Loading Course Schedule...
PT22282
Training Summary
In this 4 day course, students are provided with a functional understanding of how to deploy, tune, and operate F5 Advanced Web Application Firewall to protect their web applications from HTTP-based attacks. The course includes lecture, hands-on labs, and discussion about different F5 Advanced Web Application Firewall tools for detecting and mitigating threats from multiple attack vectors such web scraping, Layer 7 Denial of Service, brute force, bots, code injection, and zero day exploits.
Prerequisites
Administering BIG-IP; basic familiarity with HTTP, HTML and XML; basic web application and security concepts.
Duration
4 Days/Lecture & Lab
Audience
This course is intended for security and network administrators who will be responsible for the installation, deployment, tuning, and day-to-day maintenance of the F5 Advanced Web Application Firewall
Course Topics
- Setting Up the BIG-IP System
- Traffic Processing with BIG-IP
- Web Application Concepts
- Common Web Application Vulnerabilities
- Security Policy Deployment
- Policy Tuning and Violations
- Attack Signatures
- Positive Security Policy Building
- Cookies and Other Headers
- Reporting and Logging
- Lab Project 1
- Advanced Parameter Handling
- Policy Diff and Administration
- Automatic Policy Building
- Web Application Vulnerability Scanner Integration
- Layered Policies
- Login Enforcement, Brute Force Mitigation, and Session Tracking
- Web Scraping Mitigation and Geolocation Enforcement
- Layer 7 DoS Mitigation and Advanced Bot Protection
- F5 Advanced WAF and iRules
- Using Content Profiles
- Review and Final Labs