-
Bitte beachten Sie: Die Inhalte des Kurses wurden in das Training Configuring F5 Advanced WAF integriert.
-
Do you need to secure your applications quickly from today's threats such as those from automated agents, bots, and common vulnerabilities? Are you limited by time, resources, and knowledge of your web applications? Do you need protection against CVEs without thinking too deeply about them?
In this 1 day course, participants identify and mitigate common web application vulnerabilities on the client and application sides of the threat spectrum. Participants use F5 Advanced WAF to quickly configure advanced protection against common Layer 7 vulnerabilities (OWASP Top Ten) and bot defense.
This course is intended for users who wish to rapidly deploy a basic web application security policy with minimal configuration; deploy a DoS Protection Profile to detect server stress, and block bad actors. -
Kursinhalt
-
- Chapter 1: Setting Up the BIG-IP System
- Chapter 2: Threat Overview and Guided Configuration
- Chapter 3: Exploring HTTP Traffic
- Chapter 4: Securing HTTP Traffic
- Chapter 5: Mitigating Credentials Stuffing
- Chapter 6: Using BIG-IP DataSafe
- Chapter 7: Using Layer 7 Behavioral Analysis to Mitigate DoS
Jeder Teilnehmer erhält die englischsprachigen Original-Unterlagen von F5 Networks in elektronischer Form.
-
Zielgruppe
-
This course is intended for users who wish to rapidly deploy a basic web application security policy with minimal configuration; deploy a DoS Protection Profile to detect server stress, and block bad actors.
-
Voraussetzungen
-
There are no F5-technology-specific prerequisites for this course. However, completing the following before attending would be very helpful for students with limited BIG-IP administration and configuration experience:
Administering BIG-IP instructor-led course or F5 Certified BIG-IP Administrator
The following free web-based training courses, although optional, will be very helpful for any student with limited BIG-IP administration and configuration experience. These courses are available at F5 University:
Getting Started with BIG-IP web-based training
Getting Started with BIG-IP Application Security Manager (ASM) web-based training
The following general network technology knowledge and experience are recommended before attending any F5 Global Training Services instructor-led course: OSI model encapsulation; Routing and switching; Ethernet and ARP; TCP/IP concepts; IP addressing and subnetting; NAT and private IP addressing; Default gateway; Network firewalls; LAN vs. WAN.
| Chapter 1: Setting Up the BIG-IP System |
| •Introducing the BIG-IP System |
| •Initially Setting Up the BIG-IP System |
| •Archiving the BIG-IP System Configuration |
| •Leveraging F5 Support Resources and Tools |
| Chapter 2: Threat Overview and Guided Configuration |
| •Classifying Attack Types |
| •Differentiating Benign and Malicious Clients |
| •Categorizing Attack Techniques |
| •Defining the Layer 7 Web Application Firewall |
| •Defining Traffic Processing Objects |
| •Introducing F5 Advanced WAF |
| •Using Guided Configuration for Web Application Security |
| Chapter 3: Exploring HTTP Traffic |
| •Exploring Web Application HTTP Request Processing |
| •Overview of Application-Side Vulnerabilities |
| •Defining Attack Signatures |
| •Defining Violations |
| Chapter 4: Securing HTTP Traffic |
| •Defining Learning |
| •Defining Attack Signature Staging |
| •Defining Attack Signature Enforcement |
| Chapter 5: Mitigating Credentials Stuffing |
| •Defining Credentials Stuffing Attacks |
| •The Credentials Stuffing Mitigation Workflow |
| Chapter 6: Using BIG-IP DataSafe |
| •What Elements of Application Delivery are Targeted? |
| •Exploiting the Document Object Model |
| •Protecting Applications Using DataSafe |
| •Configuring a DataSafe Profile |
| Chapter 7: Using Layer 7 Behavioral Analysis to Mitigate DoS |
| •Defining Behavioral Analysis |
| •Defining the DoS Protection Profile |
-
Classroom Training
- Bevorzugen Sie die klassische Trainingsmethode? Ein Kurs in einem unserer Training Center, mit einem kompetenten Trainer und dem direkten Austausch zwischen allen Teilnehmern? Dann buchen Sie einen der Classroom Training Termine!
-
Online Training
- Möchten Sie einen Kurs online besuchen? Zu diesem Kursthema bieten wir Ihnen Online-Kurstermine an. Als Teilnehmer benötigen Sie dazu einen PC mit Internet-Anschluss (mindestens 1 Mbit/s), ein Headset, falls Sie per VoIP arbeiten möchten und optional eine Kamera. Weitere Informationen und technische Empfehlungen finden Sie hier.
-
Inhouse-Schulung
-
Benötigen Sie einen maßgeschneiderten Kurs für Ihr Team? Neben unserem Standard-Angebot bieten wir Ihnen an, Kurse speziell nach Ihren Anforderungen zu gestalten. Gerne beraten wir Sie hierzu und erstellen Ihnen ein individuelles Angebot.
Inhouse-Schulung jetzt anfragen >>>
Die gesamte Beschreibung dieses Kurses mit Terminen und Preisen zum Download als PDF.-
Bitte beachten Sie: Die Inhalte des Kurses wurden in das Training Configuring F5 Advanced WAF integriert.
-
Do you need to secure your applications quickly from today's threats such as those from automated agents, bots, and common vulnerabilities? Are you limited by time, resources, and knowledge of your web applications? Do you need protection against CVEs without thinking too deeply about them?
In this 1 day course, participants identify and mitigate common web application vulnerabilities on the client and application sides of the threat spectrum. Participants use F5 Advanced WAF to quickly configure advanced protection against common Layer 7 vulnerabilities (OWASP Top Ten) and bot defense.
This course is intended for users who wish to rapidly deploy a basic web application security policy with minimal configuration; deploy a DoS Protection Profile to detect server stress, and block bad actors. -
Kursinhalt
-
- Chapter 1: Setting Up the BIG-IP System
- Chapter 2: Threat Overview and Guided Configuration
- Chapter 3: Exploring HTTP Traffic
- Chapter 4: Securing HTTP Traffic
- Chapter 5: Mitigating Credentials Stuffing
- Chapter 6: Using BIG-IP DataSafe
- Chapter 7: Using Layer 7 Behavioral Analysis to Mitigate DoS
Jeder Teilnehmer erhält die englischsprachigen Original-Unterlagen von F5 Networks in elektronischer Form.
-
Zielgruppe
-
This course is intended for users who wish to rapidly deploy a basic web application security policy with minimal configuration; deploy a DoS Protection Profile to detect server stress, and block bad actors.
-
Voraussetzungen
-
There are no F5-technology-specific prerequisites for this course. However, completing the following before attending would be very helpful for students with limited BIG-IP administration and configuration experience:
Administering BIG-IP instructor-led course or F5 Certified BIG-IP Administrator
The following free web-based training courses, although optional, will be very helpful for any student with limited BIG-IP administration and configuration experience. These courses are available at F5 University:
Getting Started with BIG-IP web-based training
Getting Started with BIG-IP Application Security Manager (ASM) web-based training
The following general network technology knowledge and experience are recommended before attending any F5 Global Training Services instructor-led course: OSI model encapsulation; Routing and switching; Ethernet and ARP; TCP/IP concepts; IP addressing and subnetting; NAT and private IP addressing; Default gateway; Network firewalls; LAN vs. WAN.
| Chapter 1: Setting Up the BIG-IP System |
| •Introducing the BIG-IP System |
| •Initially Setting Up the BIG-IP System |
| •Archiving the BIG-IP System Configuration |
| •Leveraging F5 Support Resources and Tools |
| Chapter 2: Threat Overview and Guided Configuration |
| •Classifying Attack Types |
| •Differentiating Benign and Malicious Clients |
| •Categorizing Attack Techniques |
| •Defining the Layer 7 Web Application Firewall |
| •Defining Traffic Processing Objects |
| •Introducing F5 Advanced WAF |
| •Using Guided Configuration for Web Application Security |
| Chapter 3: Exploring HTTP Traffic |
| •Exploring Web Application HTTP Request Processing |
| •Overview of Application-Side Vulnerabilities |
| •Defining Attack Signatures |
| •Defining Violations |
| Chapter 4: Securing HTTP Traffic |
| •Defining Learning |
| •Defining Attack Signature Staging |
| •Defining Attack Signature Enforcement |
| Chapter 5: Mitigating Credentials Stuffing |
| •Defining Credentials Stuffing Attacks |
| •The Credentials Stuffing Mitigation Workflow |
| Chapter 6: Using BIG-IP DataSafe |
| •What Elements of Application Delivery are Targeted? |
| •Exploiting the Document Object Model |
| •Protecting Applications Using DataSafe |
| •Configuring a DataSafe Profile |
| Chapter 7: Using Layer 7 Behavioral Analysis to Mitigate DoS |
| •Defining Behavioral Analysis |
| •Defining the DoS Protection Profile |
-
Classroom Training
- Bevorzugen Sie die klassische Trainingsmethode? Ein Kurs in einem unserer Training Center, mit einem kompetenten Trainer und dem direkten Austausch zwischen allen Teilnehmern? Dann buchen Sie einen der Classroom Training Termine!
-
Online Training
- Möchten Sie einen Kurs online besuchen? Zu diesem Kursthema bieten wir Ihnen Online-Kurstermine an. Als Teilnehmer benötigen Sie dazu einen PC mit Internet-Anschluss (mindestens 1 Mbit/s), ein Headset, falls Sie per VoIP arbeiten möchten und optional eine Kamera. Weitere Informationen und technische Empfehlungen finden Sie hier.
-
Inhouse-Schulung
-
Benötigen Sie einen maßgeschneiderten Kurs für Ihr Team? Neben unserem Standard-Angebot bieten wir Ihnen an, Kurse speziell nach Ihren Anforderungen zu gestalten. Gerne beraten wir Sie hierzu und erstellen Ihnen ein individuelles Angebot.
Inhouse-Schulung jetzt anfragen >>>
Die gesamte Beschreibung dieses Kurses mit Terminen und Preisen zum Download als PDF.