F5 Networks Setting Up BIG-IP Advanced WAF: Web Application Firewall (formerly ASM)

Enhance your cybersecurity skills with the F5 Networks Advanced WAF course, designed for IT professionals seeking to protect applications against common Layer 7 vulnerabilities and bot threats using advanced web application firewalls.

Course Thumbnail

Essential Skills Gained

Checkmark

Identify common web application vulnerabilities.

Checkmark

Configure advanced protection against Layer 7 threats.

Checkmark

Mitigate bot attacks effectively.

Checkmark

Leverage F5 Advanced WAF for enhanced security.

Format

  • Instructor-led
  • 1 days with lectures and hands-on labs.

Audience

  • IT Security Professionals
  • Network Administrators
  • Web Application Developers
  • System Administrators

Description

In this 1 day course, participants identify and mitigate common web application vulnerabilities on the client and application sides of the threat spectrum. Participants use F5 Advanced WAF to quickly configure advanced protection against common Layer 7 vulnerabilities (OWASP Top Ten) and bot defense.

Calendar icon

Upcoming Course Dates

No upcoming dates. Please check back later.

Course Outline

Download PDF

Lesson 1 : Setting Up the BIG-IP System

  1. Introducing the BIG-IP System

  2. Initially Setting Up the BIG-IP System

  3. Archiving the BIG-IP System Configuration

  4. Leveraging F5 Support Resources and Tools

Lesson 2 : Threat Overview and Guided Configuration

  1. Classifying Attack Types

  2. Differentiating Benign and Malicious Clients

  3. Categorizing Attack Techniques

  4. Defining the Layer 7 Web Application Firewall

  5. Defining Traffic Processing Objects

  6. Introducing F5 Advanced WAF

  7. Using Guided Configuration for Web Application Security

Lesson 3 : Exploring HTTP Traffic

  1. Exploring Web Application HTTP Request Processing

  2. Overview of Application-Side Vulnerabilities

  3. Defining Attack Signatures

  4. Defining Violations

Lesson 4 : Securing HTTP Traffic

  1. Defining Learning

  2. Defining Attack Signature Staging

  3. Defining Attack Signature Enforcement

Lesson 5 : Mitigating Credentials Stuffing

  1. Defining Credentials Stuffing Attacks

  2. The Credentials Stuffing Mitigation Workflow

Lesson 6 : Form Encryption Using BIG-IP DataSafe

  1. What Elements of Application Delivery are Targeted?

  2. Exploiting the Document Object Model

  3. Protecting Applications Using DataSafe

  4. Configuring a DataSafe Profile

Lesson 7: Deploying Threat Campaigns

  1. Defining Threat Campaigns

  2. Live Update for Threat Campaigns

Lesson 8 : Using Layer 7 Behavioral Analysis to Mitigate DoS

  1. Defining Behavioral Analysis

  2. Defining the DoS Protection Profile

Your Team has Unique Training Needs.

Your team deserves training as unique as they are.

Let us tailor the course to your needs at no extra cost.