|
Course Description
Course Objectives
Intended Audience
Course Outline & Labs

|
|
Implementing Cisco Intrusion Prevention System v5.0 (IPS) - 5-day Course
Course
Description
In this enhanced 5-day course, you will gain the skills required to deploy Cisco's recently updated version 5.0 network-based intrusion prevention system. New features added to version 5.0 include in-line protection, meta-event generation, and the application firewall.
The course introduces you to Cisco IDS detection platforms including the 4200 Series Sensors, the Catalyst 6000 Series Intrusion Detection Module 2 (IDSM2), and the IDS Network Module (NM-CIDS). The command line and the IPS Device Manager GUI are used to configure the sensor.
Course Objectives
After completing this course, the student should be able to:
- Describe the basic intrusion prevention terminology
- Explain the different intrusion prevention technologies and evasive techniques
- Design a Cisco IPS solution for small, medium, and enterprise customers
- Identify the Cisco IPS Sensor platforms and describe their features
- Install and configure a Cisco IPS Sensor
- Tune Cisco IPS signatures to work optimally in unique network environments
- Create and implement customized intrusion prevention signatures
- Create alarm filters to reduce alarms and possible false positives
- Configure IPS protective reactions such as TCP reset and deny attacker inline
- Configure a Cisco IPS Sensor to perform blocking on IOS routers and PIX firewalls
- Perform maintenance operations such as signature updates and software upgrades
Intended Audience
Internetwork professionals who want to ensure security on their network or who seek Cisco certification.

Course
Outline
- Defining Security Fundamentals
- Explaining Intrusion Prevention
- Getting Started with the IPS Command-Line Interface
- Using IPS Device Manager
- Configuring the Sensor
- Working with Signatures and Alerts
- Describing Signature Engines
- Configuring Signatures
- Tuning the Sensor
- Configuring Blocking
- Maintaining the Sensor
- Monitoring the Sensor
- Installing and Maintaining the NM-CIDS
- Installing and Maintaining the IDSM-2
Course Labs
- Lab 1: Remote Lab Environment
- Lab 2: Initialize the Sensor
- Lab 3: The IPS Command Line
- Lab 4: Introduction to IDM
- Lab 5: Configuring the Sensor
- Lab 6: Working with Signatures
- Lab 7: Study Built-In Signatures Lab
- Lab 8: Signature Configuration
- Lab 9: Sensor Tuning
- Lab 10: Blocking
- Lab 11: Sensor Maintenance
- Lab 12: Monitoring the Sensor

|