F5 Networks Configuring BIG-IP ASM v13: Application Security Manager

Summary

Learn skills to manage Web-based and XML application attacks and use Application Security Manager to defend against these attacks, including building security policies, utilizing traffic learning, deploying Application Security Manager with various applications, and testing using realistic web site traffic.

Prerequisites

Before taking this course, you should have taken an Administering BIG-IP course (PT10611 or PT10610), have basic familiarity with HTTP, HTML and XML; and knowledge of basic web application and security concepts.

Duration

4 Days/Lecture & Lab

Audience

This course is designed for those wanting to learn skills to manage Web-based and XML application attacks and use Application Security Manager to defend against these attacks.

Topics

Setting up BIG-IP System

• Traffic Processing with BIG-IP
• Web Application Concepts
• Web Application Vulnerabilities
• Security Policy Deployment
• Policy Tuning and Violations
• Attack Signatures
• Positive Security Policy Building
• Cookies and Other Headers
• Reporting and Logging
• User Roles and Policy Modification
• Lab Project
• Advanced Parameter Handling
• Application-Ready Templates
• Automatic Policy Building
• Web Application Vulnerability Scanners
• Login Enforcement & Session Tracking
• Brute force and Web Scraping Mitigation
• Layer 7 DoS Mitigation
• ASM and iRules
• XML and Web Services
• Web 2.0 Support: JSON Profiles
• Review and Final Labs
• Additional Training and Certification