F5N_ASM12

Ladda ner som PDF

BIG-IP Application Security Manager v12

The BIG-IP Application Security Manager course gives participants a functional understanding of how to deploy, tune, and operate BIG-IP Application Security Manager (ASM) to protect their web applications from HTTP-based attacks.

The course includes lecture, hands-on labs, and discussion about different ASM components for detecting and mitigating threats from multiple attack vectors such web scraping, Layer 7 Denial of Service, brute force, bots, code injection, and zero day.

Audience

This course is intended for security and network administrators who will be responsible for the installation and day-to-day maintenance of the Application Security Manager.

Prior knowledge

Students should be familiar with the F5 BIG-IP Product Suite and, in particular, how to setup and configure a BIG-IP LTM system, including virtual servers, pools, profiles, VLANs and self-IPs.

There are no required F5 prerequisites for this course, but completing one of the following before attending would be very helpful for students unfamiliar with BIG-IP:

  • Administering BIG-IP V11 instructor-led course
  • F5 Certified BIG-IP Administrator

In addition, the following web-based courses will be very helpful for any student with limited BIG-IP administration and configuration:

  • Getting Started with BIG-IP web-based training
  • Getting Started with BIG-IP Application Security Manager (ASM) web-based training

Students should understand:

  • TMOS administration
  • Network concepts and configuration
  • Programming concepts
  • Security concepts and terminology
  • Web application delivery

After course completion, participants will be able to differentiate between negative and positive security models, and configure the most appropriate protection for their own web applications.

Course Content

  • Setting up the BIG-IP system
  • Traffic processing with BIG-IP Local Traffic Manager (LTM)
  • Web application concepts
  • Web application vulnerabilities
  • Security policy deployment
  • Security policy tuning
  • Attack signatures
  • Positive security building
  • Securing cookies and other headers
  • Reporting and logging
  • User roles
  • Policy modification, merging, and exporting
  • Advanced parameter handling
  • Using application templates
  • Using Automatic Policy Builder
  • Integrating with web vulnerability scanners
  • Login enforcement and session tracking
  • Web scraping detection and mitigation
  • Layer 7 DoS protection
  • ASM and iRules
  • XML and web services support
  • AJAX and JSON support

After course completion, participants will be able to differentiate between negative and positive security models, and configure the most appropriate protection for their own web applications.

Course Content

  • Setting up the BIG-IP system
  • Traffic processing with BIG-IP Local Traffic Manager (LTM)
  • Web application concepts
  • Web application vulnerabilities
  • Security policy deployment
  • Security policy tuning
  • Attack signatures
  • Positive security building
  • Securing cookies and other headers
  • Reporting and logging
  • User roles
  • Policy modification, merging, and exporting
  • Advanced parameter handling
  • Using application templates
  • Using Automatic Policy Builder
  • Integrating with web vulnerability scanners
  • Login enforcement and session tracking
  • Web scraping detection and mitigation
  • Layer 7 DoS protection
  • ASM and iRules
  • XML and web services support
  • AJAX and JSON support

Utbildningen levereras i samarbete med

Kurs-ID: F5N_ASM12
Längd: 4 dagar
Pris exkl moms: 34 000 kr

Frågor om kursen?

Har du frågor om kursens innehåll, leveransdatum/ort eller behöver en företagsanpassad variant? Fyll i formuläret nedan!


Kan betalas med:
TRAINING CARD

Avtalsrabatter och kampanjer kan ej nyttjas på denna kurs.


Ort och datum

Stockholm
20 mar-23 mar
Boka nu!

Tipsa