Configuring BIG-IP ASM: Application Security Manager (TRG-BIG-ASM-ESS)
Chi dovrebbe partecipare
This course is intended for security and network administrators who will be responsible for the installation and day-to-day maintenance of the Application Security Manager.
Students should be familiar with the F5 BIG-IP Product Suite and in particular how to setup and configure a BIG-IP LTM system including virtual servers pools profiles VLANs and self-IPs.
There are no required F5 prerequisites for this course but completing one of the following before attending would be very helpful for students unfamiliar with BIG-IP:
- Administering BIG-IP V11 instructor-led course
- F5 Certified BIG-IP Administrator
In addition the following web-based courses will be very helpful for any student with limited BIG-IP administration and configuration:
- Getting Started with BIG-IP web-based training
- Getting Started with BIG-IP Application Security Manager (ASM) web-based training
Students should understand:
- TMOS administration
- Network concepts and configuration
- Programming concepts
- Security concepts and terminology
- Web application delivery
Obiettivi del Corso
After course completion participants will be able to differentiate between negative and positive security models and configure the most appropriate protection for their own web applications.
Contenuti del Corso
The BIG-IP Application Security Manager course provides participants with the expertise needed to detect mitigate and prevent HTTP-based attacks on web applications. The four-day lab intensive course starts at the simplest level for quickly configuring and implementing an application security policy and progresses through more complex configurations. The course includes detailed analysis and hands-on exercises for protecting web applications from brute force web scraping layer 7 DDoS and other current attack vectors.
Topics covered in this course include:
- Setting up the BIG-IP system
- Traffic processing with BIG-IP Local Traffic Manager (LTM)
- Web application concepts
- Web application vulnerabilities
- Security policy deployment
- Attack signatures
- Positive security building
- Cookies and other headers
- User roles and administration
- Advanced parameter handling
- Application templates
- Real Traffic Policy Builder
- Vulnerability scanners
- Login enforcement and session tracking
- Anomaly detection
- ASM and iRules
- AJAX and JSON support
- XML and web services support
I corsi F5 Networks sono erogati in partnership con Westcon.