F5 Configuring BIG-IP Application Security Manager Training (ASM) v13

Print Friendly, PDF & Email
Introduction

F5 BIG-IP Application Security Manager Training (ASM) v12 Course with Hands-on Labs

Learn how to defend against attacks with Application Security Manager.

In this F5 Configuring BIG-IP Application Security Manager Training (ASM) v13 course, you will learn how to deploy, tune, and operate BIG-IP Application Security Manager (ASM) to protect your web applications from HTTP-based attacks.

The F5 Configuring BIG-IP Application Security Manager Training (ASM) v13 course includes lecture, hands-on labs, and discussion about different ASM components for detecting and mitigating threats from multiple attack vectors such web scraping, Layer 7 Denial of Service, brute force, bots, code injection, and zero day.

Duration: 4 days

F5 Configuring BIG-IP Application Security Manager Training (ASM) v13 Related Courses

Customize It

● If you are familiar with some aspects of this F5 Configuring BIG-IP Application Security Manager Training (ASM) v13 course, we can omit or shorten their discussion.
● We can adjust the emphasis placed on the various topics or build the F5 Configuring BIG-IP Application Security Manager Training (ASM) v13 course around the mix of technologies of interest to you (including technologies other than those included in this outline).
● If your background is nontechnical, we can exclude the more technical topics, include the topics that may be of special interest to you (e.g., as a manager or policy-maker), and present the F5 Configuring BIG-IP Application Security Manager Training (ASM) v13 course in manner understandable to lay audiences.

Audience / Target Group

• Security and network administrators who are responsible for the installation, deployment, tuning, and day-to-day maintenance of the Application Security Manager

F5 Configuring BIG-IP Application Security Manager Training (ASM) v13 - Objectives:

After completing this F5 Configuring BIG-IP Application Security Manager Training (ASM) v13 course, attendees will be able to:

• Setting up the BIG-IP system
• Traffic processing with BIG-IP Local Traffic Manager (LTM)
• Web application concepts
• Web application vulnerabilities
• Security policy deployment
• Security policy tuning
• Attack signatures
• Positive security building
• Securing cookies and other headers
• Reporting and logging
• User roles
• Policy modification, merging, and exporting
• Advanced parameter handling
• Using application templates
• Using Automatic Policy Builder
• Integrating with web vulnerability scanners
• Login enforcement and session tracking
• Web scraping detection and mitigation
• Layer 7 DoS protection
• ASM and iRules
• XML and Web Services support
• AJAX and JSON support

F5 Configuring BIG-IP Application Security Manager Training (ASM) v13 - Course Content:

1. Setting Up the BIG-IP System

Introducing the BIG-IP System
Initially Setting Up the BIG-IP System
Archiving the BIG-IP System Configuration
Leveraging F5 Support Resources and Tools
Chapter Resources
BIG-IP System Setup Labs

2. Traffic Processing with BIG-IP

Identifying BIG-IP Traffic Processing Objects
Network Packet Flow
Profiles
Local Traffic Policies and ASM

3. Web Application Concepts

Anatomy of a Web Application
Overview of Common Security Methods
Examining HTTP and Web Application Components
Examining HTTP Headers
Examining HTTP Responses
Examining HTML Components
How ASM Parses File Types, URLs, and Parameters
Using the Fiddler HTTP Proxy Tool

4. Web Application Vulnerabilities

OWASP Top 10 Vulnerabilities

5. Security Policy Deployment

Comparing Positive and Negative Security
Using the Deployment Wizard
Deployment Wizard: Local Traffic Deployment
Deployment Wizard: Workflow
Reviewing Requests
Security Checks offered by Rapid Deployment
Configuring Data Guard

6. Policy Tuning and Violations

Post-Configuration Traffic Processing
Defining False Positives
How Violations are Categorized
Violation Ratings
Enforcement Settings and Staging: Policy Control
Defining Signature Staging
Defining Enforcement Readiness Period
Defining Learning
Violations and Learning Suggestions
Learning Mode: Automatic or Manual
Defining Learn, Alarm and Block Settings
Interpreting Enforcement Readiness Summary
Configuring the Blocking Response Page

7. Attack Signatures

Defining Attack Signatures
Creating User-Defined Attack Signatures
Attack Signature Normalization
Attack Signature Structure
Defining Attack Signature Sets
Defining Attack Signature Pools
Updating Attack Signatures
Attack Signatures and Staging

8. Positive Security Policy Building

Defining Security Policy Components
Choosing an Explicit Entities Learning Scheme
How to learn: Add All Entities
Staging and Entities: The Entity Lifecycle
How to Learn: Never (Wildcard Only)
How to Learn: Selective
Learning Differentiation: Real Threats vs. False positives

9. Cookies and Other Headers

ASM Cookies: What to Enforce
Allowed and Enforced Cookies
Configuring Security Processing on HTTP Headers

10. Reporting and Logging

Reporting Capabilities in ASM
Viewing DoS Reports
Generating an ASM Security Events Report
Viewing Log files and Local Facilities
Understanding Logging Profiles

11. User Roles and Policy Modification

User Roles and Partitions
Comparing Policies
Editing and Exporting Security Policies
Examples of ASM Deployment Types
Overview of ASM Synchronization
Collecting Diagnostic Data with asmqkview

12. Lab Project

Lab Project 1

13. Advanced Parameter Handling

Defining Parameters
Defining Static Parameters
Dynamic Parameters and Extractions
Defining Parameter Levels
Attack Signatures and Parameters

14. Application-Ready Templates

Application Template Overview

15. Automatic Policy Building

Overview of Automatic Policy Building
Choosing a Policy Type
Defining Policy Building Process Rules
Defining the Learning Score

16. Web Application Vulnerability Scanners

Integrating ASM with Vulnerability Scanners
Importing Vulnerabilities
Resolving Vulnerabilities
Using the Generic XML Scanner Output

17. Login Enforcement and Session Tracking

Defining a Login URL
Defining Session Awareness and User Tracking

18. Brute force and Web Scraping Mitigation

Defining Anomalies
Mitigating Brute Force Attacks
Defining Session-Based Brute Force Protection
Defining Dynamic Brute Force Protection
Defining the Prevention Policy
Mitigating Web Scraping
Defining Geolocation Enforcement
Configuring IP Address Exceptions

19. Layer 7 DoS Mitigation

Defining Denial of Service Attacks
Defining General Settings L7 DoS Profile
Defining TPS-Based DoS Protection
Defining Operation Mode
Defining Mitigation Methods
Defining Stress-Based Detection
Defining Proactive Bot Defense
Using Bot Signatures

20. ASM and iRules

Defining Application Security iRule Events
Using ASM iRule Event Modes
iRule Syntax
ASM iRule Commands

21. XML and Web Services

Defining XML
Defining Web Services
Configuring an XML Profile
Schema and WSDL Configuration
XML Attack Signatures
Using Web Services Security

22. Web 2.0 Support: JSON Profiles

Defining Asynchronous JavaScript and XML
Defining JavaScript Object Notation
Configuring a JSON Profile

23. Review and Final Labs

24. Additional Training and Certification

Getting Started Series Web-Based Training
F5 Instructor Led Training Curriculum
F5 Professional Certification Program
Labs

Request More Information

Time Frame: 0-3 Months4-12 Months

No Comments Yet.

Leave a comment

0