We are happy to advise you!
+49 40 253346-10     Contact
> > > TRG-BIG-AWF-CFG

Configuring F5 Advanced WAF (previously licensed as ASM) (TRG-BIG-AWF-CFG)

Course Description Schedule
 

Course Overview

In this 4 day course, students are provided with a functional understanding of how to deploy, tune, and operate F5 Advanced Web Application Firewall to protect their web applications from HTTP-based attacks.

The course includes lecture, hands-on labs, and discussion about different F5 Advanced Web Application Firewall tools for detecting and mitigating threats from multiple attack vectors such web scraping, Layer 7 Denial of Service, brute force, bots, code injection, and zero day exploits.

Prerequisites

There are no F5-technology-specific prerequisites for this course. However, completing the following before attending would be very helpful for students with limited BIG-IP administration and configuration experience:

or

  • F5 Certified BIG-IP Administrator

The following general network technology knowledge and experience are recommended before attending any F5 Global Training Services instructor-led course:

  • OSI model encapsulation
  • Routing and switching
  • Ethernet and ARP
  • TCP/IP concepts
  • IP addressing and subnetting
  • NAT and private IP addressing
  • Default gateway
  • Network firewalls
  • LAN vs. WAN

Course Objectives

  • Describe the role of the BIG-IP system as a full proxy device in an application delivery network
  • Provision F5 Advanced Web Application Firewall resources
  • Define a web application firewall
  • Describe how F5 Advanced Web Application Firewall protects a web application by securing file types, URLs, and parameters
  • Deploy F5 Advanced Web Application Firewall using the Rapid Deployment template (and other templates) and define the security checks included in each
  • Define learn, alarm, and block settings as they pertain to configuring F5 Advanced Web Application Firewall
  • Define attack signatures and explain why attack signature staging is important
  • Contrast positive and negative security policy implementation and explain benefits of each
  • Configure security processing at the parameter level of a web application
  • Use an application template to protect a commercial web application
  • Deploy F5 Advanced Web Application Firewall using the Automatic Policy Builder
  • Tune a policy manually or allow automatic policy building
  • Integrate third party application vulnerability scanner output into a security policy
  • Configure login enforcement and session tracking
  • Configure protection against brute force, web scraping, and Layer 7 denial of service attacks
  • Implement iRules using specific F5 Advanced Web Application Firewall events and commands
  • Use Content Profiles to protect JSON and AJAX-based applications
  • Implement Bot Signatures
  • Implement Proactive Bot Defense

Course Content

  • Resource provisioning for F5 Advanced Web Application Firewall
  • Traffic processing with BIG-IP Local Traffic Manager (LTM)
  • Web application concepts
  • Web application vulnerabilities
  • Security policy deployment
  • Security policy tuning
  • Attack signatures
  • Positive security building
  • Securing cookies and other headers
  • Reporting and logging
  • Policy Diff, merging, and exporting
  • Advanced parameter handling
  • Using application templates
  • Using Automatic Policy Builder
  • Integrating with web vulnerability scanners
  • Login enforcement
  • Brute force mitigation
  • Session tracking
  • Web scraping detection and mitigation
  • Geolocation Enforcement and IP Address Exceptions
  • Using Parent and Child policies
  • Layer 7 DoS protection
  • F5 Advanced Web Application Firewall and iRules
  • Using Content Profiles for AJAX and JSON applications
  • Advanced Bot Detection and Defense
  • Proactive Bot Defense
Classroom Training

Duration 4 days

Price (excl. tax)
  • Germany: US$ 3,995.-
  • Switzerland: US$ 3,995.-
 
Click on town name to book Schedule
This is a FLEX course, which is delivered both virtually and in the classroom.
Germany
10/09/2019 - 13/09/2019 Munich Course language: English
11/09/2019 - 13/09/2019 Munich 3 days Course language: English

Fast Lane Flex™ Classroom If you can't find a suitable date, don't forget to check our world-wide FLEX™ training schedule.

Latin America
Mexico
17/09/2019 - 20/09/2019 FLEX training This is an Spanish language FLEX course.
Time zone: America/Mexico_City
16/12/2019 - 19/12/2019 FLEX training This is an Spanish language FLEX course.
Time zone: America/Mexico_City
 

Cookies help us deliver our services. By using our services, you agree to our use of cookies.   Got it!