Maxtrain.com - info@maxtrain.com - 513-322-8888 - 866-595-6863
F5 Networks Configuring BIG-IP Advanced WAF: Web Application Firewall
Description
F5 Networks Configuring BIG-IP Advanced WAF: Web Application Firewall Introduction
Join us for F5 Networks Configuring BIG-IP Advanced WAF: Web Application Firewall. This course equips participants with the knowledge and skills needed to deploy and manage robust security policies effectively.
Central to the curriculum is a deep dive into the Guided Configuration interface of F5 Advanced WAF, simplifying the deployment of comprehensive security measures. Participants will learn to define key policy elements, ensuring holistic protection against a wide range of cyber threats.
From unraveling the intricacies of request logging to mastering attack signatures and understanding the OWASP Top Ten, attendees gain invaluable insights into fortifying web applications against evolving security risks.
Practical sessions on deploying Threat Campaigns, mitigating Credential Stuffing, and securing URLs against client-side fraud enhance participants’ ability to defend against prevalent threats. The course also covers automated Layer 7 Behavioral Denial of Service (DoS) features, empowering participants to detect and mitigate DoS attacks efficiently.
With hands-on learning and expert guidance, participants emerge equipped to safeguard applications in today’s dynamic digital landscape.
F5 Networks Configuring BIG-IP Advanced WAF: Web Application Firewall Course Objectives
- Mastering Advanced WAF Deployment: Gain a comprehensive understanding of the Guided Configuration interface of F5 Advanced WAF, enabling efficient deployment of robust security policies to safeguard web applications against diverse cyber threats.
- Defining Key Policy Elements: Learn to define and configure essential policy elements, ensuring comprehensive protection against common vulnerabilities and emerging security risks in web environments.
- Enhancing Threat Detection and Response: Develop proficiency in request logging techniques and attack signature management to proactively monitor for and respond to potential security incidents, bolstering the resilience of web applications.
- Understanding Web Security Landscape: Explore the OWASP Top Ten and other critical web security risks, contextualizing learning within the broader landscape of web application security to better anticipate and mitigate evolving threats.
- Practical Defense Strategies: Acquire hands-on experience in deploying Threat Campaigns, mitigating Credential Stuffing, and implementing DataSafe encryption and obfuscation techniques to defend against prevalent web security threats.
- Efficient DoS Attack Mitigation: Explore the automated Layer 7 Behavioral Denial of Service (DoS) feature of F5 Advanced WAF, equipping participants with the skills to detect and mitigate DoS attacks efficiently and minimize disruption to web services.
Prerequisites
- Administering BIG-IP, OSI model, TCP/IP addressing and routing, WAN, LAN environments; or having achieved TMOS Administration Certification. Knowledge of Advanced WAF/ASM is recommended.
Audience
- This course is intended for users who wish to rapidly deploy a basic web application security policy with minimal configuration; deploy a DoS Protection Profile to detect server stress, and block bad actors.
F5 Networks Configuring BIG-IP Advanced WAF: Web Application Firewall Course Outline
Setting Up the BIG-IP System
- Introducing the BIG-IP System
- Initially Setting Up the BIG-IP System
- Archiving the BIG-IP System Configuration
- Leveraging F5 Support Resources and Tools
Threat Overview and Guided Configuration
- Classifying Attack Types
- Differentiating Benign and Malicious Clients
- Categorizing Attack Techniques
- Defining the Layer 7 Web Application Firewall
- Defining Traffic Processing Objects
- Introducing F5 Advanced WAF
- Using Guided Configuration for Web Application Security
Exploring HTTP Traffic
- Exploring Web Application HTTP Request Processing
- Overview of Application-Side Vulnerabilities
- Defining Attack Signatures
- Defining Violations
Securing HTTP Traffic
- Defining Learning
- Defining Attack Signature Staging
- Defining Attack Signature Enforcement
Mitigating Credentials Stuffing
- Defining Credentials Stuffing Attacks
- The Credentials Stuffing Mitigation Workflow
Using BIG-IP DataSafe
- What Elements of Application Delivery are Targeted?
- Exploiting the Document Object Model
- Protecting Applications Using DataSafe
- Configuring a DataSafe Profile
Using Layer 7 Behavioral Analysis to Mitigate DoS
- Defining Behavioral Analysis
- Defining the DoS Protection Profile
$1100.00
|
1 Day Course |