F5 BIGIP ASM (WAF)

  • Lectures: 30
  • Students: 85

Configuring BIG-IP ASM: Application Security Manager (WAF)

Course Description:

In this course, students are provided with a functional understanding of how to deploy, tune, and operate ASM to protect their web applications from HTTP-based attacks.

The course includes lecture, hands-on labs, and discussion about different ASM components for detecting and mitigating threats from multiple attack vectors such web scraping, Layer 7 Denial of Service, brute force, bots, code injection, and zero day exploits.

Prerequisites

There are no required F5 technology-specific prerequisites for this course. However, completing one the following before attending would be very helpful for students unfamiliar with BIG-IP:

  • Administering BIG-IP
  • F5 Certified BIG-IP Administrator

The course includes:
.11 hours on-demand Video [Total 17 Videos]
.Presentation files
.Step by step Lab workbook

 

TOPICS:

Module 1: Setting Up the BIG-IP System

  • Packet Based Design Vs Full Proxy Architecture
  • What’s inside a BIG IP system
  • BIG-IP Platforms
  • What’s outside a Hardware BIG IP system
  • Initial BIG-IP setup
  • Licensing, Provisioning and Network Configuration

Module 2: Traffic Processing with BIG-IP

  • Identifying BIG-IP Traffic Processing Objects
  • Overview of Network Packet Flow
  • Understanding Profiles
  • Overview of Local Traffic Policies
  • Visualizing the HTTP Request Flow

Module 3: Web Application Concepts

  • Overview of Web Application Request Processing
  • Web Application Firewall: Layer 7 Protection
  • ASM Layer 7 Security Checks
  • Overview of Web Communication Elements
  • Overview of the HTTP Request Structure
  • Examining HTTP Responses
  • How ASM Parses File Types, URLs, and Parameters
  • Using the Fiddler HTTP Proxy

Module 4: Common Web Application Vulnerabilities

  • Injection Attacks
  • Parameter Tampering
  • Hidden Field Manipulation
  • Forceful Browsing
  • Cross Site Scripting

Chapter 5: Security Policy Deployment

  • Positive & Negative Security Models
  • The Deployment Workflow
  • Security Checks offered by Rapid Deployment
  • Response Checks using Data Guard

Module 6: Policy Tuning and Violations

  • Defining False Positives
  • How Violations are Categorized
  • Violation Rating: A Threat Scale
  • Enforcement settings & Staging

Module 7: Attack Signatures

  • Defining Attack Signatures
  • Creating User-Defined Attack Signatures
  • Defining Attack Signature Sets
  • Understanding Attack Signatures and Staging

Module 8: Positive Security Policy Building

  • Defining and Learning Security Policy Components
  • Learning File Types , URLs and Parameters
  • Choosing the Learning Scheme

Module 9: Cookies and Other Headers

  • ASM Cookies: What to Enforce
  • Enforce integrity of domain cookies
  • Defining Allowed and Enforced Cookies

Module 10: User Roles and Policy Modification

  • Defining user Roles
  • Administrative Partitions
  • Comparing Security Policies
  • Editing and Exporting Security Policies
  • ASM Deployment Types

Module 11: Reporting and Logging

  • Reporting
  • Logging and Viewing Logs
  • Logging Profiles – Default & Custom

Module 12: Advanced Parameter Handling

  • Defining Parameters types
  • User-Input Parameters
  • Defining static Parameters
  • Defining Dynamic Parameters
  • Dynamic parameter Extraction

Module 13: Using Application-Ready Templates

  • Application Ready Templates
  • Commonly used Templates

Module 14: Automatic Policy Building

  • Overview of Automatic Policy Building
  • Choosing policy types [Rapid, Fundamental and Comprehensive]
  • Trusted and Untrusted IP Addresses
  • Learning speed
  • Learning Score

Module 15: Web Application Vulnerability Scanner Integration

  • Overview
  • Integrating ASM with Vulnerability scanner
  • Resolving Vulnerabilities

Module 16: Layered Policies

  • Overview of Layered Security Policies
  • Parent and child security policy terminology
  • Policy Section elements and settings
  • Inheritance settings

Module 17: Login Enforcement and Session Tracking

  • Defining Login URL
  • Defining Session Tracking
  • Session Hijacking Mitigation
  • Fingerprinting Overview
  • Partial List of what ASM can fingerprint

Module 18: Brute Force and Web Scraping Mitigation

  • Defining Anomalies
  • Mitigating Brute Force Attacks via Login Page
  • Defining Session-Based Brute Force Protection
  • Defining the Prevention Policy
  • Mitigating Web Scraping
  • Defining Geo location and IP address Exceptions

Module 19: Layer 7  DoS Mitigation and Advanced Bot Protection

  • Defining Denial of Service Attacks
  • Defining the DoS Profile
  • Defining Mitigation Methods
  • Using BOT Signatures
  • Create a DoS Logging Profile
  • Defining DoS Profile General Settings
  • Defining Bot Signatures
  • Defining Proactive Bot Defense

 

 

  • Module 0: Introduction - PREVIEW 0/2

  • Module 1: Setting Up the BIG-IP System 0/2

  • Module 2: Traffic Processing with BIG-IP 0/1

  • Module 3: Web Application Concepts 0/2

  • Module 4: Common Web Application Vulnerabilities - PREVIEW 0/2

  • Chapter 5: Security Policy Deployment 0/2

  • Module 6: Policy Tuning and Violations 0/1

  • Module 7: Attack Signatures 0/2

  • Module 8: Positive Security Policy Building 0/1

  • Module 9: Cookies and Other Headers 0/1

  • Module 10: User Roles and Policy Modification 0/1

  • Module 11: Reporting and Logging 0/1

  • Module 12: Advanced Parameter Handling 0/1

  • Module 13: Using Application-Ready Templates 0/1

  • Module 14: Automatic Policy Building 0/1

  • Module 15: Web Application Vulnerability Scanner Integration 0/1

  • Module 16: Layered Policies 0/1

  • Module 17: Login Enforcement and Session Tracking 0/2

  • Module 18: Brute Force and Web Scraping Mitigation 0/1

  • Module 19: Layer 7 DoS Mitigation and Advanced Bot Protection 0/1

  • Module 20: Lab Materials - Lab Workbook,Software 0/2

  • Module 21: Presentation File 0/1

Admin bar avatar
Manoj Verma - CCIE # 43923 is a highly experienced senior technical instructor and Network/ security consultant. He has been in the networking industry for more than 19 years, with a focus on networking and security for the past 15 years. He has assisted thousands of engineers in obtaining their various certifications starting from CCNA to CCIE, CCSA, CCSE, PCNSE, F5, etc. and learning the latest and cutting-edge technologies.  He started his career as a system administrator and then switched to the networking and security domain. During the job, he realized that he is gifted with a passion for teaching and sharing his knowledge, as he used to teach his colleagues and friends. In his classroom training, he always starts with explaining the theory on a certain topic and then gives away a short note of key points and finally end with lab implementation. Now a day, driving down to the training institute to attend classroom training sessions is not feasible for everyone owing to the workflow, odd working hours and rotational shifts, especially for working professionals and those who are living in different cities and countries. He started getting multiple requests from lots of students to launch an online training module in the same way as he teaches in his classrooms. Keeping all this in mind, he designed this self-paced training module which replicates classroom training. He has brought his years of classroom teaching experience, and years of real-world enterprise and service provider experience in designing training modules. For a better understanding of technologies and in-depth knowledge, reading books or short notes is necessary and to witness the theoretical information in live, practical knowledge is required so he has included both which is very unique in the IT training sector.

Reviews

  • f.bensalah@ucd.ac.ma

    Best ASM cours in the internet

    very good cours and LAB

Price

$105.00$125.00

Rating

Average Rating5.0
5 Stars
1
4 Stars
0
3 Stars
0
2 Stars
0
1 Star
0
Select your currency
USD United States (US) dollar
X