{"course":{"productid":7920,"modality":1,"active":true,"language":"en","title":"Securing Cisco Networks with Snort Rule Writing Best Practices","productcode":"SSFRULES","vendorcode":"CI","vendorname":"Cisco","fullproductcode":"CI-SSFRULES","courseware":{"has_ekit":true,"has_printkit":false,"language":"en"},"url":"https:\/\/portal.flane.ch\/course\/cisco-ssfrules","objective":"<p>After taking this course, you should be able to:<\/p>\n<ul>\n<li>Describe the Snort rule development process<\/li><li>Describe the Snort basic rule syntax and usage<\/li><li>Describe how traffic is processed by Snort<\/li><li>Describe several advanced rule options used by Snort<\/li><li>Describe OpenAppID features and functionality<\/li><li>Describe how to monitor the performance of Snort and how to tune rules<\/li><\/ul>","essentials":"<p>To fully benefit from this course, you should have:<\/p>\n<ul>\n<li>Basic understanding of networking and network protocols<\/li><li>Basic knowledge of Linux command-line utilities<\/li><li>Basic knowledge of text editing utilities commonly found in Linux<\/li><li>Basic knowledge of network security concepts<\/li><li>Basic knowledge of a Snort-based IDS\/IPS system<\/li><\/ul>","audience":"<p>This course is for technical professionals to gain skills in writing rules for Snort-based intrusion detection systems (IDS) and intrusion prevention systems (IPS). The primary audience includes:<\/p>\n<ul>\n<li>Security administrators<\/li><li>Security consultants<\/li><li>Network administrators<\/li><li>System engineers<\/li><li>Technical support personnel using open source IDS and IPS<\/li><li>Channel partners and resellers<\/li><\/ul>","outline":"<ul>\n<li>Introduction to Snort Rule Development<\/li><li>Snort Rule Syntax and Usage<\/li><li>Traffic Flow Through Snort Rules<\/li><li>Advanced Rule Options<\/li><li>OpenAppID Detection<\/li><li>Tuning Snort<\/li><\/ul>","summary":"<p>The Securing Cisco Networks with Snort Rule Writing Best Practices (SSFRules) v2.1 course shows you how to write rules for Snort, an open-source intrusion detection and prevention system. Through a combination of expert-instruction and hands-on practice, this course provides you with the knowledge and skills to develop and test custom rules, standard and advanced rules-writing techniques, how to integrate OpenAppID into rules, rules filtering, rules tuning, and more. The hands-on labs give you practice in creating and testing Snort rules.<\/p>\n<p>This course will help you:<\/p>\n<ul>\n<li>Gain an understanding of characteristics of a typical Snort rule development environment<\/li><li>Gain hands-on practices on creating rules for Snort<\/li><li>Gain knowledge in Snort rule development, Snort rule language, standard and advanced rule options<\/li><\/ul>","objective_plain":"After taking this course, you should be able to:\n\n\n- Describe the Snort rule development process\n- Describe the Snort basic rule syntax and usage\n- Describe how traffic is processed by Snort\n- Describe several advanced rule options used by Snort\n- Describe OpenAppID features and functionality\n- Describe how to monitor the performance of Snort and how to tune rules","essentials_plain":"To fully benefit from this course, you should have:\n\n\n- Basic understanding of networking and network protocols\n- Basic knowledge of Linux command-line utilities\n- Basic knowledge of text editing utilities commonly found in Linux\n- Basic knowledge of network security concepts\n- Basic knowledge of a Snort-based IDS\/IPS system","audience_plain":"This course is for technical professionals to gain skills in writing rules for Snort-based intrusion detection systems (IDS) and intrusion prevention systems (IPS). The primary audience includes:\n\n\n- Security administrators\n- Security consultants\n- Network administrators\n- System engineers\n- Technical support personnel using open source IDS and IPS\n- Channel partners and resellers","outline_plain":"- Introduction to Snort Rule Development\n- Snort Rule Syntax and Usage\n- Traffic Flow Through Snort Rules\n- Advanced Rule Options\n- OpenAppID Detection\n- Tuning Snort","summary_plain":"The Securing Cisco Networks with Snort Rule Writing Best Practices (SSFRules) v2.1 course shows you how to write rules for Snort, an open-source intrusion detection and prevention system. Through a combination of expert-instruction and hands-on practice, this course provides you with the knowledge and skills to develop and test custom rules, standard and advanced rules-writing techniques, how to integrate OpenAppID into rules, rules filtering, rules tuning, and more. The hands-on labs give you practice in creating and testing Snort rules.\n\nThis course will help you:\n\n\n- Gain an understanding of characteristics of a typical Snort rule development environment\n- Gain hands-on practices on creating rules for Snort\n- Gain knowledge in Snort rule development, Snort rule language, standard and advanced rule options","skill_level":"Expert","version":"2.1","duration":{"unit":"d","value":3,"formatted":"3 days"},"pricelist":{"List Price":{"PL":{"country":"PL","currency":"EUR","taxrate":23,"price":2000},"CR":{"country":"CR","currency":"USD","taxrate":13,"price":2995},"PA":{"country":"PA","currency":"USD","taxrate":7,"price":2995},"CL":{"country":"CL","currency":"USD","taxrate":19,"price":2995},"AR":{"country":"AR","currency":"USD","taxrate":21,"price":2995},"CO":{"country":"CO","currency":"USD","taxrate":16,"price":2995},"PE":{"country":"PE","currency":"USD","taxrate":null,"price":2995},"MX":{"country":"MX","currency":"USD","taxrate":null,"price":2995},"BR":{"country":"BR","currency":"USD","taxrate":null,"price":2995},"P3":{"country":"P3","currency":"USD","taxrate":null,"price":2995},"IT":{"country":"IT","currency":"EUR","taxrate":20,"price":2490},"RU":{"country":"RU","currency":"RUB","taxrate":18,"price":255000},"US":{"country":"US","currency":"USD","taxrate":null,"price":2800},"GB":{"country":"GB","currency":"GBP","taxrate":20,"price":2410},"GR":{"country":"GR","currency":"EUR","taxrate":null,"price":1575},"MK":{"country":"MK","currency":"EUR","taxrate":null,"price":1575},"HU":{"country":"HU","currency":"EUR","taxrate":20,"price":1575},"FR":{"country":"FR","currency":"EUR","taxrate":19.6,"price":2670},"SG":{"country":"SG","currency":"USD","taxrate":8,"price":2240},"IN":{"country":"IN","currency":"USD","taxrate":12.36,"price":1680},"DE":{"country":"DE","currency":"EUR","taxrate":19,"price":3595},"SE":{"country":"SE","currency":"EUR","taxrate":25,"price":3595},"CH":{"country":"CH","currency":"CHF","taxrate":8.1,"price":3600},"CA":{"country":"CA","currency":"CAD","taxrate":null,"price":3865},"AT":{"country":"AT","currency":"EUR","taxrate":20,"price":3595}}},"lastchanged":"2026-02-17T12:46:24+01:00","parenturl":"https:\/\/portal.flane.ch\/swisscom\/en\/json-courses","nexturl_course_schedule":"https:\/\/portal.flane.ch\/swisscom\/en\/json-course-schedule\/7920","source_lang":"en","source":"https:\/\/portal.flane.ch\/swisscom\/en\/json-course\/cisco-ssfrules"}}