Configuring F5 Advanced WAF (previously licensed as ASM) (TRG-BIG-AWF-CFG)

 

Course Overview

In this 4 day course, students are provided with a functional understanding of how to deploy, tune, and operate F5 Advanced Web Application Firewall to protect their web applications from HTTP-based attacks.

The course includes lecture, hands-on labs, and discussion about different F5 Advanced Web Application Firewall tools for detecting and mitigating threats from multiple attack vectors such web scraping, Layer 7 Denial of Service, brute force, bots, code injection, and zero day exploits.

Prerequisites

Prerequisite – Students must complete ONE of these:

  • Attend an Administering BIG-IP (TRG-BIG-OP-ADMIN) class
  • Achieve F5 Certified BIG-IP Administrator certification
  • Pass the free Administering BIG-IP Course Equivalency Assessment with a score of 70% or higher

The following general network technology knowledge and experience are recommended before attending any F5 Global Training Services instructor-led course:

  • OSI model encapsulation
  • Routing and switching
  • Ethernet and ARP
  • TCP/IP concepts
  • IP addressing and subnetting
  • NAT and private IP addressing
  • Default gateway
  • Network firewalls
  • LAN vs. WAN

Course Objectives

  • Students should be able to:
  • Describe the role of the BIG-IP system as a full proxy device in an application delivery network
  • Provision the F5 Advanced Web Application Firewall
  • Define a web application firewall
  • Describe how F5 Advanced Web Application Firewall protects a web application by securing file types, URLs, and parameters
  • Deploy F5 Advanced Web Application Firewall using the Rapid Deployment template (and other templates) and define the security checks included in each
  • Define learn, alarm, and block settings as they pertain to configuring F5 Advanced Web Application Firewall
  • Define attack signatures and explain why attack signature staging is important
  • Deploy Threat Campaigns to secure against CVE threats
  • Contrast positive and negative security policy implementation and explain benefits of each
  • Configure security processing at the parameter level of a web application
  • Deploy F5 Advanced Web Application Firewall using the Automatic Policy Builder
  • Tune a policy manually or allow automatic policy building
  • Integrate third party application vulnerability scanner output into a security policy
  • Configure login enforcement for flow control
  • Mitigate credential stuffing
  • Configure protection against brute force attacks
  • Deploy Advanced Bot Defense against web scrapers, all known bots, and other automated agents
  • Deploy DataSafe to secure client-side data

Course Content

  • Resource provisioning for F5 Advanced Web Application Firewall
  • Traffic processing with BIG-IP Local Traffic Manager (LTM)
  • Web application concepts
  • Mitigating the OWASP Top 10 and other vulnerabilities
  • Security policy deployment
  • Security policy tuning
  • Deploying Attack Signatures and Threat Campaigns
  • Positive security building
  • Securing cookies and other headers
  • Reporting and logging
  • Advanced parameter handling
  • Using Automatic Policy Builder
  • Integrating with web vulnerability scanners
  • Login enforcement for flow control
  • Brute force and credential stuffing mitigation
  • Session tracking for client reconnaissance
  • Using Parent and Child policies
  • Layer 7 DoS protection
  • Transaction Per Second-based DoS protection
  • Layer 7 Behavioral DoS Protection
  • Configuring Advanced Bot Defense
  • Web Scraping and other Microservice Protection
  • Working with Bot Signatures
  • Using DataSafe to Secure the client side of the Document Object Model
  • Certification
  • 303 ASM Specialist

Prijs & Delivery methods

Online training

Duur
4 dagen

Prijs
  • 3.800,– €
Klassikale training

Duur
4 dagen

Prijs
  • Nederland: 3.800,– €
  • België: 3.800,– €

Beschikbare data

Instructor-led Online Training:   Dit is een Instructor-Led Online (ILO) training: een online training verzorgd door een trainer.
Dit is een FLEX-training: een training die zowel klassikaal als online gevolgd kan worden. Je kiest zelf de gewenste leervorm.

Engels

Tijdzone: Midden-Europese Tijd (MET)   ±1 uur

Online training Tijdzone: Greenwich Mean Time (GMT)
Online training Dit is een FLEX-training. Tijdzone: Midden-Europese Tijd (MET)
Online training Dit is een FLEX-training. Tijdzone: Midden-Europese Zomertijd (MEZT)
Online training Dit is een FLEX-training. Tijdzone: Midden-Europese Zomertijd (MEZT)
Online training Dit is een FLEX-training. Tijdzone: Midden-Europese Zomertijd (MEZT)
Online training Dit is een FLEX-training. Tijdzone: Midden-Europese Zomertijd (MEZT)
Dit is een FLEX-training: een training die zowel klassikaal als online gevolgd kan worden. Je kiest zelf de gewenste leervorm.

Nederland

Houten Dit is een FLEX-training.   Tijdzone: Midden-Europese Tijd (MET) boek direct:
de online FLEX-training
de klassikale FLEX-training
Houten boek direct
Houten Dit is een FLEX-training.   Tijdzone: Midden-Europese Zomertijd (MEZT) boek direct:
de online FLEX-training
de klassikale FLEX-training
Houten Dit is een FLEX-training.   Tijdzone: Midden-Europese Zomertijd (MEZT) boek direct:
de online FLEX-training
de klassikale FLEX-training

België

Diegem Dit is een FLEX-training.   Tijdzone: Midden-Europese Zomertijd (MEZT) boek direct:
de online FLEX-training
de klassikale FLEX-training
Diegem Dit is een FLEX-training.   Tijdzone: Midden-Europese Zomertijd (MEZT) boek direct:
de online FLEX-training
de klassikale FLEX-training