The BIG-IP Application Security Manager course gives participants a functional understanding of how to deploy, tune, and operate BIG-IP Application Security Manager (ASM) to protect their web applications from HTTP-based attacks.
The course includes lecture, hands-on labs, and discussion about different ASM components for detecting and mitigating threats from multiple attack vectors such web scraping, Layer 7 Denial of Service, brute force, bots, code injection, and zero day.
The BIG-IP Application Security Manager course provides participants with the expertise needed to detect, mitigate, and prevent HTTP-based attacks on web applications. The four-day lab intensive course starts at the simplest level for quickly configuring and implementing an application security policy and progresses through more complex configurations. The course includes detailed analysis and hands-on exercises for protecting web applications from brute force, web scraping, layer 7 DDoS, and other current attack vectors.
After course completion, participants will be able to differentiate between negative and positive security models, and configure the most appropriate protection for their own web applications
Setting up the BIG-IP system
Traffic processing with BIG-IP Local Traffic Manager (LTM)
Web application concepts
Web application vulnerabilities
Security policy deployment
Positive security building
Cookies and other headers
User roles and administration
Advanced parameter handling
Real Traffic Policy Builder
Login enforcement and session tracking
ASM and iRules
AJAX and JSON support
XML and web services support
Course length: 4 days
This course is intended for security and network administrators who will be responsible for the installation and day-to-day maintenance of the Application Security Manager.
Students should be familiar with the F5 BIG-IP Product Suite and, in particular, how to setup and configure a BIG-IP LTM system, including virtual servers, pools, profiles, VLANs and self-IPs.
There are no required F5 prerequisites for this course, but completing one of the following before attending would be very helpful for students unfamiliar with BIG-IP:
Administering BIG-IP V11 instructor-led course
F5 Certified BIG-IP Administrator
In addition, the following web-based courses will be very helpful for any student with limited BIG-IP administration and configuration:
Getting Started with BIG-IP web-based training
Getting Started with BIG-IP Application Security Manager (ASM) web-based training
Network concepts and configuration
Security concepts and terminology
Web application delivery
|04/12/2017||9:00 to 16:30||Dubai|