Sourcefire®  System  v5  Course  Description  

Instructor-­‐led  4-­‐Day  Training  This  4-­‐day  course  covers  the  powerful  features  of  the  Sourcefire  System,  including  FireSIGHT®  technology,  in-­‐depth  event  analysis,  IPS  tuning  and  configuration,  and  the  IPS  rules   language.  Learn  how  to  use  and  configure  next-­‐generation  Sourcefire  technology  including  application  control,  firewall  and  routing/switching  capabilities.  Users  will  also  learn  to  properly  tune  their  system  for  better  performance  and  greater  network  intelligence  while  leveraging  the  powerful  tools  for  more  efficient  event  analysis  including  file  type  and  network-­‐based  malware  detection.      

Course  Outline:  •   UI  and  administrative  features  overview  •   Device  Mgmt.  -­‐  Configuration,  NGFW  features  and  routing/switching    •   System  Policy  •   File-­‐type  and  network-­‐based  malware  detection  •   Object  Management  and  Access  Control  policy  configuration  •   FireSIGHT  technology  including  network  awareness  and  user  awareness  •   Reporting  •   IPS  Policy  Basics    •   Correlation  policy,  white  lists,  and  host  attributes  •   Advanced  IPS  Policy  Configuration  •   Event  analysis,  connection  data  analysis  and  network  profiling  •   IPS  rule  language  syntax  and  usage  •   SF  System  customization  –  Workflows,  Dashboard  Widgets  •   Case  studies  in  rule  writing  techniques  and  event  analysis  

Included  with  Course:  •   Courseware  Book  •   Bundle  Study  Guide  +  Exam  (Optional)    •   Hands  on  Labs  •   Live  instructor  •   120  day  online  SF  Admin  On-­‐Demand  access  •   120  day  Network  AMP  On-­‐Demand  access  •   Guarantees  

   

   

Delivery  Methods      

Sourcefire  System  v5  

 

Delivery  Methods    The  Sourcefire  System  v5  class  is  available  in  4  delivery  methods.  

Classroom  Instructor-­‐led  This  4-­‐day  Classroom  Instructor-­‐led  course  is  offered  at  training  facilities  worldwide.  View  Schedule.    This  course  includes:  a  courseware  book,  an  optional  study  guide  and  exam,  hands  on  labs  taught  by  the  instructor,  the  Sourcefire  Guarantees  and  120  days  of  access  to  SF  System  Admin  and  Network  AMP  On-­‐Demand.  

Virtual  Live  Instructor-­‐led  Save  money   and   time  by   getting   the   same   Sourcefire   quality   training   in   your   home  or   office.     Sourcefire   uses   a   variety   of   technologies   to   ensure  our  students  have  a  positive  and   interactive   training  experience.    Virtual   Live   Instructor-­‐led  classes   include:   courseware  book,  an  optional   study  guide  and  exam  and  hands  on  labs  taught  by  a  live  instructor.  The  Virtual  Live  instructor–led  class  is  1-­‐day.  

On-­‐Demand  This  online  training  allows  you  to  access  training  anywhere  at  anytime  at  an  affordable  price.    On-­‐Demand  is  offered  7x24  so  you  can  learn  at  your  own  pace  on  your  own  time.    This  training  is  modular  and  searchable  so  you  can  start,  stop  and  resume  at  any  chapter  point  in  a  course,  allowing  you  to  focus  on  the  topics  that  are  specific  to  your  needs.  On-­‐Demand  4-­‐day  classes  include:  courseware  book,  an  online  training  subscription  valid  for  120  days  and  an  optional  exam  and  study  guide.    

Onsite  Sourcefire  delivers  onsite  training  at  the  location  of  your  choice.      Onsite  classes  include  a  courseware  book,  an  optional  study  guide  and  exam,  hands  on  labs  taught  by  the  instructor,  the  Sourcefire  Guarantees  and  120  days  of  access  to  SF  System  Admin  and  Network  AMP  On-­‐Demand  courses.    Customer  provides  the  desktops  and  training  facility.    Instructor  travel  expenses  are  additional.  

Continuing  Professional  Education  (CPE)  Credits  for  Training  Courses    As  a  “Trusted  CPE  Provider”  for  (ISC)2,  Sourcefire  offers  students  holding  certifications  as  a  System  Security  Certified  Practitioner    (SSCP)  or  as  a  Certified  Information  Systems  Security  Professional  (CISSP)  the  ability  to  earn  one  Continuing  Professional  Education  (CPE)  credit  for  each  hour  of  education  completed.  To  obtain  credit  for  Instructor-­‐led,  virtual,  and  on-­‐demand  courses,  students  must  provide  their  SSCP  or  CISSP  number  on  the  registration  form  and  Sourcefire  takes  care  of  the  rest.                

 Sourcefire  System  v5  

 

For  more  information,  please  contact  services  at  +1.866.505.9113,  +1.734.743.6550,  or  email  services@sourcefire.com.      ©2013  Sourcefire,  the  Sourcefire  logo,  Snort,  the  Snort  and  Pig  logo,  Agile  Security  and  the  Agile  Security  logo,  ClamAV,  FireAMP,  FirePOWER,  FireSIGHT  and  certain  other  trademarks  and  logos  are  trademarks  or  registered  trademarks  of  Sourcefire,  Inc.  in  the  United  States  and  other  countries.  Other  company,  product  and  service  names  may  be  trademarks  or  service  marks  of  others.          

DOC  TITLE  

Sourcefire  System  v5  

Sourcefire  Certification    Sourcefire  provides  a  path  for  interested  candidates  to  distinguish  themselves  through  an  industry  respected  certification  program.  Choose  to  become  a  Sourcefire  Certified  Professional  (SFCP),  a  Sourcefire  Certified  Expert  (SFCE)  or  a  Snort  Certified  Professional  (SnortCP).