F5 Networks Configuring BIG-IP ASM: Application Security Manager v12

Course Outline

Lesson 1 : Setting up BIG-IP System

• Introducing the BIG-IP System
• Initially Setting Up the BIG-IP System
• Archiving the BIG-IP Configuration
• F5 Support Resources and Tools

Lesson 2 : Traffic Processing with BIG-IP

• Identifying BIG-IP Traffic Processing Objects
• Understanding Network Packet Flow
• Understanding Profiles
• Overview of Local Traffic Policies and ASM

Lesson 3 : Web Application Concepts

• Anatomy of a web application
• An Overview of Common Security Methods
• Examining HTTP and Web Application Components
• Examining HTTP Headers
• Examining HTTP Responses
• Examining HTML Components
• How ASM Parses File Types, URLs, and Parameters
• Using the Fiddler HTTP proxy tool

Lesson 4 : Web Application Vulnerabilities

• OWASP Top 10 Vulnerabilities

Lesson 5 : Security Policy Deployment

• Comparing Positive and Negative Security
• Using the Deployment Wizard
• Deployment Wizard: Local Traffic Deployment
• Deployment Wizard: Workflow
• Reviewing Requests
• Security Checks offered by Rapid Deployment
• Configuring Data Guard

Lesson 6 : Policy Tuning and Violations

• Post-Configuration Traffic Processing
• Defining False Positives
• How Violations are Categorized
• Violation Ratings
• Enforcement Settings and Staging: Policy Control
• Defining Signature Staging
• Defining Enforcement Readiness Period
• Defining Learning
• Violations and Learning Suggestions
• Learning Mode: Automatic or Manual
• Defining Learn, Alarm and Block settings
• Interpreting Enforcement Readiness Summary
• Configuring the Blocking Response Page

Lesson 7 : Attack Signatures

• Defining Attack Signatures
• Creating User-Defined Attack Signatures
• Attack Signature Normalization
• Attack Signature Structure
• Defining Attack Signature Sets
• Defining Attack Signature Pools
• Updating Attack Signatures
• Understanding Attack Signatures and Staging

Lesson 8 : Positive Security Policy Building

• Defining Security Policy Components
• Choosing an Explicit Entities Learning Scheme
• How to learn: Add All Entities
• Staging and Entities: The Entity Lifecycle
• How to Learn: Never (Wildcard Only)
• How to Learn: Selective
• Learning Differentiation: Real Threats vs. False positives

Lesson 9 : Cookies and Other Headers

• ASM Cookies: What to Enforce
• Understanding Allowed and Enforced Cookies
• Configuring Security Processing on HTTP Headers

Lesson 10 : Reporting and Logging

• Reporting Capabilities in ASM
• Viewing DoS Reports
• Generating an ASM Security Events Report
• Viewing Log files and Local Facilities
• Understanding Logging Profile

Lesson 11 : User Roles and Policy Modification

• Understanding User Roles and Partitions
• Comparing Policies
• Editing and Exporting Security Policies
• Examples of ASM Deployment Types
• Overview of ASM Synchronization
• Collecting Diagnostic Data with asmqkview

Lesson 12 : Lab Project

• Lab Project 1

Lesson 13 : Advanced Parameter Handling

• Defining Parameters
• Defining Static Parameters
• Understanding Dynamic Parameters and Extractions
• Defining Parameter Levels
• Understanding Attack Signatures and Parameters

Lesson 14 : Application-Ready Templates

• Application Template Overview

Lesson 15 : Automatic Policy Building

• Overview of Automatic Policy Building
• Choosing a Policy Type
• Defining Policy Building Process Rules
• Defining the Learning Score

Lesson 16 : Web Application Vulnerability Scanners

• Integrating ASM with Vulnerability Scanners
• Importing Vulnerabilities
• Resolving Vulnerabilities
• Using the Generic XML Scanner Output

Lesson 17 : Login Enforcement & Session Tracking

• Defining a Login URL
• Defining Session Awareness and User Tracking

Lesson 18 : Brute force and Web Scraping Mitigation

• Defining Anomalies
• Mitigating Brute Force Attacks
• Defining Session-Based Brute Force Protection
• Defining Dynamic Brute Force Protection
• Defining the Prevention Policy
• Mitigating Web Scraping
• Defining Geolocation Enforcement
• Configuring IP Address Exceptions

Lesson 19 : Layer 7 DoS Mitigation

• Defining Denial of Service Attacks
• Defining General Settings L7 DoS Profile
• Defining TPS-Based DoS Protection
• Defining Operation Mode
• Defining Mitigation Methods
• Defining Stress-Based Detection
• Defining Proactive Bot Defense
• Using Bot Signatures

Lesson 20 : ASM and iRules

• Defining Application Security iRule Events
• Using ASM iRule Event Modes
• iRule Syntax
• ASM iRule Commands

Lesson 21 : XML and Web Services

• Defining XML
• Defining Web Services
• Configuring an XML Profile
• Schema and WSDL Configuration
• XML Attack Signatures
• Using Web Services Security

Lesson 22 : Web 2.0 Support: JSON Profiles

• Defining Asynchronous JavaScript and XML
• Defining JavaScript Object Notation
• Configuring a JSON Profile

Lesson 23 : Review and Final Labs Lesson 24 : Additional Training and Certification

• Getting Started Series Web-Based Training
• F5 Instructor Led Training Curriculum
• F5 Professional Certification Program