This lab intensive course is designed to teach students
how to use the Cisco Intrusion Detection System to
detect and respond to malicious network attacks. The
course covers all CIDS detection platforms including the
4200 series Sensors and the Catalyst 6000 series
Intrusion Detection Module(IDSM). The student will learn
how to remotely manage CIDS Sensor with Cisco Secure
Policy Manager (CSPM) and will learn how to use CSPM to
collect and display intrusion data. The student will
also learn how to manage alarms, generate alarm reports.
The student will learn how to create custom signatures
and define intrusion detection signature settings and
and configure Cisco Secure Policy Manager (CSPM) and
the CIDS Sensor in multiple network configurations.
CSPM to centrally manage and configure multiple
the CIDS Sensor to detect, respond to, and report
CSPM to translate intrusion data into intuitive and
effective graphical displays.
the CIDS 's Network Security Database (NSDB) to view
signature and network security vulnerability
and implement customized intrusion detection
signatures to respond to intrusion attempts.
the CIDS Sensor in Device Management mode to
interface with a Cisco IOS router to stop network
the Catalyst 6000 IDS Module (IDSM) and the Catalyst
6000 series switches to perform intrusion detection
in multiple VLANs.
CSPM to generate e-mail notifications when an
intrusion is detected.
CSPM to generate IDS alarm reports.
course is recommended for Cisco customers who implement
and maintain CIDS, Cisco Channel Partners who sell,
implement, and maintain CIDS, and Cisco System Engineers
who support sales of CIDS and security product
who attend this course should meet the following
Certified Network Associate (CCNA) certification or
of the SECUR course (or its predecessor, the Managing Cisco Network Security course),
or have a working knowledge of network security.
user level experience with the Windows NT operating
system and a basic understanding of the UNIX
for Exam 642-531.