Trainings F5 Networks

Training goals dlearning

The BIG-IP Application Security Manager course gives participants a functional understanding of how to deploy, tune, and operate BIG-IP Application Security Manager (ASM) to protect their web applications from HTTP-based attacks. The course includes lecture, hands-on labs, and discussion about different ASM components for detecting and mitigating threats from multiple attack vectors such web scraping, Layer 7 Denial of Service, brute force, bots, code injection, and zero day.

Audience:
This course is intended for security and network administrators who will be responsible for the installation, deployment, tuning, and day-to-day maintenance of the Application Security Manager.

Course is based on the system version v13.

Conspect Show list

  1. Setting Up the BIG-IP System
    • Introducing the BIG-IP System
    • Initially Setting Up the BIG-IP System
    • Archiving the BIG-IP Configuration
    • Leveraging F5 Support Resources and Tools
  2. Traffic Processing with BIG-IP
    • Identifying BIG-IP Traffic Processing Objects
    • Understanding Network Packet Flow
    • Understanding Profiles
    • Overview of Local Traffic Policies and ASM
  3. Web Application Concepts
    • Anatomy of a Web Application
    • An Overview of Common Security Methods
    • Examining HTTP and Web Application Components
    • Examining HTTP Headers
    • Examining HTTP Responses
    • Examining HTML Components
    • How ASM Parses File Types, URLs, and Parameters
    • Using the Fiddler HTTP proxy tool
  4. Web Application Vulnerabilities
    • OWASP Top 10 Vulnerabilities
  5. Security Policy Deployment
    • Comparing Positive and Negative Security
    • Using the Deployment Wizard
    • Deployment Wizard: Local Traffic Deployment
    • Deployment Wizard: Workflow
    • Reviewing Requests
    • Security Checks offered by Rapid Deployment
    • Configuring Data Guard
  6. Policy Tuning and Violations
    • Post-Configuration Traffic Processing
    • Defining False Positives
    • How Violations are Categorized
    • Violation Ratings
    • Enforcement Settings and Staging: Policy Control
    • Defining Signature Staging
    • Defining Enforcement Readiness Period
    • Defining Learning
    • Violations and Learning Suggestions
    • Learning Mode: Automatic or Manual
    • Defining Learn, Alarm and Block settings
    • Interpreting Enforcement Readiness Summary
    • Configuring the Blocking Response Page
  7. Attack Signatures
    • Defining Attack Signatures
    • Creating User-Defined Attack Signatures
    • Attack Signature Normalization
    • Attack Signature Structure
    • Defining Attack Signature Sets
    • Defining Attack Signature Pools
    • Updating Attack Signatures
    • Understanding Attack Signatures and Staging
  8. Positive Security Policy Building
    • Defining Security Policy Components
    • Choosing an Explicit Entities Learning Scheme
    • How to learn: Add All Entities
    • Staging and Entities: the Entity Lifecycle
    • How to Learn: Never (Wildcard Only)
    • How to Learn: Selective
    • Learning Differentiation: Real Threats vs. False Positives
  9. Cookies and Other Headers
    • ASM Cookies: What to enforce
    • Understanding Allowed and Enforced Cookies
    • Configuring Security Processing on HTTP Headers
  10. Reporting and Logging
    • Reporting Capabilities in ASM
    • Viewing DoS Reports
    • Generating an ASM Security Events Report
    • Viewing Log files and Local Facilities
    • Understanding Logging Profiles
  11. User Roles and Policy Modification
    • Understanding User Roles & Partitions
    • Comparing Policies
    • Editing and Exporting Security Policies
    • Examples of ASM Deployment Types
    • Overview of ASM Synchronization
    • Collecting Diagnostic Data with asmqkview
  12. Lab Project
    • Lab Project 1
  13. Advanced Parameter Handling
    • Defining Parameters
    • Defining Static Parameters
    • Understanding Dynamic Parameters and Extractions
    • Defining Parameter Levels
    • Understanding Attack Signatures and Parameters
  14. Automatic Policy Building
    • Overview of Automatic Policy Building
    • Choosing a Policy Type
    • Defining Policy Building Process Rules
    • Defining the Learning Score
  15. Web Application Vulnerability Scanners
    • Integrating ASM with Vulnerability Scanners
    • Importing Vulnerabilities
    • Resolving Vulnerabilities
    • Using the Generic XML Scanner Output
  16. Login Enforcement & Session Tracking
    • Defining a Login URL
    • Defining Session Awareness and User Tracking
  17. Brute force and Web Scraping Mitigation
    • Defining Anomalies
    • Mitigating Brute Force Attacks
    • Defining Session-Based Brute Force Protection
    • Defining Dynamic Brute Force Protection
    • Defining the Prevention Policy
    • Mitigating Web Scraping
    • Defining Geolocation Enforcement
    • Configuring IP Address Exceptions
  18. Layer 7 DoS Mitigation
    • Defining Denial of Service Attacks
    • Defining General Settings L7 DoS profile
    • Defining TPS-Based DoS protection
    • Defining Operation Mode
    • Defining Mitigation Methods
    • Defining Stress-Based Detection
    • Defining Proactive Bot Defense
    • Using Bot Signatures
  19. ASM and iRules
    • Defining Application Security iRule Events
    • Using ASM iRule Event Modes
    • iRule Syntax
    • ASM iRule Commands
  20. XML and Web Services
    • Defining XML
    • Defining Web Services
    • Configuring an XML Profile
    • Schema and WSDL Configuration
    • XML Attack Signatures
    • Using Web Services Security
  21. Web 2.0 Support: JSON Profiles
    • Defining Asynchronous JavaScript and XML
    • Defining JavaScript Object Notation
    • Configuring a JSON Profile
  22. Review and Final Labs
Download conspect training as PDF

Additional information

Requirements

Before attending the Troubleshooting, ASM, DNS, APM, AAM, AFM, VIPRION or iRules courses is mandatory:

  • to take part in the BIG-IP Admin or LTM course
  • or possession of F5-CA or F5-CTS LTM certification
  • or pass special assessment test with sore 70% or greater.

To take assessment test:
Step 1: get an account on F5 University https://university.f5.com
Step 2: goto My Training and find Administering BIG-IP Course Equivalency Assessment
Take the test. Pass mark is 70%
Step 3: take a screen shot as proof of results
If this prerequisite is not met, F5 Networks have the right to refuse entry to the class.

Difficulty level
Duration 4 days
Certificate

The participants will obtain certificates signed by F5 Networks (course completion). This course also will help to prepare you for the F5 Networks ASM Specialist certification (F5-CTS) exams Exam 303 - ASM Specialist, which is available through the Pearson VUE test centers.

Trainer

Certified F5 Networks Trainer.

F5 Networks show more courses

Please fill form below to obtain more info about this training.







* Fields marked with (*) are required !!!

Information on data processing by Compendium - Centrum Edukacyjne Spółka z o.o.

The administrator of personal data is Compendium - Centrum Edukacyjne Spółka z o.o. with headquarters in Krakow, ul. Tatarska 5,30-103 Kraków, e-mail: compendium@compendium.pl.

In matters related to your data, you can contact the appointed Data Protection Officer, e-mail and iod@compendium.pl, or by writing to the correspondence address of Compendium - Centrum Edukacyjne Spółka z o.o. ul. Tatarska 5, 30-103 Krakow

The data will be processed in order to send commercial and marketing information and send the newsletter on the basis of expressed consent.

Data can be shared:

- Compendium employees and co-workers - Centrum Edukacyjne Spółka z o.o., who must have access to personal data to process your order or service
- entities processing data on behalf of Compendium - Centrum Edukacyjne Spółka z o.o., eg by post, courier, professional carrier,
- authorized state bodies, including supervisory authorities, within the scope of their powers.

The data will be stored for the duration of the order and after-sales services, and if this period can not be determined - until you express your objection.

You have the right to access your personal data, rectify it, delete or limit processing.

You have the right to object to further processing, and if you agree to the processing of data for its withdrawal. The exercise of the right to withdraw consent does not affect the processing that took place until the consent was withdrawn.

You also have the right to transfer data..

Please be advised that your personal data will not be profiled.

You have the right to lodge a complaint with the supervisory body of the President of the Office for Personal Data Protection in the case of processing your personal data in a manner that violates the provisions of the GDPR.

3995 USD

close

Discount codes

Discount code may refer to (training, producer, deadline). If you have a discount code, enter it in the appropriate field.
(green means entering the correct code | red means the code is incorrect)

FORM OF TRAINING ?

close

Traditional training

Sessions organised at Compendium CE are usually held in our locations in Kraków and Warsaw, but also in venues designated by the client. The group participating in training meets at a specific place and specific time with a coach and actively participates in laboratory sessions.

Dlearning training

You may participate from at any place in the world. It is sufficient to have a computer (or, actually a tablet, or smartphone) connected to the Internet. Compendium CE provides each Distance Learning training participant with adequate software enabling connection to the Data Center. For more information, please visit dlearning.eu site

TRAINING MATERIALS ?

close

Paper materials

Traditional Materials: The price includes standard materials issued in the form of paper books, printed or other, depending on the arrangements with the manufacturer.

Ctab materials

Ctab materials: the price includes ctab tablet and electronic training materials or traditional training materials and supplies provided electronically according to manufacturer's specifications (in PDF or EPUB form). The materials provided are adapted for display on ctab tablets. For more information, check out the ctab website.

 

SELECT TERM TRAINING

    • General information
    • Guaranteed dates
    • Last minute (-10%)
    • Language of the training
    • English
Book a training appointment