| Course Features | ||
|---|---|---|
|
|
Training Type |
Online
|
|
|
Course Duration |
24hrs
|
|
|
Price |
49.999 |
|
|
Training Test |
Yes
|
|
|
Batch Available |
(Mon-Fri)&(Sat-Sun)
|
|
|
Skill Level |
Beginner |
|
|
Latest Technology Coverage |
CISCO, AWS, MICROSOFT, Certificate Courses |
|
|
Hands-on-Lab experience,one-to-one Problem Solving Session |
Yes |
Register for Demo
F5 BIG-IP ASM
In this course, you will learn how to deploy, tune, and operate BIG-IP Application Security Manager (ASM) to protect your web applications from HTTP-based attacks. The course includes lecture, hands-on labs, and discussion about different ASM components for detecting and mitigating threats from multiple attack vectors such web scraping, Layer 7 Denial of Service, brute force, bots, code injection, and zero day.
WHAT YOU'LL LEARN
- Setting up the BIG-IP system
- Traffic processing with BIG-IP Local Traffic Manager (LTM)Web Application Concepts
- Web Application Vulnerabilities
- Security Policy Deployment
- Security Policy Tuning
- Attack Signatures
- Positive Security Building
- Securing Cookies and other headers
- Reporting and Logging
- User Roles
- Policy Modification, Merging, and Exporting
- Advanced parameter handling
- Using application templates
- Using Automatic Policy Build
- Integrating with web vulnerability scanners
- Login enforcement and session tracking
- Web scraping detection and mitigation
- Using Parent and Child policies
- Layer 7 DoS protection
- ASM and iRules
- Using Content Profiles for AJAX and JSON applications
CLASSROOM LIVE OUTLINE
Lesson 1 : Setting Up the BIG-IP System
- Introducing the BIG-IP System
- Initially Setting Up the BIG-IP System
- Archiving the BIG-IP System Configuration
- Leveraging F5 Support Resources and Tools
Lesson 2 : Traffic Processing with BIG-IP
- Identifying BIG-IP Traffic Processing Objects
- Overview of Network Packet Flow
- Understanding Profiles
- Overview of Local Traffic Policies and ASM
- HTTP Request Flow
- Chapter Resources
Lesson 3 : Web Application Concepts
- Overview of Web Application Request Processing
- Web Application are Vulnerable Even with SSL
- Layer 7 Protection with Web Application Firewalls
- Overview of Web Communication Elements
- Parsing URLs
- Overview of the HTTP Request Structure
Method: Perform Actions on a Server
- HTTP Methods ASM Accepts by Default
- Comparing POST with GET
- Risks Within Other Methods
- Methods Enforcement for URLs
- HTTP Response Codes
- Examining HTTP Responses
- HTTP User Input Forms: Free Text Input
- User Input Forms: Free Text Input
- How ASM Parses File Types, URLs, and Parameters
- Using the Fiddler HTTP Proxy
- Chapter Resources
Lesson 4 : Common Web Application Vulnerabilities
- Common Exploits Against Web Applications
Lesson 5 : Security Policy Deployment
- Deployment: Combining Positive and Negative Security
- The Deployment Workflow
- Policy Type: How Will the Policy Be Applied
- Policy Template: Determines the Level of Protection
- Policy Templates: Automatic or Manual Policy Building
- Deployment Workflow: Advanced Settings
- Viewing Requests
- Security Checks Offered by Rapid Deployment
- Response Checks Using Data Guard
- Chapter Resources
Lesson 6 : Policy Tuning and Violations
- Post-Deployment Traffic Processing
- Defining Violations
- Defining False Positives
- How Violations are Categorized
- Violation Rating: A Threat Scale
- Defining Staging and Enforcement
- Defining Enforcement Mode
- Defining the Enforcement Readiness Period
- Defining Learning
- Defining Learning Suggestions
- Choosing Automatic or Manual Learning
- Defining the Learn, Alarm and Block Settings
- Interpreting the Enforcement Readiness Summary
- Configuring the Blocking Response Page
- Chapter Resources
Lesson 7 : Attack Signatures
- Defining Attack Signatures
- Creating User-Defined Attack Signatures
- Defining Attack Signature Sets
- Defining Attack Signature Pools
- Updating Attack Signatures
- Understanding Attack Signatures and Staging
- Chapter Resources
Lesson 8 : Positive Security Policy Building
- Defining Security Policy Components
- Defining the Wildcard
- The Entity Staging Lifecycle
- Choosing the Learning Scheme
How to Learn: Never (Wildcard Only)
How to Learn: Always
How to Learn: Selective
- Reviewing the Enforcement Readiness Period: Entities
- Violations Without Learning Suggestions
- Defining the Learning Score
- Defining Trusted and Untrusted IP Addresses
How to Learn: Compact
Chapter Resources
Lesson 9 : Cookies and Other Headers
- ASM Cookies: What to Enforce
- Defining Allowed and Enforced Cookies
- Configuring Security Processing on HTTP headers
- Chapter Resources
Lesson 10 : Reporting and Logging
Reporting: Build Your Own View Reporting: Chart Based on Filters Brute Force and Web Scraping Statistics Viewing ASM Resource Reports PCI Compliance: PCI-DSS 3.0 Generating a Security Events Report Viewing Traffic Learning Graphs Local Logging Facilities and Destinations Viewing Logs in the Configuration Utility Logging Profiles: Build What You Need Chapter Resources
Lesson 11 : Lab Project
Lesson 12 : User Roles and Policy Modification
- Defining User Roles
- Defining ASM User Roles
- Defining Partitions
- Configuring User Partition Access
- Comparing Security Policies with Policy Diff
- Merging Security Policies
- Editing and Exporting Security Policies
- Restoring with Policy History
- Examples of ASM Deployment Types
- ConfigSync and ASM Security Data
- ASMQKVIEW: Provide to F5 Support for Troubleshooting Chapter Resources
Lesson 13 : Advanced Parameter Handling
- Defining Parameter Types
- Defining Static Parameters
- Defining Dynamic Parameters
- Defining Dynamic Parameter Extraction Properties
- Defining Parameter Levels
- Other Parameter Considerations
- Chapter Resources
Lesson 14 : Application-Ready Templates
- Application Templates: Pre-Configured Baseline Security
- Chapter Resources
Lesson 15 : Automatic Policy Building
- Overview of Automatic Policy Building
- Defining Templates Which Automate Learning
- Defining Policy Loosening
- Defining Policy Tightening
- Defining Learning Speed: Traffic Sampling
- Defining Track Site Changes
- Chapter Resources
Lesson 16 : Web Application Vulnerability Scanners
- Integrating Scanner Output Into ASM
- Will Scan be Used for a New or Existing Policy?
- Importing Vulnerabilities
- Resolving Vulnerabilities
- Using the Generic XML Scanner XSD File
- Chapter Resources
Lesson 17 : Login Enforcement & Session Tracking
- Defining a Login URL
- Login Enforcement: Time and Logout Conditions
- Defining Session Tracking
- Configuring Actions Upon Violation Detection
- Session Hijacking Mitigation
- Why Fingerprint a Client
- Chapter Resources
Lesson 18 : Brute Force and Web Scraping Mitigation
- Defining Anomalies
- Mitigating Brute Force Attacks via Login Page
- Defining Session-Based Brute Force Protection
- Defining Dynamic Brute Force Protection
- Defining the Prevention Policy
- Defining Web Scraping
- Defining Geolocation Enforcement
- Configuring IP Address Exceptions
- Chapter Resources
Lesson 19 : Layered Policies
- Defining a Parent Policy
- Defining Inheritance
- Parent Policy Deployment Use Cases
- Chapter Resources
Lesson 20 : Layer 7 DoS mitigation
- Defining Denial of Service Attacks
- Defining DoS Profile General Settings
- Defining Proactive Bot Defense
- Using Bot Signatures
- Defining TPS-based DoS Protection
- Defining Operation Mode
- Defining Mitigation Methods
- Defining Behavioral and Stress-Based Detection
- Defining Behavioral DoS
- Chapter Resources
Lesson 21 : ASM and iRules
- Common Uses for iRules
- Identifying iRule Components
- Triggering iRules with Events
- Defining ASM iRule Events
- Defining ASM iRule Commands
- Using ASM iRule Event Modes
- Chapter Resources
Lesson 22 : Content Profiles
- Defining Asynchronous JavaScript and XML
- Defining JavaScript Object Notation (JSON)
- Defining Content Profiles
- The Order of Operations for URL Classification
- Chapter Resources
Lesson 23 : Review and Final Labs
WHO SHOULD ATTEND
Security and network administrators who are responsible for the installation, deployment, tuning, and day-to-day maintenance of the Application Security Manager.