Logo

Maxtrain.com - [email protected] - 513-322-8888 - 866-595-6863

F5-ASM-12

F5 Networks Configuring BIG-IP ASM v12: Application Security Manager

Alert Me

Outline

Lesson 1 : Setting up BIG-IP System
  • Introducing the BIG-IP System
  • Initially Setting Up the BIG-IP System
  • Archiving the BIG-IP Configuration
  • F5 Support Resources and Tools
Lesson 2 : Traffic Processing with BIG-IP
  • Identifying BIG-IP Traffic Processing Objects
  • Understanding Network Packet Flow
  • Understanding Profiles
  • Overview of Local Traffic Policies and ASM
Lesson 3 : Web Application Concepts
  • Anatomy of a web application
  • An Overview of Common Security Methods
  • Examining HTTP and Web Application Components
  • Examining HTTP Headers
  • Examining HTTP Responses
  • Examining HTML Components
  • How ASM Parses File Types, URLs, and Parameters
  • Using the Fiddler HTTP proxy tool
Lesson 4 : Web Application Vulnerabilities
  • OWASP Top 10 Vulnerabilities
Lesson 5 : Security Policy Deployment
  • Comparing Positive and Negative Security
  • Using the Deployment Wizard
  • Deployment Wizard: Local Traffic Deployment
  • Deployment Wizard: Workflow
  • Reviewing Requests
  • Security Checks offered by Rapid Deployment
  • Configuring Data Guard
Lesson 6 : Policy Tuning and Violations
  • Post-Configuration Traffic Processing
  • Defining False Positives
  • How Violations are Categorized
  • Violation Ratings
  • Enforcement Settings and Staging: Policy Control
  • Defining Signature Staging
  • Defining Enforcement Readiness Period
  • Defining Learning
  • Violations and Learning Suggestions
  • Learning Mode: Automatic or Manual
  • Defining Learn, Alarm and Block settings
  • Interpreting Enforcement Readiness Summary
  • Configuring the Blocking Response Page
Lesson 7 : Attack Signatures
  • Defining Attack Signatures
  • Creating User-Defined Attack Signatures
  • Attack Signature Normalization
  • Attack Signature Structure
  • Defining Attack Signature Sets
  • Defining Attack Signature Pools
  • Updating Attack Signatures
  • Understanding Attack Signatures and Staging
Lesson 8 : Positive Security Policy Building
  • Defining Security Policy Components
  • Choosing an Explicit Entities Learning Scheme
  • How to learn: Add All Entities
  • Staging and Entities: The Entity Lifecycle
  • How to Learn: Never (Wildcard Only)
  • How to Learn: Selective
  • Learning Differentiation: Real Threats vs. False positives
Lesson 9 : Cookies and Other Headers
  • ASM Cookies: What to Enforce
  • Understanding Allowed and Enforced Cookies
  • Configuring Security Processing on HTTP Headers
Lesson 10 : Reporting and Logging
  • Reporting Capabilities in ASM
  • Viewing DoS Reports
  • Generating an ASM Security Events Report
  • Viewing Log files and Local Facilities
  • Understanding Logging Profile
Lesson 11 : User Roles and Policy Modification
  • Understanding User Roles and Partitions
  • Comparing Policies
  • Editing and Exporting Security Policies
  • Examples of ASM Deployment Types
  • Overview of ASM Synchronization
  • Collecting Diagnostic Data with asmqkview
Lesson 12 : Lab Project
  • Lab Project 1
Lesson 13 : Advanced Parameter Handling
  • Defining Parameters
  • Defining Static Parameters
  • Understanding Dynamic Parameters and Extractions
  • Defining Parameter Levels
  • Understanding Attack Signatures and Parameters
Lesson 14 : Application-Ready Templates
  • Application Template Overview
Lesson 15 : Automatic Policy Building
  • Overview of Automatic Policy Building
  • Choosing a Policy Type
  • Defining Policy Building Process Rules
  • Defining the Learning Score
Lesson 16 : Web Application Vulnerability Scanners
  • Integrating ASM with Vulnerability Scanners
  • Importing Vulnerabilities
  • Resolving Vulnerabilities
  • Using the Generic XML Scanner Output
Lesson 17 : Login Enforcement & Session Tracking
  • Defining a Login URL
  • Defining Session Awareness and User Tracking
Lesson 18 : Brute force and Web Scraping Mitigation
  • Defining Anomalies
  • Mitigating Brute Force Attacks
  • Defining Session-Based Brute Force Protection
  • Defining Dynamic Brute Force Protection
  • Defining the Prevention Policy
  • Mitigating Web Scraping
  • Defining Geolocation Enforcement
  • Configuring IP Address Exceptions
Lesson 19 : Layer 7 DoS Mitigation
  • Defining Denial of Service Attacks
  • Defining General Settings L7 DoS Profile
  • Defining TPS-Based DoS Protection
  • Defining Operation Mode
  • Defining Mitigation Methods
  • Defining Stress-Based Detection
  • Defining Proactive Bot Defense
  • Using Bot Signatures
Lesson 20 : ASM and iRules
  • Defining Application Security iRule Events
  • Using ASM iRule Event Modes
  • iRule Syntax
  • ASM iRule Commands
Lesson 21 : XML and Web Services
  • Defining XML
  • Defining Web Services
  • Configuring an XML Profile
  • Schema and WSDL Configuration
  • XML Attack Signatures
  • Using Web Services Security
Lesson 22 : Web 2.0 Support: JSON Profiles
  • Defining Asynchronous JavaScript and XML
  • Defining JavaScript Object Notation
  • Configuring a JSON Profile
Lesson 23 : Review and Final Labs Lesson 24 : Additional Training and Certification
  • Getting Started Series Web-Based Training
  • F5 Instructor Led Training Curriculum
  • F5 Professional Certification Program

PreRequisites

  • Administering BIG-IP
  • Basic familiarity with HTTP, HTML and XML
  • Basic web application and security concepts.
$3995.00 List Price

4 Days Course

Class Dates

Request a Date or a Private Class below.


MAX Educ. Savings
Categories: , Tags: ,
Loading ...