Cisco IPS 7.0: Adapting Traffic Analysis and Response to the Environment
This course is included in our On-demand training solution.
When you need to address a threat that is uniquely specific to your environment, or otherwise do not have an appropriate signature in the default signature set to address a particular threat, you can create custom signatures on the Cisco Intrusion Prevention System (IPS) sensor.
This course describes the methods and configuration procedures that allow you to create custom signatures on a Cisco IPS sensor and examines some methodologies to tune a Cisco IPS sensor to properly manage false positive and negative events.
Anyone wishing to obtain the Cisco Certified Network Professional CCNP Security, Cisco Certified Security Professional CCSP Certification or Cisco IPS Specialist Certification designation. Established IT professionals with a good understanding of networking and Cisco technology, installation, troubleshooting and monitoring of devices used to maintain integrity, confidentiality and availability of data and network devices that Cisco uses in its security infrastructure. Candidates who have completed the Cisco Certified Network Associate Security Certification – Implementing Cisco IOS Network Security (IINS)
Creating Custom Signatures
Using the Custom Signature Wizard
Creating a Basic Custom Signature
Signature Wizard without Specifying a Signature Engine
Create a Custom Layer 4 Stateful String-Match Signature
Configuring Custom Signatures Manually
Creating an Advanced App-Layer Signature
Manually Creating an Advanced App-Layer Signature