Configuring F5 Advanced WAF (previously licensed as ASM) v16.1

This course is intended for SecOps personnel responsible for the deployment, tuning, and day-to-day maintenance of F5 Adv. WAF. 

Participants will obtain a functional level of expertise with F5 Advanced WAF, including comprehensive security policy and profile configuration, client assessment, and appropriate mitigation types.

• Experience with LTM is not required

• Prior WAF knowledge is not required

This course is on the list of approved study resources for the F5 ASM 303 certification exam.

• Describe the role of the BIG-IP system as a full proxy device in an application delivery network

• Provision the F5 Advanced Web Application Firewall

• Define a web application firewall

• Describe how F5 Advanced Web Application Firewall protects a web application by securing file types, URLs, and parameters

• Deploy F5 Advanced Web Application Firewall using the Rapid Deployment template (and other templates) and define the security checks included in each

• Define learn, alarm, and block settings as they pertain to configuring F5 Advanced Web Application Firewall

• Define attack signatures and explain why attack signature staging is important

• Deploy Threat Campaigns to secure against CVE threats

• Contrast positive and negative security policy implementation and explain benefits of each

• Configure security processing at the parameter level of a web application

• Deploy F5 Advanced Web Application Firewall using the Automatic Policy Builder

• Tune a policy manually or allow automatic policy building

• Integrate third party application vulnerability scanner output into a security policy

• Configure login enforcement for flow control

• Mitigate credential stuffing

• Configure protection against brute force attacks

• Deploy Advanced Bot Defense against web scrapers, all known bots, and other automated agents

There are no F5-technology-specific prerequisites for this course. However, completing the following before attending would be very helpful for students with limited BIG-IP administration and configuration experience: 

? Administering BIG-IP instructor-led course ? -or- 

? F5 Certified BIG-IP Administrator 

The following free web-based training courses, although optional, will be very helpful for any student with limited BIG-IP administration and configuration experience. 

These courses are available at LearnF5 (https://www.f5.com/services/training): 

? Getting Started with BIG-IP web-based training 

? Getting Started with BIG-IP Application Security Manager (ASM) web-based training 

The following general network technology knowledge and experience are recommended before attending any F5 Global Training Services instructor-led course: 

? OSI model encapsulation 

? Routing and switching 

? Ethernet and ARP 

? TCP/IP concepts 

? IP addressing and subnetting 

? NAT and private IP addressing 

? Default gateway 

? Network firewalls 

? LAN vs. WAN

F5 Networks is the leader in application security and availability. F5 Solutions ensure that applications are always secure and perform the way they should – anywhere, anytime, and on any device.

F5 Networks training courses will give you the knowledge needed to install and configure F5 Networks solutions including LTM, ASM, DNS, APM, AFM, AAM, Viprion, Big-IQ, iApps, and iRules.

F5 trainers bring to the classroom decades of extensive experience. All F5 Networks courses consist of Lectures, Labs, and Discussions and are available either in a classroom setting or as virtual live courses.

Network professionals intending to attend F5 Networks courses are required to be proficient with Basic PC operation and application skills, Windows OS & Basic Web Browser operation (HTTP).