Maxtrain.com - info@maxtrain.com - 513-322-8888 - 866-595-6863
F5 Networks Configuring BIG-IP Advanced WAF: Web Application Firewall
Description
F5 Networks Configuring BIG-IP Advanced WAF: Web Application Firewall Introduction
In this 1 day course, F5 Networks Configuring BIG-IP Advanced WAF: Web Application Firewall course, the curriculum is structured to provide an in-depth understanding of both fundamental and advanced security strategies. A significant portion of the course is dedicated to exploring the Guided Configuration interface of F5 Advanced WAF. This user-friendly feature simplifies the deployment of robust web application security policies.
Participants will learn to define the key elements of these policies, ensuring comprehensive protection against a range of threats. The course also delves into understanding the nuances of request logging options, which is critical for monitoring and responding to potential security events. Detailed attention is given to the identification of various HTTP headers and methods, which are essential in understanding the communication between clients and servers, and thereby in identifying potential vulnerabilities.
Additionally, the course offers a deep dive into the complexities of attack signatures, including how to stage them effectively and manage violations. This aspect is vital for recognizing and defending against sophisticated cyber attacks. An overview of the OWASP Top Ten, a crucial list of the most critical web application security risks, helps participants contextualize their learning within the broader landscape of web security.
To further enhance practical skills, the course includes sessions on deploying Threat Campaigns and mitigating Credential Stuffing, both of which are prevalent threats in the web security domain. Participants will also learn how to secure URLs against client-side fraud using DataSafe encryption and obfuscation techniques, a crucial skill in protecting sensitive data.
Lastly, the course covers the automated Layer 7 Behavioral Denial of Service (DoS) feature of F5 Advanced WAF. This will equip participants with the skills to detect and mitigate DoS attacks, ensuring they can safeguard applications against one of the most disruptive forms of cyber threats.
Course Objectives
- Provision the Application Security Manager and Fraud Protection Service modules
- Define a web application firewall
- Deploy F5 Advanced WAF using the Guided Configuration for Application Security
- Define learn, alarm, and block settings as they pertain to configuring F5 Advanced WAF
- Define attack signatures and explain why attack signature staging is important
- Contrast positive and negative security policy implementation and explain the benefits of each
- Tune a policy manually by reviewing learning suggestions
- Deploy a Threat Campaign
- Mitigate Credentials Stuffing attacks
- Secure a URL from client-side fraud using DataSafe encryption and obfuscation
- Deploy F5 Advanced WAF using the Guided Configuration for L7 Denial of Service Protection
- Use the automated L7 Behavioral Denial of Service feature to detect and mitigate DoS attacks
Prerequisites
- Administering BIG-IP, OSI model, TCP/IP addressing and routing, WAN, LAN environments; or having achieved TMOS Administration Certification. Knowledge of Advanced WAF/ASM is recommended.
Audience
- This course is intended for users who wish to rapidly deploy a basic web application security policy with minimal configuration; deploy a DoS Protection Profile to detect server stress, and block bad actors.
Course Outline
Setting Up the BIG-IP System
- Introducing the BIG-IP System
- Initially Setting Up the BIG-IP System
- Archiving the BIG-IP System Configuration
- Leveraging F5 Support Resources and Tools
Threat Overview and Guided Configuration
- Classifying Attack Types
- Differentiating Benign and Malicious Clients
- Categorizing Attack Techniques
- Defining the Layer 7 Web Application Firewall
- Defining Traffic Processing Objects
- Introducing F5 Advanced WAF
- Using Guided Configuration for Web Application Security
Exploring HTTP Traffic
- Exploring Web Application HTTP Request Processing
- Overview of Application-Side Vulnerabilities
- Defining Attack Signatures
- Defining Violations
Securing HTTP Traffic
- Defining Learning
- Defining Attack Signature Staging
- Defining Attack Signature Enforcement
Mitigating Credentials Stuffing
- Defining Credentials Stuffing Attacks
- The Credentials Stuffing Mitigation Workflow
Using BIG-IP DataSafe
- What Elements of Application Delivery are Targeted?
- Exploiting the Document Object Model
- Protecting Applications Using DataSafe
- Configuring a DataSafe Profile
Using Layer 7 Behavioral Analysis to Mitigate DoS
- Defining Behavioral Analysis
- Defining the DoS Protection Profile
$1100.00
|
1 Day Course |