WanForce

F5 BIG IP-ASM
ApplicationSecurityManager3
Course Features
Training Type
Online
Course Duration
24hrs
Price
49.999
Training Test
Yes
Batch Available
(Mon-Fri)&(Sat-Sun)
Skill Level
Beginner
Latest Technology Coverage
CISCO, AWS, MICROSOFT, Certificate Courses
Hands-on-Lab experience,one-to-one Problem Solving Session
Yes

Register for Demo

    F5 BIG-IP ASM

    In this course, you will learn how to deploy, tune, and operate BIG-IP Application Security Manager (ASM) to protect your web applications from HTTP-based attacks. The course includes lecture, hands-on labs, and discussion about different ASM components for detecting and mitigating threats from multiple attack vectors such web scraping, Layer 7 Denial of Service, brute force, bots, code injection, and zero day.

    WHAT YOU'LL LEARN

    • Setting up the BIG-IP system
    • Traffic processing with BIG-IP Local Traffic Manager (LTM)Web Application Concepts
    • Web Application Vulnerabilities
    • Security Policy Deployment
    • Security Policy Tuning
    • Attack Signatures
    • Positive Security Building
    • Securing Cookies and other headers
    • Reporting and Logging
    • User Roles
    • Policy Modification, Merging, and Exporting
    • Advanced parameter handling
    • Using application templates
    • Using Automatic Policy Build
    • Integrating with web vulnerability scanners
    • Login enforcement and session tracking
    • Web scraping detection and mitigation
    • Using Parent and Child policies
    • Layer 7 DoS protection
    • ASM and iRules
    • Using Content Profiles for AJAX and JSON applications

    CLASSROOM LIVE OUTLINE

    Lesson 1 : Setting Up the BIG-IP System

    • Introducing the BIG-IP System
    • Initially Setting Up the BIG-IP System
    • Archiving the BIG-IP System Configuration
    • Leveraging F5 Support Resources and Tools

    Lesson 2 : Traffic Processing with BIG-IP

    • Identifying BIG-IP Traffic Processing Objects
    • Overview of Network Packet Flow
    • Understanding Profiles
    • Overview of Local Traffic Policies and ASM
    • HTTP Request Flow
    • Chapter Resources

    Lesson 3 : Web Application Concepts

    • Overview of Web Application Request Processing
    • Web Application are Vulnerable Even with SSL
    • Layer 7 Protection with Web Application Firewalls
    • Overview of Web Communication Elements
    • Parsing URLs
    • Overview of the HTTP Request Structure

    Method: Perform Actions on a Server

    • HTTP Methods ASM Accepts by Default
    • Comparing POST with GET
    • Risks Within Other Methods
    • Methods Enforcement for URLs
    • HTTP Response Codes
    • Examining HTTP Responses
    • HTTP User Input Forms: Free Text Input
    • User Input Forms: Free Text Input
    • How ASM Parses File Types, URLs, and Parameters
    • Using the Fiddler HTTP Proxy
    • Chapter Resources

    Lesson 4 : Common Web Application Vulnerabilities

    • Common Exploits Against Web Applications

    Lesson 5 : Security Policy Deployment

    • Deployment: Combining Positive and Negative Security
    • The Deployment Workflow
    • Policy Type: How Will the Policy Be Applied
    • Policy Template: Determines the Level of Protection
    • Policy Templates: Automatic or Manual Policy Building
    • Deployment Workflow: Advanced Settings
    • Viewing Requests
    • Security Checks Offered by Rapid Deployment
    • Response Checks Using Data Guard
    • Chapter Resources

    Lesson 6 : Policy Tuning and Violations

    • Post-Deployment Traffic Processing
    • Defining Violations
    • Defining False Positives
    • How Violations are Categorized
    • Violation Rating: A Threat Scale
    • Defining Staging and Enforcement
    • Defining Enforcement Mode
    • Defining the Enforcement Readiness Period
    • Defining Learning
    • Defining Learning Suggestions
    • Choosing Automatic or Manual Learning
    • Defining the Learn, Alarm and Block Settings
    • Interpreting the Enforcement Readiness Summary
    • Configuring the Blocking Response Page
    • Chapter Resources

    Lesson 7 : Attack Signatures

    • Defining Attack Signatures
    • Creating User-Defined Attack Signatures
    • Defining Attack Signature Sets
    • Defining Attack Signature Pools
    • Updating Attack Signatures
    • Understanding Attack Signatures and Staging
    • Chapter Resources

    Lesson 8 : Positive Security Policy Building

    • Defining Security Policy Components
    • Defining the Wildcard
    • The Entity Staging Lifecycle
    • Choosing the Learning Scheme

    How to Learn: Never (Wildcard Only)

    How to Learn: Always

    How to Learn: Selective

    • Reviewing the Enforcement Readiness Period: Entities
    • Violations Without Learning Suggestions
    • Defining the Learning Score
    • Defining Trusted and Untrusted IP Addresses

    How to Learn: Compact

    Chapter Resources

    Lesson 9 : Cookies and Other Headers

    • ASM Cookies: What to Enforce
    • Defining Allowed and Enforced Cookies
    • Configuring Security Processing on HTTP headers
    • Chapter Resources

    Lesson 10 : Reporting and Logging

    Reporting: Build Your Own View Reporting: Chart Based on Filters Brute Force and Web Scraping Statistics Viewing ASM Resource Reports PCI Compliance: PCI-DSS 3.0 Generating a Security Events Report Viewing Traffic Learning Graphs Local Logging Facilities and Destinations Viewing Logs in the Configuration Utility Logging Profiles: Build What You Need Chapter Resources

    Lesson 11 : Lab Project

    Lesson 12 : User Roles and Policy Modification

    • Defining User Roles
    • Defining ASM User Roles
    • Defining Partitions
    • Configuring User Partition Access
    • Comparing Security Policies with Policy Diff
    • Merging Security Policies
    • Editing and Exporting Security Policies
    • Restoring with Policy History
    • Examples of ASM Deployment Types
    • ConfigSync and ASM Security Data
    • ASMQKVIEW: Provide to F5 Support for Troubleshooting Chapter Resources

    Lesson 13 : Advanced Parameter Handling

    • Defining Parameter Types
    • Defining Static Parameters
    • Defining Dynamic Parameters
    • Defining Dynamic Parameter Extraction Properties
    • Defining Parameter Levels
    • Other Parameter Considerations
    • Chapter Resources

    Lesson 14 : Application-Ready Templates

    • Application Templates: Pre-Configured Baseline Security
    • Chapter Resources

    Lesson 15 : Automatic Policy Building

    • Overview of Automatic Policy Building
    • Defining Templates Which Automate Learning
    • Defining Policy Loosening
    • Defining Policy Tightening
    • Defining Learning Speed: Traffic Sampling
    • Defining Track Site Changes
    • Chapter Resources

    Lesson 16 : Web Application Vulnerability Scanners

    • Integrating Scanner Output Into ASM
    • Will Scan be Used for a New or Existing Policy?
    • Importing Vulnerabilities
    • Resolving Vulnerabilities
    • Using the Generic XML Scanner XSD File
    • Chapter Resources

    Lesson 17 : Login Enforcement & Session Tracking

    • Defining a Login URL
    • Login Enforcement: Time and Logout Conditions
    • Defining Session Tracking
    • Configuring Actions Upon Violation Detection
    • Session Hijacking Mitigation
    • Why Fingerprint a Client
    • Chapter Resources

    Lesson 18 : Brute Force and Web Scraping Mitigation

    • Defining Anomalies
    • Mitigating Brute Force Attacks via Login Page
    • Defining Session-Based Brute Force Protection
    • Defining Dynamic Brute Force Protection
    • Defining the Prevention Policy
    • Defining Web Scraping
    • Defining Geolocation Enforcement
    • Configuring IP Address Exceptions
    • Chapter Resources

    Lesson 19 : Layered Policies

    • Defining a Parent Policy
    • Defining Inheritance
    • Parent Policy Deployment Use Cases
    • Chapter Resources

    Lesson 20 : Layer 7 DoS mitigation

    • Defining Denial of Service Attacks
    • Defining DoS Profile General Settings
    • Defining Proactive Bot Defense
    • Using Bot Signatures
    • Defining TPS-based DoS Protection
    • Defining Operation Mode
    • Defining Mitigation Methods
    • Defining Behavioral and Stress-Based Detection
    • Defining Behavioral DoS
    • Chapter Resources

    Lesson 21 : ASM and iRules

    • Common Uses for iRules
    • Identifying iRule Components
    • Triggering iRules with Events
    • Defining ASM iRule Events
    • Defining ASM iRule Commands
    • Using ASM iRule Event Modes
    • Chapter Resources

    Lesson 22 : Content Profiles

    • Defining Asynchronous JavaScript and XML
    • Defining JavaScript Object Notation (JSON)
    • Defining Content Profiles
    • The Order of Operations for URL Classification
    • Chapter Resources

    Lesson 23 : Review and Final Labs

    WHO SHOULD ATTEND

     
    Security and network administrators who are responsible for the installation, deployment, tuning, and day-to-day maintenance of the Application Security Manager.
     

    Why Choose Wanforce

    Robust IT Infrastructure

    24x7 Support

    Best Learning Environment

    Best Price Guaranteed

    Variable Length Subscription