This course is a lab-intensive course which introduces you to the basic next-generation intrusion prevention system (NGIPS) and firewall security concepts, and the Cisco Firepower system components and features. The course then leads you through the powerful features of the Cisco Firepower system, in-depth event analysis, NGIPS tuning and configuration, Snort® rules language overview, and the latest platform features including File & Malware inspection, Security Intelligence, Domain Awareness, and more.
The course begins by introducing the system architecture, the latest key features, and the role of policies when implementing the solution. You also learn how to manage deployed devices and perform basic Cisco Firepower discovery before moving on to describe how to use and configure Cisco NGIPS technology, including application control, security intelligence, firewall, and network-based malware and file controls. You also learn to properly tune systems for better performance and greater network intelligence while taking advantage of powerful tools for more efficient event analysis, including file type and network-based malware detection. The course finishes with system and user administration tasks. This course combines lecture materials and hands-on labs throughout to make sure you are able to successfully deploy and manage the Cisco Firepower system.
Technical understanding of TCP/IP networking and network architecture
Basic familiarity with the concepts of intrusion detection systems (IDS) and IPS
This course is designed for technical professionals who need to know how to deploy and manage a Cisco Firepower NGIPS in their network environment. Targeted roles include:
Security administrators
Security consultants
Network administrators
System engineers
Technical support personnel
Channel partners and resellers
Securing Networks with Cisco Firepower Next-Generation IPS (SSFIPS v3.0) Training Delivery Methods
Cisco Authorized course content
Authorized Cisco CCSI instructor
Eligible for Cisco Learning Credit (CLC) redemption
Attend in-class, online or bring the course to your facility
Expansive course catalog to go deeper into Cisco or broaden you skills beyond
Securing Networks with Cisco Firepower Next-Generation IPS (SSFIPS v3.0) Training Course Benefits
Describe the key features and concepts of NGIPS and firewall securityDescribe the Cisco Firepower system components, features, and high-level implementation stepsNavigate the Cisco Firepower Management Center GUI and understand the role of policies when configuring the Cisco Firepower systemDeploy and manage Cisco Firepower managed devicesPerform an initial Cisco Firepower discovery and basic event analysis to identify hosts, applications, and servicesIdentify and create the objects required as prerequisites to implementing access control policiesIdentify the features and functionality of access control policies and the implementation proceduresDescribe the concepts and implementation procedures of security intelligenceDescribe the concepts and implementation procedures of file control and advanced malware protectionUse Cisco Firepower recommendations to implement IPS policiesExplain the use of network analysis policies and the role of preprocessor technology in processing network traffic for NGIPS inspectionDescribe and demonstrate the detailed analysis techniques and reporting features provided by the Cisco Firepower Management CenterDescribe major Cisco Firepower Management Center system administration and user account management features
SSFIPS Course Outline
Outline
Module 1: Security Technology Overview
Module 2: Cisco Firepower System Components and Features
Module 3: Introducing the Cisco Firepower Management Center
Module 4: Deploying Cisco Firepower Managed Devices
Module 5: Cisco Firepower Discovery
Module 6: Access Control Policy Prerequisites
Module 7: Implementing Access Control Policies
Module 9: File Control and Advanced Malware Protection
Module 10: Next-Generation Intrusion Prevention Systems
Module 11: Network Analysis Policies
Module 12: Detailed Analysis Techniques
Lab Outline
Lab 1: Connect to the Lab Environment
Lab 2: Navigate the Cisco Firepower Management Center GUI
Lab 3: Device Management
Lab 4: Cisco Firepower Discovery
Lab 5: Access Control Policy Prerequisites
Lab 6: Implementing an Access Control Policy
Lab 7: Security Intelligence
Lab 8: File Control and Advanced Malware Protection
Lab 9: Implementing NGIPS
Lab 10: Detailed Analysis
Lab 11: System Administration