course overview
download outline
Overview
In this 4-day course, students are provided with a functional understanding of how to deploy, tune, and operate F5 Advanced Web Application Firewall to protect their web applications from HTTP-based attacks.
The course includes lecture, hands-on labs, and discussion about different F5 Advanced Web Application Firewall tools for detecting and mitigating threats from multiple attack vectors such web scraping, Layer 7 Denial of Service, brute force, bots, code injection, and zero-day exploits.
Course Topics
• Resource provisioning for F5 Advanced Web Application Firewall
• Traffic processing with BIG-IP Local Traffic Manager (LTM)
• Web application concepts
• Mitigating the OWASP Top 10 and other vulnerabilities
• Security policy deployment
• Security policy tuning
• Deploying Attack Signatures and Threat Campaigns
• Positive security building
• Securing cookies and other headers
• Reporting and logging
• Advanced parameter handling
• Using Automatic Policy Builder
• Integrating with web vulnerability scanners
• Login enforcement for flow control
• Brute force and credential stuffing mitigation
• Session tracking for client reconnaissance
• Using Parent and Child policies
• Layer 7 DoS protection
• Configuring Advanced Bot Defense
• Course Objectives
• Describe the role of the BIG-IP system as a full proxy device in an application delivery network
• Provision the F5 Advanced Web Application Firewall
• Define a web application firewall
• Describe how F5 Advanced Web Application Firewall protects a web application by securing file types, URLs, and parameters
• Deploy F5 Advanced Web Application Firewall using the Rapid Deployment template (and other templates) and define the security checks included in each
• Define learn, alarm, and block settings as they pertain to configuring F5 Advanced Web Application Firewall
• Define attack signatures and explain why attack signature staging is important
• Deploy Threat Campaigns to secure against CVE threats
• Contrast positive and negative security policy implementation and explain benefits of each
• Configure security processing at the parameter level of a web application
• Deploy F5 Advanced Web Application Firewall using the Automatic Policy Builder
• Tune a policy manually or allow automatic policy building
• Integrate third party application vulnerability scanner output into a security policy
• Configure login enforcement for flow control
• Mitigate credential stuffing
• Configure protection against brute force attacks
• Deploy Advanced Bot Defense against web scrapers, all known bots, and other automated agents
Audience
This course is intended for SecOps personnel responsible for the deployment, tuning, and day-to-day maintenance of F5 Adv. WAF.
Participants will obtain a functional level of expertise with F5 Advanced WAF, including comprehensive security policy and profile configuration, client assessment, and appropriate mitigation types.
• Experience with LTM is not required
• Prior WAF knowledge is not required
This course is on the list of approved study resources for the F5 ASM 303 certification exam.
Skills Gained
• Describe the role of the BIG-IP system as a full proxy device in an application delivery network
• Provision the F5 Advanced Web Application Firewall
• Define a web application firewall
• Describe how F5 Advanced Web Application Firewall protects a web application by securing file types, URLs, and parameters
• Deploy F5 Advanced Web Application Firewall using the Rapid Deployment template (and other templates) and define the security checks included in each
• Define learn, alarm, and block settings as they pertain to configuring F5 Advanced Web Application Firewall
• Define attack signatures and explain why attack signature staging is important
• Deploy Threat Campaigns to secure against CVE threats
• Contrast positive and negative security policy implementation and explain benefits of each
• Configure security processing at the parameter level of a web application
• Deploy F5 Advanced Web Application Firewall using the Automatic Policy Builder
• Tune a policy manually or allow automatic policy building
• Integrate third party application vulnerability scanner output into a security policy
• Configure login enforcement for flow control
• Mitigate credential stuffing
• Configure protection against brute force attacks
• Deploy Advanced Bot Defense against web scrapers, all known bots, and other automated agents
Prerequisites
There are no F5-technology-specific prerequisites for this course. However, completing the following before attending would be very helpful for students with limited BIG-IP administration and configuration experience:
? Administering BIG-IP instructor-led course ? -or-
? F5 Certified BIG-IP Administrator
The following free web-based training courses, although optional, will be very helpful for any student with limited BIG-IP administration and configuration experience.
These courses are available at LearnF5 (https://www.f5.com/services/training):
? Getting Started with BIG-IP web-based training
? Getting Started with BIG-IP Application Security Manager (ASM) web-based training
The following general network technology knowledge and experience are recommended before attending any F5 Global Training Services instructor-led course:
? OSI model encapsulation
? Routing and switching
? Ethernet and ARP
? TCP/IP concepts
? IP addressing and subnetting
? NAT and private IP addressing
? Default gateway
? Network firewalls
? LAN vs. WAN
Outline
F5 Networks is the leader in application security and availability. F5 Solutions ensure that applications are always secure and perform the way they should – anywhere, anytime, and on any device.
F5 Networks training courses will give you the knowledge needed to install and configure F5 Networks solutions including LTM, ASM, DNS, APM, AFM, AAM, Viprion, Big-IQ, iApps, and iRules.
F5 trainers bring to the classroom decades of extensive experience. All F5 Networks courses consist of Lectures, Labs, and Discussions and are available either in a classroom setting or as virtual live courses.
Network professionals intending to attend F5 Networks courses are required to be proficient with Basic PC operation and application skills, Windows OS & Basic Web Browser operation (HTTP).
If you need training for 3 or more people, you should ask us about onsite training. Putting aside the obvious location benefit, content can be customised to better meet your business objectives and more can be covered than in a public classroom. Its a cost effective option. One on one training can be delivered too, at reasonable rates.
Submit an enquiry from any page on this site and let us know you are interested in the requirements box, or simply mention it when we contact you.
All $ prices are in USD unless it’s a NZ or AU date
SPVC = Self Paced Virtual Class
LVC = Live Virtual Class
Our clients have included prestigious national organisations such as Oxford University Press, multi-national private corporations such as JP Morgan and HSBC, as well as public sector institutions such as the Department of Defence and the Department of Health.