F5 Networks Configuring BIG-IP Advanced WAF: Web Application Firewall
= Guaranteed to run date
Dates are listed in Pacific Time Zone
Dates
Locations
Mar 27 7:00 AM - Mar 30 3:00 PM
Bellevue WA + Remote
May 15 7:00 AM - May 18 3:00 PM
Bellevue WA + Remote
Jul 10 7:00 AM - Jul 13 3:00 PM
Bellevue WA + Remote
Sep 05 7:00 AM - Sep 08 3:00 PM
Bellevue WA + Remote
$4,400.00
In this 4 day course, students are provided with a functional understanding of how to deploy, tune, and operate F5 Advanced Web Application Firewall to protect their web applications from HTTP-based attacks. The course includes lecture, hands-on labs, and discussion about different F5 Advanced Web Application Firewall tools for detecting and mitigating threats from multiple attack vectors such web scraping, Layer 7 Denial of Service, brute force, bots, code injection, and zero day exploits.
In this 4 day course, students are provided with a functional understanding of how to deploy, tune, and operate F5 Advanced Web Application Firewall to protect their web applications from HTTP-based attacks. The course includes lecture, hands-on labs, and discussion about different F5 Advanced Web Application Firewall tools for detecting and mitigating threats from multiple attack vectors such web scraping, Layer 7 Denial of Service, brute force, bots, code injection, and zero day exploits.
Prerequisite(s):
Administering BIG-IP; basic familiarity with HTTP, HTML and XML; basic web application and security concepts.
Audience:
This course is intended for security and network administrators who will be responsible for the installation, deployment, tuning, and day-to-day maintenance of the F5 Advanced Web Application Firewall.
Outline:
Lesson 1: Setting Up the BIG-IP System
Introducing the BIG-IP System
Initially Setting Up the BIG-IP System
Archiving the BIG-IP System Configuration
Leveraging F5 Support Resources and Tools
Lesson 2: Traffic Processing with BIG-IP
Identifying BIG-IP Traffic Processing Objects
Understanding Profiles
Overview of Local Traffic Policies
Visualizing the HTTP Request Flow
Lesson 3: Web Application Concepts
Overview of Web Application Request Processing
Web Application Firewall: Layer 7 Protection
F5 Advanced WAF Layer 7 Security Checks
Overview of Web Communication Elements
Overview of the HTTP Request Structure
Examining HTTP Responses
How F5 Advanced WAF Parses File Types, URLs, and Parameters
Using the Fiddler HTTP Proxy
Lesson 4: Common Web Application Vulnerabilities
A Taxonomy of Attacks: The Threat Landscape
Common Exploits Against Web Applications
Lesson 5: Security Policy Deployment
Defining Learning
Comparing Positive and Negative Security Models
The Deployment Workflow
Assigning Policy to Virtual Server
Deployment Workflow: Using Advanced Settings
Configure Server Technologies
Defining Attack Signatures
Viewing Requests
Security Checks Offered by Rapid Deployment
Lesson 6: Policy Tuning and Violations
Post-Deployment Traffic Processing
How Violations are Categorized
Violation Rating: A Threat Scale
Defining Staging and Enforcement
Defining Enforcement Mode
Defining the Enforcement Readiness Period
Reviewing the Definition of Learning
Defining Learning Suggestions
Choosing Automatic or Manual Learning
Defining the Learn, Alarm and Block Settings
Interpreting the Enforcement Readiness Summary
Configuring the Blocking Response Page
Lesson 7: Attack Signatures & Threat Campaigns
Defining Attack Signatures
Attack Signature Basics
Creating User-Defined Attack Signatures
Defining Simple and Advanced Edit Modes
Defining Attack Signature Sets
Defining Attack Signature Pools
Understanding Attack Signatures and Staging
Updating Attack Signatures
Defining Threat Campaigns
Deploying Threat Campaigns
Lesson 8: Positive Security Policy Building
Defining and Learning Security Policy Components
Defining the Wildcard
Defining the Entity Lifecycle
Choosing the Learning Scheme
How to Learn: Never (Wildcard Only)
How to Learn: Always
How to Learn: Selective
Reviewing the Enforcement Readiness Period: Entities
Viewing Learning Suggestions and Staging Status
Violations Without Learning Suggestions
Defining the Learning Score
Defining Trusted and Untrusted IP Addresses
How to Learn: Compact
Lesson 9: Cookies and Other Headers
F5 Advanced WAF Cookies: What to Enforce
Defining Allowed and Enforced Cookies
Configuring Security Processing on HTTP headers
Lesson 10: Visual Reporting and Logging
Viewing Application Security Summary Data
Reporting: Build Your Own View
Reporting: Chart based on filters
Brute Force and Web Scraping Statistics
Viewing Resource Reports
PCI Compliance: PCI-DSS 3.0
Analyzing Requests
Local Logging Facilities and Destinations
Viewing Logs in the Configuration Utility
Defining the Logging Profile
Configuring Response Logging
Lesson 11: Lab Project 1
Lesson 12: Advanced Parameter Handling
Defining Parameter Types
Defining Static Parameters
Defining Dynamic Parameters
Defining Parameter Levels
Other Parameter Considerations
Lesson 13: Automatic Policy Building
Overview of Automatic Policy Building
Defining Templates Which Automate Learning
Defining Policy Loosening
Defining Policy Tightening
Defining Learning Speed: Traffic Sampling
Defining Track Site Changes
Lesson 14: Web Application Vulnerability Scanner Integration
Integrating Scanner Output
Importing Vulnerabilities
Resolving Vulnerabilities
Using the Generic XML Scanner XSD file
Lesson 15: Deploying Layered Policies
Defining a Parent Policy
Defining Inheritance
Parent Policy Deployment Use Cases
Lesson 16: Login Enforcement and Brute Force Mitigation
F5 Networks Configuring BIG-IP Advanced WAF: Web Application Firewall
Dates are listed in Pacific Time Zone
$4,400.00
In this 4 day course, students are provided with a functional understanding of how to deploy, tune, and operate F5 Advanced Web Application Firewall to protect their web applications from HTTP-based attacks. The course includes lecture, hands-on labs, and discussion about different F5 Advanced Web Application Firewall tools for detecting and mitigating threats from multiple attack vectors such web scraping, Layer 7 Denial of Service, brute force, bots, code injection, and zero day exploits.
Description
Overview:
In this 4 day course, students are provided with a functional understanding of how to deploy, tune, and operate F5 Advanced Web Application Firewall to protect their web applications from HTTP-based attacks. The course includes lecture, hands-on labs, and discussion about different F5 Advanced Web Application Firewall tools for detecting and mitigating threats from multiple attack vectors such web scraping, Layer 7 Denial of Service, brute force, bots, code injection, and zero day exploits.
Prerequisite(s):
Administering BIG-IP; basic familiarity with HTTP, HTML and XML; basic web application and security concepts.
Audience:
This course is intended for security and network administrators who will be responsible for the installation, deployment, tuning, and day-to-day maintenance of the F5 Advanced Web Application Firewall.
Outline:
Lesson 1: Setting Up the BIG-IP System
Lesson 2: Traffic Processing with BIG-IP
Lesson 3: Web Application Concepts
Lesson 4: Common Web Application Vulnerabilities
Lesson 5: Security Policy Deployment
Lesson 6: Policy Tuning and Violations
Lesson 7: Attack Signatures & Threat Campaigns
Lesson 8: Positive Security Policy Building
Lesson 9: Cookies and Other Headers
Lesson 10: Visual Reporting and Logging
Lesson 11: Lab Project 1
Lesson 12: Advanced Parameter Handling
Lesson 13: Automatic Policy Building
Lesson 14: Web Application Vulnerability Scanner Integration
Lesson 15: Deploying Layered Policies
Lesson 16: Login Enforcement and Brute Force Mitigation
Lesson 17: Reconnaissance with Session Tracking
Lesson 18: Layer 7 DoS Mitigation
Lesson 19: Advanced Bot Protection
Lesson 20: Form Encryption using DataSafe
Lesson 21: Review and Final Labs
Additional information
4 days
Yes
Related products
Developing on AWS
$2,025.00 Add to cartAWS Cloud Practitioner Essentials
$675.00 Add to cartF5 Networks Configuring BIG-IP APM: Access Policy Manager
$3,300.00 Add to cart