F5 Configuring Advanced WAF V16.1
In this 4-day course, students are provided with a functional understanding of how to deploy, tune, and operate F5 Advanced Web Application Firewall to protect their web applications from HTTP-based attacks. The course includes lecture, hands-on labs, and discussion about different F5 Advanced Web Application Firewall tools for detecting and mitigating threats from multiple attack vectors such web scraping, Layer 7 Denial of Service, brute force, bots, code injection, and zero day exploits.
Register your interest in this course here
Register your interest now
Description
Course Topics
- Setting up the BIG-IP System
- Traffic processing with BIG-IP Local Traffic Manager (LTM)
- Web application concepts
- Web Application Vulnerabilities
- Security policy deployment
- Policy Tuning and Violations
- Attack Signatures and Threat Campaigns
- Positive security policy building
- Securing cookies and other headers
- Visual reporting and logging
- Lab project 1
- Advanced Parameter Handling
- Automatic Policy Building
- Web application vulnerability scanners integration
- Deploying Layered Policies
- Login Enforcement and Brute Force Mitigation
- Session tracking for client reconnaissance
- Layer 7 DoS Mitigation
- Advanced Bot Defense
- Form Encryption using DataSafe
- Review and Final labs
Prerequisites
Mandatory
- Administering BIG-IP instructor-led course
- F5 Certified BIG-IP Administrator
Recommended (available at F5 University)
- Getting Started with BIG-IP
- Getting Started with BIG-IP Local Traffic Manager
- Getting Started with BIG-IP Application Security Manager
The following general network technology knowledge and experience are recommended before attending any F5 Global Training Services instructor-led course: OSI model encapsulation Routing and switching Ethernet and ARP TCP/IP concepts IP addressing and subnetting NAT and private IP addressing Default gateway Network firewalls LAN vs. WAN