Scribd
Upload
112 views

Https - Maxtrain - Com - Product - F5-Networks-Setting-Up-Big-Ip-Advanced-Waf-V14-Web-Application-Firewall-Formerly-Asm - Export - PDF True

This 1-day course teaches participants how to use F5 Advanced WAF to configure web application firewall protections for the F5 BIG-IP system. The course covers identifying vulnerabilities, deploying Advanced WAF using guided configurations, defining attack signatures and policies, mitigating common attacks like credentials stuffing, and using features like DataSafe and behavioral analysis to detect and block client-side fraud and denial of service attacks. The target audience is users looking to quickly deploy basic web application security and protections against bad actors using F5's Advanced WAF module.

Uploaded by

DDDD
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
112 views

Https - Maxtrain - Com - Product - F5-Networks-Setting-Up-Big-Ip-Advanced-Waf-V14-Web-Application-Firewall-Formerly-Asm - Export - PDF True

This 1-day course teaches participants how to use F5 Advanced WAF to configure web application firewall protections for the F5 BIG-IP system. The course covers identifying vulnerabilities, deploying Advanced WAF using guided configurations, defining attack signatures and policies, mitigating common attacks like credentials stuffing, and using features like DataSafe and behavioral analysis to detect and block client-side fraud and denial of service attacks. The target audience is users looking to quickly deploy basic web application security and protections against bad actors using F5's Advanced WAF module.

Uploaded by

DDDD
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 4

Maxtrain.com - info@maxtrain.

com - 513-322-8888 - 866-595-6863

TLG-F5AWAFS14x

F5 Networks Setting Up BIG-IP Advanced WAF V14:


Web Application Firewall (Formerly ASM)

Description

In this 1 day course, participants identify and mitigate


common web application vulnerabilities on the client and
application sides of the threat spectrum. Participants use
F5 Advanced WAF to quickly configure advanced
protection against common Layer 7 vulnerabilities
(OWASP Top Ten) and bot defense.

Course Objectives | Setting up F5 Advanced Web


Application Firewall v14

Provision the Application Security Manager and Fraud


Protection Service modules
Define a web application firewall

Deploy F5 Advanced WAF using the Guided Configuration


for Application Security
Define learn, alarm, and block settings as they pertain to configuring F5 Advanced WAF
Define attack signatures and explain why attack signature staging is important

Contrast positive and negative security policy implementation and explain the benefits of each
Tune a policy manually by reviewing learning suggestions
Deploy a Threat Campaign
Mitigate Credentials Stuffing attacks

Secure a URL from client-side fraud using DataSafe encryption and obfuscation
Deploy F5 Advanced WAF using the Guided Configuration for L7 Denial of Service Protection
Use the automated L7 Behavioral Denial of Service feature to detect and mitigate DoS attacks

Course Topics
Differentiating between client-side and application-side web vulnerabilities
Categorizing Attack Techniques

Use the Guided Configuration to deploy a Web Application Security Policy


Defining the key parts of a Web Application Security Policy
Understanding request logging options
Identifying HTTP headers and methods

Defining attack signatures, attack signature staging, and violations


Overview of the OWASP Top Ten
Review learning suggestions and basic policy tuning
Deploy Threat Campaign
Mitigate Credentials Stuffing

Secure a URL from client-side fraud using DataSafe encryption and obfuscation
Use the automated L7 Behavioral Denial of Service feature to detect and mitigate DoS attacks

Outline

Lesson 1 : Setting Up the BIG-IP System


Introducing the BIG-IP System

Initially Setting Up the BIG-IP System

Archiving the BIG-IP System Configuration


Leveraging F5 Support Resources and Tools

Lesson 2 : Threat Overview and Guided Configuration


Classifying Attack Types

Differentiating Benign and Malicious Clients

Categorizing Attack Techniques


Defining the Layer 7 Web Application Firewall

Defining Traffic Processing Objects


Introducing F5 Advanced WAF

Using Guided Configuration for Web Application Security

Lesson 3 : Exploring HTTP Traffic


Exploring Web Application HTTP Request Processing

Overview of Application-Side Vulnerabilities


Defining Attack Signatures

Defining Violations

Lesson 4 : Securing HTTP Traffic


Defining Learning

Defining Attack Signature Staging


Defining Attack Signature Enforcement

Lesson 5 : Mitigating Credentials Stuffing


Defining Credentials Stuffing Attacks

The Credentials Stuffing Mitigation Workflow

Lesson 6 : Using BIG-IP DataSafe


What Elements of Application Delivery are Targeted?

Exploiting the Document Object Model

Protecting Applications Using DataSafe


Configuring a DataSafe Profile

Lesson 7 : Using Layer 7 Behavioral Analysis to Mitigate DoS


Defining Behavioral Analysis
Defining the DoS Protection Profile

PreRequisites

Administering BIG-IP, OSI model, TCP/IP addressing and routing, WAN, LAN environments; or having achieved
TMOS Administration Certification. Knowledge of Advanced WAF/ASM is recommended.

Audience

This course is intended for users who wish to rapidly deploy a basic web application security policy with
minimal configuration; deploy a DoS Protection Profile to detect server stress, and block bad actors.
$995.00 List Price 1 Day Course

Class Dates
Request a Date or a Private Class below.

 MAX Educ. Savings

Related Classes
F5 Networks Configuring BIG-IP Advanced WAF v14: Web Application Firewall (formerly
ASM)

You might also like