Cisco IPS 7.0: Implementing Cisco Unity Express in CUCM Express Environment
This course is included in our On-demand training solution.
After you have configured the sensing interfaces of a Cisco Intrusion Prevention System (IPS) sensor, you will need to attach them to the sensor analysis engine, and optionally tune basic, low-level analysis options that apply to inspected traffic.
In this course, you will learn about virtual sensors and their session tracking modes, traffic sources and analysis engine settings, inline normalization and promiscuous mode reassembly options, IP version 6 (IPv6) support and how to configure the bypass feature. This course also introduces the configuration of the built-in signatures in the Cisco Intrusion Prevention System (IPS) sensor products.
You will be able to find individual signatures and classes of signatures, and perform basic signature-related configuration actions. You will also learn how to configure the actions that you would like the sensor to take, and configure the two configuration mechanisms that allow you to scalably change responses for a large number of signatures.
Anyone wishing to obtain the Cisco Certified Network Professional CCNP Security, Cisco Certified Security Professional CCSP Certification or Cisco IPS Specialist Certification designation. Established IT professionals with a good understanding of networking and Cisco technology, installation, troubleshooting and monitoring of devices used to maintain integrity, confidentiality and availability of data and network devices that Cisco uses in its security infrastructure. Candidates who have completed the Cisco Certified Network Associate Security Certification – Implementing Cisco IOS Network Security (IINS)
Default Virtual Sensor and Inline Traffic Normalization
IPS Traffic Reassembly and TCP Session Tracking
Cisco IPS IPv6 Support and Sensor Bypass
Assign Sensing Interfaces to the Default Virtual
Cisco IPS Signatures
Configuring Basic Signature Properties
Configuring Signature Actions
Configuring Remote Blocking
Configuring Packet Capture and IP Logging
Understanding Threat and Risk Rating
Event Action Overrides and Event Action Filters
Manual Configuration to Select Signature Responses
Action Strategies and Alerts in IPS Event Logs