F5 BIG-IP APPLICATION SECURITY MANAGER (ASM) V12X

Code: 9764

4 days

List Tuition : $3,995.00 USD

Course Overview

    Download PDF 

In this course, you will learn how to deploy, tune, and operate BIG-IP Application Security Manager (ASM) to protect your web applications from HTTP-based attacks.

The course includes lecture, hands-on labs, and discussion about different ASM components for detecting and mitigating threats from multiple attack vectors such web scraping, Layer 7 Denial of Service, brute force, bots, code injection, and zero day.

Security and network administrators who are responsible for the installation, deployment, tuning, and day-to-day maintenance of the Application Security Manager

  • Setting up the BIG-IP system
  • Traffic processing with BIG-IP Local Traffic Manager (LTM)
  • Web application concepts
  • Web application vulnerabilities
  • Security policy deployment
  • Security policy tuning
  • Attack signatures
  • Positive security building
  • Securing cookies and other headers
  • Reporting and logging
  • User roles
  • Policy modification, merging, and exporting
  • Advanced parameter handling
  • Using application templates
  • Using Automatic Policy Builder
  • Integrating with web vulnerability scanners
  • Login enforcement and session tracking
  • Web scraping detection and mitigation
  • Layer 7 DoS protection
  • ASM and iRules
  • XML and Web Services support
  • AJAX and JSON support
  • 1. Setting Up the BIG-IP System

    • Introducing the BIG-IP System
    • Initially Setting Up the BIG-IP System
    • Archiving the BIG-IP System Configuration
    • Leveraging F5 Support Resources and Tools
    • Chapter Resources
    • BIG-IP System Setup Labs

    2. Traffic Processing with BIG-IP

    • Identifying BIG-IP Traffic Processing Objects
    • Network Packet Flow
    • Profiles
    • Local Traffic Policies and ASM

    3. Web Application Concepts

    • Anatomy of a Web Application
    • Overview of Common Security Methods
    • Examining HTTP and Web Application Components
    • Examining HTTP Headers
    • Examining HTTP Responses
    • Examining HTML Components
    • How ASM Parses File Types, URLs, and Parameters
    • Using the Fiddler HTTP Proxy Tool

    4. Web Application Vulnerabilities

    • OWASP Top 10 Vulnerabilities

    5. Security Policy Deployment

    • Comparing Positive and Negative Security
    • Using the Deployment Wizard
    • Deployment Wizard: Local Traffic Deployment
    • Deployment Wizard: Workflow
    • Reviewing Requests
    • Security Checks offered by Rapid Deployment
    • Configuring Data Guard

    6. Policy Tuning and Violations

    • Post-Configuration Traffic Processing
    • Defining False Positives
    • How Violations are Categorized
    • Violation Ratings
    • Enforcement Settings and Staging: Policy Control
    • Defining Signature Staging
    • Defining Enforcement Readiness Period
    • Defining Learning
    • Violations and Learning Suggestions
    • Learning Mode: Automatic or Manual
    • Defining Learn, Alarm and Block Settings
    • Interpreting Enforcement Readiness Summary
    • Configuring the Blocking Response Page

    7. Attack Signatures

    • Defining Attack Signatures
    • Creating User-Defined Attack Signatures
    • Attack Signature Normalization
    • Attack Signature Structure
    • Defining Attack Signature Sets
    • Defining Attack Signature Pools
    • Updating Attack Signatures
    • Attack Signatures and Staging

    8. Positive Security Policy Building

    • Defining Security Policy Components
    • Choosing an Explicit Entities Learning Scheme
    • How to learn: Add All Entities
    • Staging and Entities: The Entity Lifecycle
    • How to Learn: Never (Wildcard Only)
    • How to Learn: Selective
    • Learning Differentiation: Real Threats vs. False positives

    9. Cookies and Other Headers

    • ASM Cookies: What to Enforce
    • Allowed and Enforced Cookies
    • Configuring Security Processing on HTTP Headers

    10. Reporting and Logging

    • Reporting Capabilities in ASM
    • Viewing DoS Reports
    • Generating an ASM Security Events Report
    • Viewing Log files and Local Facilities
    • Understanding Logging Profiles

    11. User Roles and Policy Modification

    • User Roles and Partitions
    • Comparing Policies
    • Editing and Exporting Security Policies
    • Examples of ASM Deployment Types
    • Overview of ASM Synchronization
    • Collecting Diagnostic Data with asmqkview

    12. Lab Project

    • Lab Project 1

    13. Advanced Parameter Handling

    • Defining Parameters
    • Defining Static Parameters
    • Dynamic Parameters and Extractions
    • Defining Parameter Levels
    • Attack Signatures and Parameters

    14. Application-Ready Templates

    • Application Template Overview

    15. Automatic Policy Building

    • Overview of Automatic Policy Building
    • Choosing a Policy Type
    • Defining Policy Building Process Rules
    • Defining the Learning Score

    16. Web Application Vulnerability Scanners

    • Integrating ASM with Vulnerability Scanners
    • Importing Vulnerabilities
    • Resolving Vulnerabilities
    • Using the Generic XML Scanner Output

    17. Login Enforcement and Session Tracking

    • Defining a Login URL
    • Defining Session Awareness and User Tracking

    18. Brute force and Web Scraping Mitigation

    • Defining Anomalies
    • Mitigating Brute Force Attacks
    • Defining Session-Based Brute Force Protection
    • Defining Dynamic Brute Force Protection
    • Defining the Prevention Policy
    • Mitigating Web Scraping
    • Defining Geolocation Enforcement
    • Configuring IP Address Exceptions

    19. Layer 7 DoS Mitigation

    • Defining Denial of Service Attacks
    • Defining General Settings L7 DoS Profile
    • Defining TPS-Based DoS Protection
    • Defining Operation Mode
    • Defining Mitigation Methods
    • Defining Stress-Based Detection
    • Defining Proactive Bot Defense
    • Using Bot Signatures

    20. ASM and iRules

    • Defining Application Security iRule Events
    • Using ASM iRule Event Modes
    • iRule Syntax
    • ASM iRule Commands

    21. XML and Web Services

    • Defining XML
    • Defining Web Services
    • Configuring an XML Profile
    • Schema and WSDL Configuration
    • XML Attack Signatures
    • Using Web Services Security

    22. Web 2.0 Support: JSON Profiles

    • Defining Asynchronous JavaScript and XML
    • Defining JavaScript Object Notation
    • Configuring a JSON Profile

    23. Review and Final Labs

    24. Additional Training and Certification

    • Getting Started Series Web-Based Training
    • F5 Instructor Led Training Curriculum
    • F5 Professional Certification Program

    Lab 1: Installation and Setup

    • Install and Setup
    • Licensing System
    • Set Up Utility
    • Configuration Utility
    • Configuration Backup

    Lab 2: Fiddler

    Lab 3: HTTP Vulnerabilities

    Lab 4: ASM Applications Configuration

    Lab 5: Security Policy

    • Attack Signatures

    Lab 6: Rapid Deployment

    • Data Guard
    • Attack Signatures

    Lab 7: Application-Ready Security Policy

    Lab 8: Reporting

    • Remote System Log Server

    Lab 9: Partitions and User Roles

    Lab 10: Human Readable Policy

    Lab 11: Traffic Learning

    Lab 12: Parameters

    Lab 13: Security Policy Builder

    Lab 14: iRules

    • Flow Login Pages
    • Web Scraping

    Lab 15: XML and Web Services

    Lab 16: Protocol Security Manager FTP

    Request a Discounted Quote




    Bring Training to You

    Request schedule for this course

    Request a Quote for this Class

    We provide government and government contractor discounts, please request a quote

    Schedule



    total option: 0

    Hotel and Travel can be included on your quote.
    For immediate response, you can call 1-855-515-2170 or we will provide a quote within 4 business hours. Travel must be booked 14 days before training for rate to apply.

    Learn How to Become a Managed Learning Member

    Request a Quote

    Thank you for requesting a quote, we will be in touch shortly with a quote. If you need immediate assistance, please call 855-515-2170.

    Request Other Date

    Request date or location you need

    Don’t see the date or location you need? Contact us and let us know, we are adding dates and locations daily.