Intrusion detection and prevention are important parts of any enterprise network security monitoring plan. This course will teach you how to install and configure Suricata as an intrusion detection and prevention system.
Intrusion detection and prevention are key in enterprise network security monitoring. In this course, Suricata: Getting Started, you’ll learn to install and configure Suricata. First, you’ll explore intrusion detection and prevention fundamentals. Next, you’ll discover how to install Suricata using multiple methods. Finally, you’ll learn how to configure Suricata to capture packets. When you’re finished with this course, you’ll have the skills and knowledge of Suricata needed to install and configure it to capture network traffic.
Course Overview Hello, everyone. My name is Matt Glass, and welcome to my course, Suricata: Getting Started. I'm an IT project manager at Leidos, working in Stuttgart, Germany. Suricata is an open‑source intrusion detection, inline intrusion prevention, and network security monitoring engine. Suricata is developed and maintained by the Open Information Security Foundation, a community‑run, nonprofit foundation. In this course, we're starting from the beginning, assuming limited to no previous interaction with Suricata, and building you up to being able to capture traffic and evaluate the output. Some of the major topics that we'll cover include understanding intrusion detection and prevention, installing Suricata using different methods, capturing traffic using basic and downloadable rulesets, and evaluating the output in Suricata's logs. By the end of this course, you'll be able to install and configure Suricata to generate alerts or block packets based on rules. Before beginning this course, you should be familiar with basic computer networking concepts and using a Linux command line interface. I hope you'll join me on this journey to learn Suricata with the Suricata: Getting Started course, at Pluralsight.