F5 Networks Configuring BIG-IP Advanced WAF: Web Application Firewall

PT22282
Training Summary
In this 4 day course, students are provided with a functional understanding of how to deploy, tune, and operate F5 Advanced Web Application Firewall to protect their web applications from HTTP-based attacks. The course includes lecture, hands-on labs, and discussion about different F5 Advanced Web Application Firewall tools for detecting and mitigating threats from multiple attack vectors such web scraping, Layer 7 Denial of Service, brute force, bots, code injection, and zero day exploits.
Prerequisites
Administering BIG-IP; basic familiarity with HTTP, HTML and XML; basic web application and security concepts.
Duration
4 Days/Lecture & Lab
Audience
This course is intended for security and network administrators who will be responsible for the installation, deployment, tuning, and day-to-day maintenance of the F5 Advanced Web Application Firewall
Course Topics
  • Setting Up the BIG-IP System
  • Traffic Processing with BIG-IP
  • Web Application Concepts
  • Common Web Application Vulnerabilities
  • Security Policy Deployment
  • Policy Tuning and Violations
  • Attack Signatures
  • Positive Security Policy Building
  • Cookies and Other Headers
  • Reporting and Logging
  • Lab Project 1
  • Advanced Parameter Handling
  • Policy Diff and Administration
  • Automatic Policy Building
  • Web Application Vulnerability Scanner Integration
  • Layered Policies
  • Login Enforcement, Brute Force Mitigation, and Session Tracking
  • Web Scraping Mitigation and Geolocation Enforcement
  • Layer 7 DoS Mitigation and Advanced Bot Protection
  • F5 Advanced WAF and iRules
  • Using Content Profiles
  • Review and Final Labs

Related Scheduled Courses