F5N_ASM_11

Ladda ner som PDF

BIG-IP Application Security Manager v12 (ASM)

The BIG-IP Application Security Manager course gives participants a functional understanding of how to deploy, tune, and operate BIG-IP Application Security Manager (ASM) to protect their web applications from HTTP-based attacks.
 
The course includes lecture, hands-on labs, and discussion about different ASM components for detecting and mitigating threats from multiple attack vectors such web scraping, Layer 7 Denial of Service, brute force, bots, code injection, and zero day.

Målgrupp

This course is intended for security and network administrators who will be responsible for the installation and day-to-day maintenance of the Application Security Manager..

Förkunskaper

Students should be familiar with the F5 BIG-IP Product Suite and, in particular, how to setup and configure a BIG-IP LTM system, including virtual servers, pools, profiles, VLANs and self-IPs.
 
There are no required F5 prerequisites for this course, but completing one of the following before attending would be very helpful for students unfamiliar with BIG-IP:
 
- Administering BIG-IP V11 instructor-led course
- F5 Certified BIG-IP Administrator
 
In addition, the following web-based courses will be very helpful for any student with limited BIG-IP administration and configuration:
 
- Getting Started with BIG-IP web-based training
- Getting Started with BIG-IP Application Security Manager (ASM) web-based training
 
Students should understand:
 
- TMOS administration
- Network concepts and configuration
- Programming concepts
- Security concepts and terminology
- Web application delivery
Course Objectives

After course completion, participants will be able to differentiate between negative and positive security models, and configure the most appropriate protection for their own web applications

v12.0 Course Topics
 
  • Setting up the BIG-IP system
  • Traffic processing with BIG-IP Local Traffic Manager (LTM)
  • Web application concepts
  • Web application vulnerabilities
  • Security policy deployment
  • Security policy tuning
  • Attack signatures
  • Positive security building
  • Securing cookies and other headers
  • Reporting and logging
  • User roles
  • Policy modification, merging, and exporting
  • Advanced parameter handling
  • Using application templates
  • Using Automatic Policy Builder
  • Integrating with web vulnerability scanners
  • Login enforcement and session tracking
  • Web scraping detection and mitigation
  • Layer 7 DoS protection
  • ASM and iRules
  • XML and web services support
  • AJAX and JSON support
Course Objectives

After course completion, participants will be able to differentiate between negative and positive security models, and configure the most appropriate protection for their own web applications

v12.0 Course Topics
 
  • Setting up the BIG-IP system
  • Traffic processing with BIG-IP Local Traffic Manager (LTM)
  • Web application concepts
  • Web application vulnerabilities
  • Security policy deployment
  • Security policy tuning
  • Attack signatures
  • Positive security building
  • Securing cookies and other headers
  • Reporting and logging
  • User roles
  • Policy modification, merging, and exporting
  • Advanced parameter handling
  • Using application templates
  • Using Automatic Policy Builder
  • Integrating with web vulnerability scanners
  • Login enforcement and session tracking
  • Web scraping detection and mitigation
  • Layer 7 DoS protection
  • ASM and iRules
  • XML and web services support
  • AJAX and JSON support

Utbildningen levereras i samarbete med

Kurs-ID: F5N_ASM_11
Längd: 4 dagar
Pris exkl moms: 34 000 kr
Kan betalas med:
TRAINING CARD

Avtalsrabatter och kampanjer kan ej nyttjas på denna kurs.


Lämna dina kontaktuppgifter om du önskar en företagsintern utbildning.

Tipsa