Contact Us

F5 Configuring BIG-IP Advanced WAF: Web Application Firewall 17.1

Application Security & Traffic Management

COURSE OVERVIEW


Deploying F5 Advanced WAF is a curriculum bundle intended for Application Security Administrators responsible for the deployment of F5 Advanced Web Application Firewall to secure web applications from common vulnerabilities and denial of service. Course topics cover the identification and mitigation of web application vulnerabilities on both the client and application sides of the threat spectrum. Subject areas include Advanced WAF fundamentals, mitigating vulnerabilities, defending against Bots and other automated attacks, and additional deployments. Skills are imparted through a combination of video presentations and lab demonstrations, with accompanying job aids that provide configuration examples.


INTENDED AUDIENCE


This course is intended for SecOps personnel responsible for the deployment, tuning, and day-to-day maintenance of F5 Adv. WAF. Participants will obtain a functional level of expertise with F5 Advanced WAF, including comprehensive security policy and profile configuration, client assessment, and appropriate mitigation types.


Duration: 4 Days / 32 Hours

Delivery Method: Classroom-based, Virtual Instructor Led Training

COURSE OUTLINE


Advanced WAF: Fundamentals

·      Understanding Web Application Communication Elements

·      Understanding HTTP Request Headers and their Vulnerabilities

·      Understanding HTTP Response Headers and their Vulnerabilities

·      Understanding HTTP Response Status Codes

·      Differentiating HTTP from HTTS

·      Understanding Web Application Flow with F5 Advanced WAF

·      Understanding Today's Threat Landscape

·      Discover Web Application Vulnerabilities

·      Understanding Deployment Workflow and Configuration

·      Viewing and Interpreting Application Security Event Logs

·      Exploring the Rapid Deployment Policy Template

·      Using the Guided Configuration to Deploy an Application Security Policy

·      Managing an Application Security Policy After Deployment

·      Trigger and Review a Violation

·      Accept Requests and View Learning Suggestions

·      Handle Learning Suggestions

·      Manage Policy Enforcement Mode and Staging


Mitigating Vulnerabilities, Attacks, and Threats

·      Deploying and Managing F5-Supplied Attack Signatures

·      Creating User-Defined Attack Signatures

·      Deploying and Updating Threat Campaigns

·      Reporting and Logging Features

·      Understanding F5 Advanced WAF Administrative Logs

·      Managing Security Event Logging with Logging Profiles

·      Configuring a Remote Logging Profile for Application Security Events

·      Configuring Response Logging

·      Achieving PCI Compliance

·      Generate the PCI Compliance Report

·      Using the Login Enforcement Feature to Control Application Flow

·      Detecting and Mitigating Brute Force Attacks

·      Detecting and Mitigating Credential Stuffing Attacks

·      Using the Session Tracking Feature to Detect and Deter Bad Actors

·      Login Enforcement for Flow Control

·      Mitigating Brute Force Attacks

·      Mitigating Credential Stuffing

·      Reconnaissance with Session Tracking

·      Deploy Session Awareness and Log All Requests

·      Protecting Application Delivery on the Client with DataSafe

·      Securing a Login Page on the Client Using DataSafe

·      Protecting Against Sensitive Data Leakage with the Data Guard Feature

·      Protect against credit card number leakage using Data Guard


Defending against Bots and other Automated Attacks

·      Understanding L7 DoS Attacks Protections

·      Deploying TPS-Based DoS Protection

·      Deploying Stress-Based Protection

·      Deploying Behavioral DoS Protection

·      Deploying BaDoS Mitigation

·      Deploying TPS-based DoS Mitigation

·      Classifying Clients with the Bot Defense Profile

·      Configuring and Deploying a Bot Defense Profile

·      Protecting Against OWASP Automated Threats with Bot Defense Profile Microservices

·      Mitigate a Web Scraping Attack

·      Provide Login Protection

·      Provide Signup Protection

·      Deploy the Search Protection Microservice

·      Deploy the Shopping Cart Protection Microservice

·      Deploy the Checkout Protection Microservice

·      Deploy the Automated Form Submission Microservice

·      Deploy the Intellectual Property Harvesting Microservice

·      Deploy Custom Microservice Protection


Additional Deployment Options

·      Understanding Entities (URLs, File Types, Parameters, Cookies, and Redirection Domains)

·      Managing Entities through Policy Building and Traffic Learning

·      Learning with Never, Selective, and Always

·      Experiment with Learning and Enforcement

·      Learn Using the Compact Scheme

·      Securing Advanced WAF System Cookies

·      Protect Against Cookie Tampering

·      Secure HTTP Headers

·      Modify ASM Cookie Names

·      Secure Application Domain Cookies with Secure and HTTP-Only Attributes

·      Secure BIG-IP ASM Cookies with Secure and HTTP-Only Attributes

·      Protecting Web Application Parameters

·      Protect Static and Dynamic Parameters

·      Using Automatic Policy Building

·      Deploying an Application Security Policy Automatically

·      Creating and Deploying Layered Policies

·      Using iRules with an Application Security Policy

·      Deploy an iRule to Handle a Custom Violation

·      Log Violation Data and Send a Custom Response Page from an iRule

·      Implementing Geolocation Enforcement and IP Address Exceptions

·      Secure a Modern Single Page Application

·      Qualys Scan Integration

·      Manage Traffic with Layer 7 Local Traffic Policies

REGISTER NOW

Learning Experience Survey

Axentra Scrum.org

Learning Experience Survey

Axentra Scrum.org

Learning Experience Survey

Axentra Scrum.org