Configuring F5 Advanced WAF (previously licensed as ASM)

Hakkında

“F5 Application Security Manager” training, students are provided with a functional understanding of how to deploy, tune, and operate ASM to protect their web applications from HTTP-based attacks. The course includes lecture, hands-on labs, and discussion about different ASM components for detecting and mitigating threats from multiple attack vectors such web scraping, Layer 7 Denial of Service, brute force, bots, code injection, and zero day exploits

Önkoşullar

There are no required F5 prerequisites for this course.

However, completing one of the following before attending would be very helpful for students unfamiliar with BIG-IP:

The following web-based courses, although optional, will be very helpful for any student with limited BIG-IP administration and configuration experience:

Students should understand:

  • TMOS administration
  • Network concepts and configuration
  • Programming concepts
  • Security concepts and terminology
  • Web application delivery
Kurs Süresi
  • Instructor-led training: 4 days with hands-on lab practice
  • Virtual instructor-led training: 4 days of web-based classes with hands-on lab practice
  • Kurs İçeriği

    The BIG-IP Application Security Manager course provides participants with the expertise needed to detect, mitigate, and prevent HTTP-based attacks on web applications. The four-day lab intensive course starts at the simplest level for quickly configuring and implementing an application security policy and progresses through more complex configurations. The course includes detailed analysis and hands-on exercises for protecting web applications from brute force, web scraping, layer 7 DDoS, and other current attack vectors.

    Topics covered in this course include:

    • Setting up the BIG-IP system
    • Traffic processing with BIG-IP Local Traffic Manager (LTM)
    • Web application concepts
    • Web application vulnerabilities
    • Security policy deployment
    • Attack signatures
    • Positive security building
    • Cookies and other headers
    • Reporting
    • User roles and administration
    • Advanced parameter handling
    • Application templates
    • Real Traffic Policy Builder
    • Vulnerability scanners
    • Login enforcement and session tracking
    • Anomaly detection
    • ASM and iRules
    • AJAX and JSON support
    • XML and web services support
    Kurs Hedefleri

    • Describe the role of the BIG-IP system as a full proxy device in an application delivery network 

    • Provision the Application Security Manager 

    • Define a web application firewall

     • Describe how ASM protects a web application by securing file types, URLs, and parameters 

    • Deploy ASM using the Rapid Deployment template (and other templates) and define the security checks included in each

     • Define learn, alarm, and block settings as they pertain to configuring ASM

     • Define attack signatures and explain why attack signature staging is important 

    • Contrast positive and negative security policy implementation and explain benefits of each 

    • Configure security processing at the parameter level of a web application

     • Use an application template to protect a commercial web application 

    • Deploy ASM using the Automatic Policy Builder 

    • Tune a policy manually or allow automatic policy building

    • Integrate third party application vulnerability scanner output into a security policy

    • Configure login enforcement and session tracking 

    • Configure protection against brute force, web scraping, and Layer 7 denial of service attacks 

    • Implement iRules using specific ASM events and commands 

    • Use Content Profiles to protect JSON and AJAX-based applications 

    • Implement Bot Signatures 

    • Implement Proactive Bot Defense

    Ders İçeriği

    Chapter 1: Setting Up the BIG-IP System

    • Introducing the BIG-IP System
    • Initially Setting Up the BIG-IP System
    • Creating an Archive of the BIG-IP System
    • Leveraging F5 Support Resources and Tools

    Chapter 2: Traffic Processing with BIG-IP

    • Understanding Traffic Processing with LTM
    • Overview of Local Traffic Policies and ASM

    Chapter 3: Web Application Concepts

    • Anatomy of a Web Application
    • An Overview of Common Security Methods
    • Examining HTTP & Web Application Components
    • Examining HTTP Headers
    • Examining HTTP Responses
    • Examining HTML Components
    • How ASM parses File Types, URLs, & Parameters
    • Using the Fiddler HTTP proxy tool

    Chapter 4: Web Application Vulnerabilities

    • Examining the OWASP Top 10 vulnerabilities
    • Summary of risk mitigation using ASM

    Chapter 5: Security Policy Deployment

    • About Positive and Negative Security Models
    • Deployment Wizard: Local Traffic Deployment
    • Deployment Wizard: Configuration settings
    • Violations and Security Policy Building
    • Reviewing Violations

    Chapter 6: Attack Signatures

    • Defining Attack Signatures
    • Attack Signature Features
    • Defining Attack Signature Sets
    • About User-defined Attack Signatures
    • Updating Attack Signatures
    • Understanding Attack Signatures and staging

    Chapter 7: Positive Security Policy Building

    • Defining Security Policy Components
    • Security Through Entity Learning
    • Reviewing Staging and Enforcement
    • Understanding the Selective mode
    • Learning Differentiation: Real threats vs. false positives

    Chapter 8: Cookies and other Headers

    • Purposes of ASM Cookies
    • Understanding Allowed and Enforced Cookies
    • Configuring security processing on HTTP headers

    Chapter 9: Reporting and Logging

    • Reporting capabilities in ASM
    • Generating a PCI Compliance Report
    • Generating an ASM Security Events Report

    Chapter 10: User Roles, policy modification, and other deployments

    • Understanding User Roles & Partitions
    • Editing and Exporting Security Policies

    Chapter 11: Lab Project 1

    Chapter 12: Advanced parameter handling

    • Defining Parameters
    • Defining Static Parameters
    • Configuring Dynamic Parameters and Extractions

    Chapter 13: Application-Ready Templates

    • Application-Ready Template Overview

    Chapter 14: Real Traffic Policy Builder

    • Overview of the Real Traffic Policy Builder
    • Defining Policy Types
    • Real Traffic Policy Builder Rules

    Chapter 15: Web Application Vulnerability Scanners

    • Integrating ASM with Application Vulnerability Scanners
    • Resolving Vulnerabilities
    • Using the generic XML scanner output

    Chapter 16: Login Enforcement, Session tracking, and Flows

    • Defining Login Pages
    • Configuring Login Enforcement
    • Configuring session and user tracking
    • Defining Flows
    • Configuring Flow Control

    Chapter 17: Anomaly Detection

    • Defining Anomaly Detection
    • Preventing Brute Force Attacks
    • Preventing Web Scraping
    • Geolocation Enforcement
    • Configuring IP Address Exceptions

    Chapter 18: ASM and iRules

    • Defining iRules and iRule Events
    • Using ASM iRule Event Modes
    • iRule Syntax
    • ASM iRule Commands

    Chapter 19: Web 2.0 Support: AJAX and JSON

    • Defining Asynchronous JavaScript and XML
    • Defining JavaScript Object Notation (JSON)
    • Configuring a JSON Profile

    Chapter 20: XML and Web Services

    • Defining XML
    • Configuring an XML Profile
    • XML Attack Signatures

    Chapter 21: Review and Final Labs

    Kimler Katılmalı

    This course is intended for security and network administrators who will be responsible for the installation, deployment, tuning, and day-to-day maintenance of the Application Security Manager.

    Sınavlar
    F5-CTS ASM Requirements
    – F5-CA Certification


    BİLGİ TALEBİ



    Randevu ve bilgi talebi için : 0850 755 02 83