SSFIPS: Securing Networks with Cisco Firepower Next-Generation IPS

Securing Cisco Networks with FireSIGHT Intrusion Prevention System (IPS) is a lab-intensive course that introduces you to the powerful features of the Cisco Sourcefire System, including FireSIGHT technology, in-depth event analysis, IPS tuning and configuration, and the Snort rules language. You will learn how to use and configure next-generation Sourcefire technology, including application control, firewall, and routing and switching capabilities. You will also learn to properly tune your system for better performance and greater network intelligence while taking full advantage of powerful tools for more efficient event analysis, including file type and network-based malware detection. This course combines lecture materials and hands-on labs throughout to make sure that you are able to successfully deploy and manage the Sourcefire System.


This course is designed for technical professionals who need to know how to deploy and/or manage a Cisco FireSIGHT system in a network environment. The primary audience for this course includes:

  • Security administrators
  • Security consultants
  • Network administrators
  • System engineers
  • Technical support personnel
  • Channel partners and resellers


  • Technical understanding of TCP/IP networking and network architecture
  • Basic familiarity with the concepts of intrusion detection systems (IDS) and IPS

Course objectives:

Upon completion of this course, you should be able to:

  • Describe the FireSIGHT system training infrastructure
  • Navigate the user interface and administrative features of the FireSIGHT system, including reporting functionality to properly assess threats
  • Describe how to deploy and manage Cisco FireSIGHT devices
  • Describe the various detection technologies used in the FireSIGHT system
  • Describe, create, and implement objects for use in Access Control policies
  • Describe advanced policy configuration and FireSIGHT system configuration options
  • Analyze events
  • Write and configure basic SNORT rules


This course prepares you to take the Securing Cisco Networks with Sourcefire IPS exam (exam ID 500-285). This is a proctored exam.