisco Systems, Inc. All rights reserved. Cisco SAFE Implementation Version 2.1.
© 2004, Cisco Systems, Inc. All rights reserved. CSIDS Course Agenda Day 1 Lesson 1Course Introduction Lesson 2Network Security and Cisco Lesson.
© 2006 Cisco Systems, Inc. All rights reserved. BCMSN v3.01 Building Cisco Multilayer Switched Networks (BCMSN) v3.0.
© 2000, Cisco Systems, Inc. CSPFF 1.11Intro-1 Introduction.
© 2007 Cisco Systems, Inc. All rights reserved. Securing Networks with Cisco Routers and Switches (SNRS) v2.0 SNRS v2.01.
© 2007 Cisco Systems, Inc. All rights reserved.SNRS v2.01 Development Topology rlclass swclass RMT RBB RTS SBB – Backbone switch Super Server Multi-VLAN.
© 2004, Cisco Systems, Inc. All rights reserved. CSIDS Lesson 7 Using the Intrusion Detection System Device Manager to Configure the Sensor.
© 2006 Cisco Systems, Inc. All rights reserved. IP6FD v2.01 IPv6 Fundamentals, Design & Deployment.
© 2006 Cisco Systems, Inc. All rights reserved.ISCW v1.01 Course Lab Guide.
Транксрипт:

1 © 2005 Cisco Systems, Inc. All rights reserved. Implementing Intrusion Prevention Systems

© 2005 Cisco Systems, Inc. All rights reserved. Course Introduction IPS 5.02

© 2005 Cisco Systems, Inc. All rights reserved. IPS v5.03 Course Objectives Upon completion of this course, you will be able to meet these objectives: Explain how Cisco IPS protects network devices from attacks Install a sensor appliance in the network and initialize it Use the sensor CLI to perform basic sensor configuration Describe the management and monitoring capabilities of the IPS Device Manager Use the IDM to configure the sensors communication parameters

© 2005 Cisco Systems, Inc. All rights reserved. IPS v5.04 Course Objectives (Cont.) Use the IDM to configure allowed hosts Use the IDM to set the sensors time Use the IDM to create user accounts Use the IDM to configure sensor interfaces and interface pairs Use the IDM to configure software bypass mode Describe the functions of Signature Engines and their parameters Use the IDM to tune and create signatures to meet the requirements of a given security policy

© 2005 Cisco Systems, Inc. All rights reserved. IPS v5.05 Course Objectives (Cont.) Use the IDM to tune the sensor to work optimally in a network Explain blocking concepts Use the IDM to configure blocking for a given scenario Install the NM-CIDS in a router and initialize it Configure communications between the router and the NM-CIDS and initialize the NM-CIDS Install an IDSM 2 in a Cisco Catalyst 6500 switch and initialize it

© 2005 Cisco Systems, Inc. All rights reserved. IPS v5.06 Course Objectives (Cont.) Use the IDM to upgrade the sensor image Use the IDM to install signature and service pack updates Use the IDM to configure automatic software updates Recover the sensor image Use the CLI to back up and restore a sensor configuration Use the CLI and the IDM to monitor the sensor Use preventive maintenance and general troubleshooting commands

© 2005 Cisco Systems, Inc. All rights reserved. IPS v5.07 Course Flow Diagram Course Introduction Defining Security Fundamentals Explaining Intrusion Prevention Getting Started with the IPS Command- Line Interface Using IPS Device Manager Lunch AMAM PMPM Day 1Day 2Day 3Day 4Day 5 Describing Signature Engines (Cont.) Configuring Signatures Working with Signatures and Alerts Describing Signature Engines Configuring Signatures (Cont.) Tuning the Sensor Configuring Blocking Maintaining the Sensor Configuring the Sensor Installing and Maintaining the NM-CIDS Maintaining the Sensor (Cont.) Monitoring the Sensor Installing and Maintaining the IDSM-2

© 2005 Cisco Systems, Inc. All rights reserved. IPS v5.08 Participant Responsibilities Student responsibilities: Complete prerequisites Participate in lab exercises Ask questions Provide feedback

© 2005 Cisco Systems, Inc. All rights reserved. IPS v5.09 General Administration Class-related: Sign-in sheet Length and times Break and lunch room locations Attire Facilities-related: Participant materials Site emergency procedures Restrooms Telephones and faxes

© 2005 Cisco Systems, Inc. All rights reserved. IPS v5.010 Graphic Symbols IOS Router PIX Firewall IPS Sensor Management System Laptop Server Web, FTP, etc. Ethernet Link VPN Tunnel Hub Network Cloud Workgroup Switch IDSM-2Multilayer Switch NM-CIDS

© 2005 Cisco Systems, Inc. All rights reserved. IPS v5.011 Participant Introductions Your name Your company Prerequisite skills Brief history Objective

© 2005 Cisco Systems, Inc. All rights reserved. IPS v5.012 Lab Visual Objective Q Q Web FTP RBB Q P.0.4 sensorQ Student PC 10.0.Q.12 RTS sensorP Student PC 10.0.P.12 RTS P.0 router e0/0 e0/1 e0/0 e0/1 e0/0 e0/1 e0/ P.0 prQ nm-cidsQ prP nm-cidsP

Q and A © 2005 Cisco Systems, Inc. All rights reserved. IPS v5.013