Network Security F5 Networks Configuring BIG-IP® ASM v11: Application Security Manager (F5-ASM)

F5 Networks Configuring BIG-IP® ASM v11: Application Security Manager (F5-ASM)

Location:

Date of Class:

Instructor:

Last Day To Enroll:

3995.00 3,995.00
$3,995.00
PRICE PER USER
$
X
USERS


=
SUBTOTAL
$
  • Course Delivery: Virtual Classroom
  • Duration: 4 
  • Language: English

Chat Live | Contact Us | Toll Free: (888) 360-8764

More About This Course

  • Train Anywhere, Your Home, Office, Or Training Center
  • Hands on Computer Labs Accessible 24/7
  • Virtual Classrooms With Robust Interactive Environment
  • Prepares You For Exams And Valuable Microsoft Certifications
  • Version Upgrade Guarantee - Substantial Discounts For Upgraded Courses Within 9 Months of Purchase
  • Corporate Resource Guarantee - Protect Your Company Sponsored Training Investment For 1 Year
  • Software Assurance Qualified - Value: 5

 

Description

F5 Networks Configuring BIG-IP® ASM v11: Application Security Manager (F5-ASM)
 

Topics Covered



Lesson 1 : Setting up the BIG-IP System

  • Introducing the BIG-IP System
  • Initially Setting Up the BIG-IP System
  • Configuring the Management Interface
  • Provisioning Modules and Resources
  • Importing a Device Certificate
  • Specifying BIG-IP Platform Properties
  • Configuring the Network
  • Configuring NTP Servers
  • Configuring DNS Settings
  • Configuring High Availability Options
  • Configuring a Standard Pair
  • Creating an Archive of the BIG-IP System
  • Leveraging F5 Support Resources and Tools

Lesson 2 : Traffic Processing with BIG-IP

  • Understanding Traffic Processing with LTM
  • Understanding Network Packet Flow
  • Understanding Profiles and ASM
  • Overview of Local Traffic Policies and ASM

Lesson 3 : Web Application Concepts

  • Anatomy of a web application
  • An Overview of Common Security Methods
  • Examining HTTP and Web Application Components
  • Examining HTTP Headers
  • Examining HTTP Responses
  • Examining HTML Components
  • How ASM Parses File Types, URLs, and Parameters
  • Using the Fiddler HTTP proxy tool

Lesson 4 : Web Application Vulnerabilities

  • OWASP Top 10 (2013)
  • Summary of Risk Mitigation using ASM

Lesson 5 : Security Policy Deployment

  • About Positive and Negative Security Models
  • Deployment Wizard: Policy creation scenarios
  • Features of the Rapid Deployment template
  • Deployment Wizard: Local Traffic Deployment
  • Deployment Wizard: Configuration Settings
  • Enforcement Settings
  • Reviewing Requests
  • Violations and Security Policy Building
  • Reviewing Violations
  • Security Policy Blocking Settings
  • Configuring the Blocking Response Page
  • Configuring Data Guard

Lesson 6 : Attack Signatures

  • Defining Attack Signatures
  • Attack Signature Features
  • Defining Attack Signature Sets
  • About User-defined Attack Signatures
  • Updating Attack Signatures
  • Understanding Attack Signatures and staging

Lesson 7 : Positive Security Policy Building

  • Defining Security Policy Components
  • Choosing an Explicit Entities Learning Scheme
  • Understanding Add All Entities
  • Security through Entity Learning
  • Reviewing Staging and Enforcement
  • Understanding Never (Wildcard Only)
  • Using the Selective mode
  • Learning Differentiation: Real threats vs. false positives

Lesson 8 : Cookies and other Headers

  • Purpose of ASM Cookies
  • Understanding Allowed and Enforced Cookies
  • Configuring security processing on HTTP headers

Lesson 9 : Reporting and Logging

  • Reporting Capabilities in ASM
  • Generating an ASM Security Events Report
  • Viewing Logs
  • Understanding Logging Profiles

Lesson 10 : User Roles, policy modification, and other deployments

  • Understanding User Roles and Partitions
  • Editing and Exporting Security Policies
  • Examples of ASM Deployment Types
  • Overview of ASM Synchronization
  • Collecting diagnostic data with asmqkview

Lesson 11 : Lab Project 1

Lesson 12 : Advanced Parameter Handling

  • Defining Parameters
  • Defining Static Parameters
  • Understanding Dynamic Parameters and Extractions
  • Defining Parameter Levels
  • Understanding Attack Signatures and Parameters

Lesson 13 : Application–ready Templates

  • Application-Ready Template Overview

Lesson 14 : Real Traffic Policy Builder

  • Overview of the Real Traffic Policy Builder
  • Policy Building Steps
  • Defining Policy Types
  • Real Traffic Policy Builder Rules

Lesson 15 : Web Application Vulnerability Scanners

  • Integrating ASM with Application Vulnerability Scanners
  • Resolving Vulnerabilities
  • Using the generic XML scanner output

Lesson 16 : Login Enforcement, Session Tracking, and Flows

  • Defining Login Pages
  • Defining Session Awareness and User Tracking
  • Defining Flows

Lesson 17 : Anomaly Detection

  • Defining Anomaly Detection
  • Preventing Web Scraping
  • Preventing Denial of Service Attacks
  • Configuring Geolocation Enforcement
  • Configuring IP Address Exceptions

Lesson 18 : ASM and iRules

  • Defining iRules and iRule events
  • Using ASM iRule Event Modes
  • iRule syntax
  • ASM iRule Commands

Lesson 19 : AJAX and JSON Support

  • Defining Asynchronous JavaScript and XML
  • Defining JavaScript Object Notation
  • Configuring a JSON profile

Lesson 20 : XML and web services

  • Defining XML
  • Defining Web Services
  • Configuring an XML profile
  • Schema and WSDL Configuration
  • XML Attack Signatures
  • Using Web Services Security

Lesson 21 : Review and Final Lab Projects

  • Final Lab Project Option 1: Custom Rule for ASM-enabled local traffic policies
  • Final Lab Project Option 2: Production Scenario
  • Final Lab Project Option 3: JSON Parsing
  • Final Lab Project Option 4: XML & Web Services

Lesson 22 : Additional Training and Certifications
 

Subject Matter Expert

360training, powered by QuickStart brings a quarter-century of keeping pace with the ever-evolving IT industry. You will find that experience reflected in every course, and every training modality we offer. We train more than 11,000 IT professionals and developers annually, and 97% of them say they are very glad they chose us.

Got questions? Contact us below or call 877-881-2235

Why Choose 360training.com?

  • Fast and easy courses completion
  • Get an education faster than at traditional colleges!
  • 100% online - No classroom attendance required.
  • Unlimited 24x7 online customer support
  • Over 500,000+ certified nationwide.