• Office Location HCJM+44 Muscat
  • Email info@aca.om
  • Phone +968 24990900 | +968 24990901

Cybersecurity – IDS / IPS Deployment & OPS

The security of information systems and network infrastructures is becoming more and more complicated nowadays. The purpose of the training is to highlight the benefits of the deploying a IDS / IPS sensor within your IT infrastructure and to explore the functionalities offered by IDS / IPS systems to facilitate the management of security related events The training methodology puts practice at the heart of learning to improve the acquisition of experience and knowledge.

Overview

Several hands-on exercises are performed through CYBELS Cyber Range platform, virtualizing information systems and reflecting realistic network architectures.
Each student has a pentester computer and their own IT System at their disposal on CYBELS Cyber Range.
He is able to access numerous equipment (PCs, routers, probes, firewalls, servers, proxies …).
The course also embeds feedback from Thales experience on Cybersecurity tools, devices, projects and solutions

Goals

After the course, the students know :

  • Deploy and administrate a IDS / IPS
  • Manage the correlation
  • Write signature

Course Content

Introduction to IDS / IPS
  • How it works
  • Types of IDS / IPS implementation
  • Types of Alerts
  • Where, What and How to detect
  • Situation and organization
  • How to choose your IDS / IPS
  • Host sensors & Network sensors
IDS / IPS Deployment
  • How to install and deploy a sensor
  • How to configure the sensor
  • Infrastructure configuration
  • Steps to finalize the sensor implementation
  • Suricata deployement
Sensor Configuration
  • How to detect and classify
  • How to block a threat
  • Write your own signature
  • Syslog
  • What is correlation
  • Data source integration
  • Correlation & alarms
  • Tuning Techniques
Sensor Hands on
  • Practical exercices
  • Bypass sensor techniques

Prerequisites

This course is dedicated to people who are
familiar with :
  • IP Network and TCP / IP protocols
  • System administration
  • Development basics
  • CyberSecurity & Forensics basics
  • SIEM Deployment & OPS
  • Basics on programming on networking


Organization

  • 3 training days
  • Several hands-on exercises : 40 % Theory / 60 % Practice
  • 8 students maximum per session


Location

ACA Main Building

Contacts

PO Box 74, Al-Khuwair
PC 133, Sultanate of Oman
+968 24990900 | +968 24990901