Cisco Secure Intrusion Detection
Date: 14 April 2011, 10:32
|
Table of Contents COURSE INTRODUCTION 1-1 Overview 1-1 Course Objectives 1-2 Lab Topology Overview 1-8 SECURITY FUNDAMENTALS 2-1 Overview 2-1 Objectives 2-2 Need for Network Security 2-3 Network Security Policy 2-10 The Security Wheel 2-13 Network Attack Taxonomy 2-18 Management Protocols and Functions 2-47 Summary 2-54 INTRUSION DETECTION OVERVIEW 3-1 Overview 3-1 Objectives 3-2 Intrusion Detection Terminology 3-3 Intrusion Detection Technologies 3-14 Host-Based Intrusion Protection 3-18 Network-Based Intrusion Detection Systems 3-20 Intrusion Detection Evasive Techniques 3-23 Summary 3-28 CISCO INTRUSION PROTECTION OVERVIEW 4-1 Overview 4-1 Objectives 4-2 Intrusion Protection 4-3 Network Sensor Platforms 4-7 HIPS Platforms 4-13 Security Management 4-19 Cisco Threat Response 4-25 Cisco IDS Communication Overview 4-32 Deploying Cisco IDS 4-36 Summary 4-41 CAPTURING NETWORK TRAFFIC FOR INTRUSION DETECTION SYSTEMS 5-1 Overview 5-1 Objectives 5-2 Traffic Capture Overview 5-3 Configuring SPAN for Catalyst 2900XL, 3500XL, 2950, and 3550 Traffic Capture 5-14 Configuring SPAN for Catalyst 4000, 4500, and 6500 Traffic Capture 5-18 Configuring RSPAN for Catalyst 4000 and 6500 Traffic Capture 5-22 Configuring VACLs for Catalyst 6500 Traffic Capture 5-32 Using the mls ip ids Command for Catalyst 6500 Traffic Capture 5-45 Advanced Catalyst 6500 Traffic Capturing 5-51 Summary 5-59 CISCO INTRUSION DETECTION SYSTEM ARCHITECTURE 6-1 Overview 6-1 Objectives 6-2 Cisco IDS Software Architecture 6-3 User Accounts and Roles 6-11 Summary 6-14 SENSOR APPLIANCE INSTALLATION 7-1 Overview 7-1 Objectives 7-2 Sensor Appliances 7-3 Sensor Installation 7-14 Sensor Initialization 7-23 Summary 7-29 Lab Exercise—Sensor Appliance Initialization Lab 7-1 INTRUSION DETECTION SYSTEM MODULE CONFIGURATION 8-1 Overview 8-1 Objectives 8-2 Introduction 8-3 Ports and Traffic 8-9 Initialization 8-12 Verifying IDSM2 Status 8-15 Summary 8-17 CISCO IDS COMMAND LINE 9-1 Overview 9-1 Objectives 9-2 Command Line Modes 9-3 Initial Configuration Tasks 9-22 Preventive Maintenance and Troubleshooting 9-34 CISCO INTRUSION DETECTION SYSTEM DEVICE MANAGER AND EVENT VIEWER 10-1 Overview 10-1 Objectives 10-3 IDS Device Manager Overview 10-4 IDS Event Viewer Overview 10-9 IDS Event Viewer Installation 10-11 IDS Event Viewer Views 10-15 Network Security Database 10-27 IDS Event Viewer Filters 10-32 IDS Event Viewer Database Administration 10-41 IDS Event Viewer Configuration 10-44 Summary 10-48 Lab Exercise—Cisco IDS Event Viewer Lab 10-1 ENTERPRISE INTRUSION DETECTION SYSTEM MANAGEMENT 11-1 Overview 11-1 Objectives 11-2 Introduction 11-3 Windows Installation 11-5 Solaris Installation 11-13 Architecture 11-19 Getting Started 11-23 IDS MC Workflow 11-29 Summary 11-35 Lab Exercise—Enterprise Intrusion Detection System Management Lab 11-1 SENSOR CONFIGURATION 12-1 Overview 12-1 Objectives 12-2 Sensors and Sensor Groups 12-3 Communications 12-14 Logging 12-17 Summary 12-22 Lab Exercise—Sensor Configuration Lab 12-1 CISCO INTRUSION DETECTION SYSTEM ALARMS AND SIGNATURES 13-1 Overview 13-1 Objectives 13-3 Cisco IDS Signatures 13-4 Cisco IDS Alarms 13-11 Cisco IDS Signature Engines 13-13 Atomic Signature Engines 13-29 Flood Signature Engines 13-37 Service Signature Engines 13-41 State Signature Engines 13-56 String Signature Engines 13-61 Sweep Signature Engines 13-63 Miscellaneous Signature Engines 13-72 Signature Engine Selection 13-76 Summary 13-83 SENSING CONFIGURATION 14-1 Overview 14-1 Objectives 14-2 Global Sensing Configuration 14-3 Signature Configuration 14-6 Signature Filtering 14-18 Signature Tuning 14-26 Custom Signatures 14-30 Summary 14-39 Lab Exercise—Sensing Configuration Lab 14-1 BLOCKING CONFIGURATION 15-1 Overview 15-1 Objectives 15-2 Introduction 15-3 ACL Considerations 15-13 Blocking Sensor Configuration 15-17 Master Blocking Sensor Configuration 15-29 Summary 15-34 Lab Exercise—Blocking Configuration Lab 15-1 ENTERPRISE INTRUSION DETECTION SYSTEM MONITORING AND REPORTING 16-1 Overview 16-1 Objectives 16-3 Introduction 16-4 Installation 16-6 Getting Started 16-14 Security Monitor Configuration 16-20 Security Monitor Event Viewer 16-42 Administration and Reporting 16-56 Summary 16-71 Lab Exercise—Enterprise IDS Monitoring and Reporting Lab 16-1 CISCO INTRUSION DETECTION SYSTEM MAINTENANCE 17-1 Overview 17-1 Objectives 17-2 Software Updates 17-3 Sensor Maintenance 17-6 Summary 17-18 Lab Exercise—Cisco IDS System Maintenance Lab 17-1 PassWord: www.url.com
|
DISCLAIMER:
This site does not store Cisco Secure Intrusion Detection on its server. We only index and link to Cisco Secure Intrusion Detection provided by other sites. Please contact the content providers to delete Cisco Secure Intrusion Detection if any and email us, we'll remove relevant links or contents immediately.