F5 Configuring BIG-IP ASM v11: Application Security Manager

Configuring BIG-IP ASM

Mostrar todos los cursos »
Duración del curso

4 Dias

Requisitos previos

Students should be familiar with the F5 BIG-IP Product Suite and, in particular, how to setup and configure a BIG-IP LTM system, including virtual servers, pools, profiles, VLANs and self-IPs.

There are no required F5 prerequisites for this course, but completing one of the following before attending would be very helpful for students unfamiliar with BIG-IP:

In addition, the following web-based courses will be very helpful for any student with limited BIG-IP administration and configuration:

Students should understand:

  • TMOS administration
  • Network concepts and configuration
  • Programming concepts
  • Security concepts and terminology
  • Web application delivery
Principales temas

COURSE OUTLINE

Chapter 1: Setting Up the BIG-IP System

  • Introducing the BIG-IP System
  • Initially Setting Up the BIG-IP System
  • Creating an Archive of the BIG-IP System
  • Leveraging F5 Support Resources and Tools

Chapter 2: Traffic Processing with BIG-IP

  • Understanding Traffic Processing with LTM
  • Overview of Local Traffic Policies and ASM

Chapter 3: Web Application Concepts

  • Anatomy of a Web Application
  • An Overview of Common Security Methods
  • Examining HTTP & Web Application Components
  • Examining HTTP Headers
  • Examining HTTP Responses
  • Examining HTML Components
  • How ASM parses File Types, URLs, & Parameters
  • Using the Fiddler HTTP proxy tool

Chapter 4: Web Application Vulnerabilities

  • Examining the OWASP Top 10 vulnerabilities
  • Summary of risk mitigation using ASM

Chapter 5: Security Policy Deployment

  • About Positive and Negative Security Models
  • Deployment Wizard: Local Traffic Deployment
  • Deployment Wizard: Configuration settings
  • Violations and Security Policy Building
  • Reviewing Violations

Chapter 6: Attack Signatures

  • Defining Attack Signatures
  • Attack Signature Features
  • Defining Attack Signature Sets
  • About User-defined Attack Signatures
  • Updating Attack Signatures
  • Understanding Attack Signatures and staging

Chapter 7: Positive Security Policy Building

  • Defining Security Policy Components
  • Security Through Entity Learning
  • Reviewing Staging and Enforcement
  • Understanding the Selective mode
  • Learning Differentiation: Real threats vs. false positives

Chapter 8: Cookies and other Headers

  • Purposes of ASM Cookies
  • Understanding Allowed and Enforced Cookies
  • Configuring security processing on HTTP headers

Chapter 9: Reporting and Logging

  • Reporting capabilities in ASM
  • Generating a PCI Compliance Report
  • Generating an ASM Security Events Report

Chapter 10: User Roles, policy modification, and other deployments

  • Understanding User Roles & Partitions
  • Editing and Exporting Security Policies

Chapter 11: Lab Project 1

Chapter 12: Advanced parameter handling

  • Defining Parameters
  • Defining Static Parameters
  • Configuring Dynamic Parameters and Extractions

Chapter 13: Application-Ready Templates

  • Application-Ready Template Overview

Chapter 14: Real Traffic Policy Builder

  • Overview of the Real Traffic Policy Builder
  • Defining Policy Types
  • Real Traffic Policy Builder Rules

Chapter 15: Web Application Vulnerability Scanners

  • Integrating ASM with Application Vulnerability Scanners
  • Resolving Vulnerabilities
  • Using the generic XML scanner output

Chapter 16: Login Enforcement, Session tracking, and Flows

  • Defining Login Pages
  • Configuring Login Enforcement
  • Configuring session and user tracking
  • Defining Flows
  • Configuring Flow Control

Chapter 17: Anomaly Detection

  • Defining Anomaly Detection
  • Preventing Brute Force Attacks
  • Preventing Web Scraping
  • Geolocation Enforcement
  • Configuring IP Address Exceptions

Chapter 18: ASM and iRules

  • Defining iRules and iRule Events
  • Using ASM iRule Event Modes
  • iRule Syntax
  • ASM iRule Commands

Chapter 19: Web 2.0 Support: AJAX and JSON

  • Defining Asynchronous JavaScript and XML
  • Defining JavaScript Object Notation (JSON)
  • Configuring a JSON Profile

Chapter 20: XML and Web Services

  • Defining XML
  • Configuring an XML Profile
  • XML Attack Signatures

Chapter 21: Review and Final Labs

Valor

Consúltenos. Tenemos precios especiales para canales.

 

Centro autorizado de capacitación para

Próximos cursos Alien Vault

Próximos cursos Aruba Authorized Distributor

Próximos cursos Blue Coat

Próximos cursos Check Point

Próximos cursos Citrix

Próximos cursos F5

Próximos cursos FireEye

Próximos cursos Forcepoint

Próximos cursos Fortinet

Próximos cursos Imperva

Próximos cursos Palo Alto Networks

Próximos cursos VMWare

Contacto

Oliver Zalazar
Services Director SOLA

Oliver.zalazar@westcon.com