Cisco® Implementing Cisco® Intrusion Prevention System v7.0 (IPS)

 5 Days
Delivery Methods
 VILT    Private Group

This course provides network security engineers with the knowledge and skills needed to deploy Cisco IPS-based security solutions. Students will be able to reduce risk to the IT infrastructure and applications using Cisco IPS features.


Upcoming Class Dates and Times

Oh Snap!
There are no dates listed.
Please contact us to get something scheduled.

Who Should Attend

Channel Partner / Reseller Customer Employee

Course Objectives

    Skills the Student will Learn:
  • Perform an initial implementation of a Cisco IPS sensor.
  • Implement an initial security policy using a Cisco IPS sensor according to local policies and environmental requirements.
  • Deploy customized policies to adapt Cisco IPS traffic analysis and response to the target environment.
  • Implement a basic Cisco IPS data management and analysis solution.
  • Implement complex Cisco IPS policy virtualization, high availability, and high performance solutions according to policy and environmental requirements.
  • Perform the initial setup of, and maintain specific Cisco IPS hardware. Technical Features of the Course
  • IPS sensors
  • IPS signatures and responses
  • IPS anomaly-based operation
  • False positives and false negatives
  • Policy virtualization Certification IPS v7.0 is part of the CCNP Security track (IPS v7.0 exam is 642-627 IPS v7.0)


1 - Introduction to Intrusion Prevention and Detection, Cisco IPS Software, and Supporting Devices
  • Evaluating Intrusion Prevention and Intrusion Detection Systems
  • Choosing Cisco IPS Software, Hardware, and Supporting Applications
  • Evaluating Network IPS Traffic Analysis Methods, Evasion Possibilities, and Anti-Evasive Countermeasures
  • Choosing a Network IPS and IDS Deployment Architecture
2 - Installing and Maintaining Cisco IPS Sensors
  • Integrating the Cisco IPS Sensor into a Network
  • Performing the Cisco IPS Sensor Initial Setup
  • Managing Cisco IPS Devices
  • Lab 2-1: Performing the Cisco IPS Sensor Initial Setup
  • Lab 2-2: Managing a Cisco IPS Sensor
3 - Applying Cisco IPS Security Policies
  • Configuring Basic Traffic Analysis
  • Implementing Cisco IPS Signatures and Responses
  • Configuring Cisco IPS Signature Engines and the Signature Database
  • Deploying Anomaly-Based Operation
  • Lab 3-1: Configuring and Modifying Basic Cisco IPS Signatures and Responses
  • Lab 3-2: Configuring Cisco IPS Anomaly-Based Operation
4 - Adapting Traffic Analysis and Response to the Environment
  • Customizing Traffic Analysis
  • Managing False Positives and False Negatives
  • Improving Alarm and Response Quality
  • Lab 4-1: Configuring Custom Cisco IPS Signatures
  • Lab 4-2: Managing False Positives and False Negatives
  • Lab 4-3: Improving Alarm and Response Quality
5 - Managing and Analyzing Events
  • Installing and Integrating Cisco IPS Manager Express with Cisco IPS Sensors
  • Managing and Investigating Events using Cisco IPS Manager Express
  • Using Cisco IME Reporting and Notifications
  • Integrating Cisco IPS with Cisco Security Manager and Cisco Security MARS
  • Using the Cisco IntelliShield Database and Services
  • Lab 5-1: Using the Cisco IME
  • Lab 5-2: Using Cisco IPS and Security Intelligence Web Resources
6 - Deploying Virtualization, High Availability, and High Performance Solutions
  • Using Cisco IPS Virtual Sensors
  • Deploying Cisco IPS for High Availability and High Performance
  • Lab 6-1: Configuring Policy Virtualization
7 - Configuring and Maintaining Specific Cisco IPS Hardware
  • Configuring and Maintaining the Cisco ASA AIP SSM and AIP SSC Modules
  • Configuring and Maintaining the Cisco ISR IPS AIM and IPS NME Modules
  • Configuring and Maintaining the Cisco IDSM-2 Module


Students who attend this advanced course must have experience in configuring Cisco IOS software and have met the following prerequisites: • Certification as a CCNA or the equivalent knowledge. • Basic knowledge of the Windows operating system • Familiarity with the networking and security terms and concepts (the concepts are learned in prerequisite training or by reading industry publications).

Prerequisite Courses Recommended

  • Cisco® Implementing Cisco® Network Security 3.0 (IINS)
  • Cisco® Interconnecting Cisco® Networking Devices Part 1 v1.1 (ICND1)
  • Cisco® Interconnecting Cisco® Networking Devices Part 2 v1.1 (ICND2)

Next Course Recommendations

  • Cisco® Deploying Cisco® ASA Firewall Features 2.0 (FIREWALL)
  • Cisco® Deploying Cisco® ASA VPN Solutions 2.0 (VPN)
  • Cisco® Securing the Cisco® Routers and Switches (SECURE)