Configuring F5 Advanced WAF

(previously licensed as ASM)

Résumé

The BIG-IP Application Security Manager course (4 days) gives participants a functional understanding of how to deploy, tune, and operate BIG-IP Application Security Manager (ASM) to protect their web applications from HTTP-based attacks.

The course includes lecture, hands-on labs, and discussion about different ASM components for detecting and mitigating threats from multiple attack vectors such web scraping, Layer 7 Denial of Service, brute force, bots, code injection, and zero day exploits.

 

Thèmes abordés
 

  • Traffic processing with BIG-IP Local Traffic Manager (LTM)

  • Web application concepts

  • Web application vulnerabilities

  • Security policy deployment

  • Security policy tuning

  • Attack signatures

  • Positive security building

  • Securing cookies and other headers

  • Reporting and logging

  • User roles

  • Policy modification, merging, and exporting

  • Advanced parameter handling

  • Using application templates

  • Using Automatic Policy Builder

  • Integrating with web vulnerability scanners

  • Login enforcement and session tracking

  • Web scraping detection and mitigation

  • Session tracking

  • Geolocation Enforcement and IP Address Exceptions

  • Using Parent and Child policies

  • Layer 7 DoS protection

  • ASM and iRules

  • Using Content Profiles for AJAX and JSON applications

  • NEW - Advanced Bot Detection and Defense

  • NEW - Proactive Bot Defense

  • NEW — Simple Edit Mode for Attack Signatures

Certification

303 ASM Specialist

* Formation distanciel possible :

  • de votre entreprise

  • de chez vous

  • de nos locaux à Sophia Antipolis (équipement Cisco Webex Board)

Durée 

4 jours soit 28 heures

Prix public

3.300 € HT

Dates

à Paris ou distanciel*

  • 23 - 26 novembre

  • 21 - 24 décembre

Public concerné

Cette formation s’adresse aux administrateurs réseaux et sécurité chargés de l’installation et de la maintenance quotidienne du module Application Security Manager.

Objectifs pédagogiques

After course completion, participants will be able to differentiate between negative and positive security models, and configure the most appropriate protection for their own web applications.

Pré requis

Students must complete one of the following F5 prerequisites before attending this course:

The following free web-based courses, although optional, will be very helpful for any student with limited BIG-IP administration and configuration experience. These courses are available at F5 University:

- Getting Started with BIG-IP web-based training

- Getting Started with BIG-IP Local Traffic Manager (LTM) web-based training

- Getting Started with BIG-IP Application Security Manager (ASM) web-based training

📌 date confirmée

💻 distanciel

Sur le même thème

SARL DIG-IT

Simplifiez vous l'IT

 

Tél : 04 92 96 96 90

Mail : contact@formation-IT.org

Centre de Formation enregistré

sous la DA n° 93.06.07876.06

SIRET 822 060 372 00015 - APE 7022Z 

  • Twitter Classic
  • LinkedIn Social Icon
  • Facebook Social Icon
  • WhatsApp Business